🛡️ مركز معلومات الثغرات
قاعدة بيانات الثغرات والتهديدات الأمنية المحدّثة
| المعرّف | الخطورة | CVSS | الوصف | الحالة | النشر |
|---|---|---|---|---|---|
| CVE-2026-6348 | مرتفع | 8.8 |
WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local…
|
— | أبريل 16, 2026 |
| CVE-2026-33083 | مرتفع | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | أبريل 16, 2026 |
| CVE-2026-40502 | مرتفع | 8.8 |
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with cha…
|
— | أبريل 16, 2026 |
| CVE-2026-3489 | مرتفع | 7.5 |
The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection vi…
|
— | أبريل 16, 2026 |
| CVE-2026-5050 | مرتفع | 7.5 |
The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptog…
|
— | أبريل 16, 2026 |
| CVE-2026-40246 | مرتفع | 7.5 |
free5GC is an open-source implementation of the 5G core network. In versions 1.4.2 and below of the UDR service, the han…
|
⚡ Exploit | أبريل 16, 2026 |
| CVE-2026-3599 | مرتفع | 7.5 |
The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within…
|
— | أبريل 16, 2026 |
| CVE-2026-40247 | مرتفع | 7.5 |
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the han…
|
⚡ Exploit | أبريل 16, 2026 |
| CVE-2026-6351 | مرتفع | 7.5 |
MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers …
|
— | أبريل 16, 2026 |
| CVE-2026-3876 | مرتفع | 7.2 |
The Prismatic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prismatic_encoded' pseudo-short…
|
— | أبريل 16, 2026 |
| CVE-2026-3773 | متوسط | 6.5 |
The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scan_id' parameter …
|
— | أبريل 16, 2026 |
| CVE-2026-40503 | متوسط | 6.5 |
OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat a…
|
— | أبريل 16, 2026 |
| CVE-2026-3299 | متوسط | 6.4 |
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode …
|
— | أبريل 16, 2026 |
| CVE-2026-3875 | متوسط | 6.4 |
The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs_feedback_form' shor…
|
— | أبريل 16, 2026 |
| CVE-2026-3878 | متوسط | 6.4 |
The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parame…
|
— | أبريل 16, 2026 |
| CVE-2026-5070 | متوسط | 6.4 |
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions …
|
— | أبريل 16, 2026 |
| CVE-2026-1572 | متوسط | 6.4 |
The Livemesh Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cro…
|
— | أبريل 16, 2026 |
| CVE-2025-13364 | متوسط | 6.4 |
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnera…
|
— | أبريل 16, 2026 |
| CVE-2026-2840 | متوسط | 6.4 |
The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Sc…
|
— | أبريل 16, 2026 |
| CVE-2026-3885 | متوسط | 6.4 |
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
|
— | أبريل 16, 2026 |