🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2019-25560 | High | 7.5 |
Lyric Video Creator 2.1 contains a denial of service vulnerability that allows attackers to crash the application by pro…
|
— | Mar 21, 2026 |
| CVE-2019-25579 | High | 7.5 |
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbit…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-4528 | High | 7.3 |
A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of th…
|
— | Mar 21, 2026 |
| CVE-2019-25573 | High | 7.1 |
Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queri…
|
⚡ Exploit | Mar 21, 2026 |
| CVE-2026-32043 | Medium | 6.5 |
OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run exec…
|
— | Mar 21, 2026 |
| CVE-2026-2375 | Medium | 6.5 |
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Privilege Escalat…
|
— | Mar 21, 2026 |
| CVE-2026-32054 | Medium | 6.5 |
OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in browser trace and download output path…
|
— | Mar 21, 2026 |
| CVE-2019-25574 | Medium | 6.5 |
Green CMS 2.x contains a path traversal vulnerability that allows authenticated attackers to download arbitrary files an…
|
— | Mar 21, 2026 |
| CVE-2019-25582 | Medium | 6.5 |
i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensi…
|
— | Mar 21, 2026 |
| CVE-2026-2351 | Medium | 6.5 |
The Task Manager plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.0.2 v…
|
— | Mar 21, 2026 |
| CVE-2026-2720 | Medium | 6.5 |
The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing …
|
— | Mar 21, 2026 |
| CVE-2026-2290 | Medium | 6.5 |
The Post Affiliate Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and incl…
|
— | Mar 21, 2026 |
| CVE-2026-2503 | Medium | 6.5 |
The ElementCamp plugin for WordPress is vulnerable to time-based SQL Injection via the 'meta_query[compare]' parameter i…
|
— | Mar 21, 2026 |
| CVE-2026-32053 | Medium | 6.5 |
OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized even…
|
— | Mar 21, 2026 |
| CVE-2026-4087 | Medium | 6.5 |
The Pre* Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hint_ids' parameter of the pp…
|
— | Mar 21, 2026 |
| CVE-2026-4004 | Medium | 6.5 |
The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all…
|
— | Mar 21, 2026 |
| CVE-2026-1275 | Medium | 6.4 |
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' s…
|
— | Mar 21, 2026 |
| CVE-2026-1093 | Medium | 6.4 |
The WPFAQBlock– FAQ & Accordion Plugin For Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | Mar 21, 2026 |
| CVE-2026-1575 | Medium | 6.4 |
The Schema Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `itemscope` shor…
|
— | Mar 21, 2026 |
| CVE-2026-0609 | Medium | 6.4 |
The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored …
|
— | Mar 21, 2026 |