Tausch Ticket Script CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 18), (line:1, col:19)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (346123 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-32452	2 Themefusion, Wordpress	2 Fusion Builder, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32442	2 E2pdf, Wordpress	2 E2pdf, Wordpress	2026-04-22	4.3 Medium
Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15.
CVE-2026-32412	2 Giftup, Wordpress	2 Gift Up Gift Cards For Wordpress And Woocommerce, Wordpress	2026-04-22	5.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Gift Up! Gift Up Gift Cards for WordPress and WooCommerce gift-up allows Server Side Request Forgery.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through <= 3.1.7.
CVE-2026-32406	2 Wordpress, Wpclever	2 Wordpress, Wpc Product Bundles For Woocommerce	2026-04-22	4.3 Medium
Missing Authorization vulnerability in WPClever WPC Product Bundles for WooCommerce woo-product-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Product Bundles for WooCommerce: from n/a through <= 8.4.5.
CVE-2026-32381	2 Raratheme, Wordpress	2 App Landing Page, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a through <= 1.2.2.
CVE-2026-32380	2 Raratheme, Wordpress	2 Numinous, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in raratheme Numinous numinous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Numinous: from n/a through <= 1.3.0.
CVE-2026-32368	2 Delphiknight, Wordpress	2 Geo To Lat, Wordpress	2026-04-22	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19.
CVE-2026-31922	2 Ays-pro, Wordpress	2 Fox Lms, Wordpress	2026-04-22	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through <= 1.0.6.3.
CVE-2026-4016	1 Gpac	1 Gpac	2026-04-22	5.3 Medium
A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin_process of the file src/filters/load_svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 7618d7206cdeb3c28961dc97ab0ecabaff0c8af2. It is suggested to install a patch to address this issue.
CVE-2026-3967	1 Alfresco	1 Activiti	2026-04-22	6.3 Medium
A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the function deserialize/createObjectInputStream of the file activiti-core/activiti-engine/src/main/java/org/activiti/engine/impl/variable/SerializableType.java of the component Process Variable Serialization System. This manipulation causes deserialization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-4163	1 Wavlink	2 Wl-wn579a3, Wl-wn579a3 Firmware	2026-04-22	9.8 Critical
A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading the affected component is recommended.
CVE-2026-32487	2 Rarathemes, Wordpress	2 Lawyer Landing Page, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Landing Page: from n/a through <= 1.2.7.
CVE-2026-32462	2 Liton Arefin, Wordpress	2 Master Addons For Elementor, Wordpress	2026-04-22	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Master Addons for Elementor: from n/a through <= 2.1.3.
CVE-2026-32461	2 Really-simple-plugins, Wordpress	2 Really Simple Ssl, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through <= 9.5.7.
CVE-2026-32459	2 Flycart, Wordpress	2 Upsellwp, Wordpress	2026-04-22	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in flycart UpsellWP checkout-upsell-and-order-bumps allows Blind SQL Injection.This issue affects UpsellWP: from n/a through <= 2.2.4.
CVE-2026-32457	2 Wombat Plugins, Wordpress	2 Advanced Product Fields Product Addons For Woocommerce, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields (Product Addons) for WooCommerce: from n/a through <= 1.6.18.
CVE-2026-32454	2 Theme-fusion, Wordpress	2 Avada, Wordpress	2026-04-22	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0.
CVE-2026-32453	2 Theme-fusion, Wordpress	2 Avada, Wordpress	2026-04-22	5.3 Medium
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through < 5.15.0.
CVE-2026-32451	2 Themefusion, Wordpress	2 Fusion Builder, Wordpress	2026-04-22	6.3 Medium
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0.
CVE-2026-32449	2 Themifyme, Wordpress	2 Themify Event Post, Wordpress	2026-04-22	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Event Post themify-event-post allows Stored XSS.This issue affects Themify Event Post: from n/a through <= 1.3.4.

« first previous Page 15 of 17307. next last »