Sonicdicom Media Viewer CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 34), (line:1, col:35)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (336508 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-28115	2 Loopus, Wordpress	2 Wp Attractive Donations System - Easy Stripe & Paypal Donations, Wordpress	2026-03-06	9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP_AttractiveDonationsSystem allows Blind SQL Injection.This issue affects WP Attractive Donations System - Easy Stripe & Paypal donations: from n/a through <= 1.25.
CVE-2026-28117	2 Axiomthemes, Wordpress	2 Smart Seo, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through <= 2.9.
CVE-2026-28118	2 Axiomthemes, Wordpress	2 Welldone, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Welldone welldone allows PHP Local File Inclusion.This issue affects Welldone: from n/a through <= 2.4.
CVE-2026-28119	2 Axiomthemes, Wordpress	2 Nirvana, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Nirvana nirvana allows PHP Local File Inclusion.This issue affects Nirvana: from n/a through <= 2.6.
CVE-2026-28120	2 Themerex, Wordpress	2 Dr.patterson, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Dr.Patterson dr-patterson allows PHP Local File Inclusion.This issue affects Dr.Patterson: from n/a through <= 1.3.2.
CVE-2026-28121	2 Ancorathemes, Wordpress	2 Anderson, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Anderson andersonclinic allows PHP Local File Inclusion.This issue affects Anderson: from n/a through <= 1.4.2.
CVE-2026-28122	2 Cridio, Wordpress	2 Listingpro, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through <= 2.9.8.
CVE-2026-28123	2 Ancorathemes, Wordpress	2 Veil, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through <= 1.9.
CVE-2026-28124	2 Ancorathemes, Wordpress	2 Notarius, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Notarius notarius allows PHP Local File Inclusion.This issue affects Notarius: from n/a through <= 1.9.
CVE-2026-28125	2 Ancorathemes, Wordpress	2 Midi, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Midi midi allows PHP Local File Inclusion.This issue affects Midi: from n/a through <= 1.14.
CVE-2026-28126	2 Sizam, Wordpress	2 Rh Frontend Publishing Pro, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sizam RH Frontend Publishing Pro rh-frontend allows Reflected XSS.This issue affects RH Frontend Publishing Pro: from n/a through <= 4.3.2.
CVE-2026-28127	2 E-plugins, Wordpress	2 Lawyer Directory, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Lawyer Directory lawyer-directory allows Reflected XSS.This issue affects Lawyer Directory: from n/a through <= 1.3.2.
CVE-2026-28128	2 Themerex, Wordpress	2 Verse, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through <= 1.7.0.
CVE-2026-28129	2 Axiomthemes, Wordpress	2 Little Birdies, Wordpress	2026-03-06	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Little Birdies little-birdies allows PHP Local File Inclusion.This issue affects Little Birdies: from n/a through <= 1.3.16.
CVE-2026-28130	2 Andondesign, Wordpress	2 Udesign, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign u-design allows Reflected XSS.This issue affects UDesign: from n/a through <= 4.14.0.
CVE-2026-28133	2 Wordpress, Wp Chill	2 Wordpress, Filr	2026-03-06	N/A
Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through <= 1.2.12.
CVE-2026-28134	2 Crocoblock, Wordpress	2 Jetengine, Wordpress	2026-03-06	8.5 High
Improper Control of Generation of Code ('Code Injection') vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through <= 3.7.2.
CVE-2026-28135	2 Wordpress, Wp Royal	2 Wordpress, Royal Elementor Addons	2026-03-06	N/A
Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1049.
CVE-2026-28137	2 Quanticalabs, Wordpress	2 Medicenter - Health Medical Clinic, Wordpress	2026-03-06	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs MediCenter - Health Medical Clinic medicenter allows Reflected XSS.This issue affects MediCenter - Health Medical Clinic: from n/a through <= 14.9.
CVE-2026-2418	2 Login With Salesforce, Wordpress	2 Login With Salesforce, Wordpress	2026-03-06	9.1 Critical
The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email

« first previous Page 27 of 16826. next last »