NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-39628	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection....	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39627	Missing Authorization vulnerability in wproyal Ashe ashe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects As...	2026-04-08	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39626	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This i...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39625	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes TechOne techone allows Code Injection.This i...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39624	Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39623	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Biolife biolife al...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-39622	Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Level...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39621	Cross-Site Request Forgery (CSRF) vulnerability in spicethemes SpicePress spicepress allows Upload a Web Shell to a Web Server.This issue affects Spic...	2026-04-08	8.8	NETWORK	HIGH	NVD
CVE-2026-39620	Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Appointment appointment allows Upload a Web Shell to a Web Server.This issue affect...	2026-04-08	9.6	NETWORK	CRITICAL	NVD
CVE-2026-39619	Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busi...	2026-04-08	9.6	NETWORK	CRITICAL	NVD
CVE-2026-39618	Cross-Site Request Forgery (CSRF) vulnerability in themearile NewsExo newsexo allows Cross Site Request Forgery.This issue affects NewsExo: from n/a t...	2026-04-08	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39617	Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Bluestreet bluestreet allows Cross Site Request Forgery.This issue affects Bluestre...	2026-04-08	9.6	NETWORK	CRITICAL	NVD
CVE-2026-39616	Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments download-attachments allows Exploiting Incorrectly Con...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39615	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahjada Download Manager download-manager allow...	2026-04-08	5.9	NETWORK	MEDIUM	NVD
CVE-2026-39614	Missing Authorization vulnerability in ilGhera JW Player for WordPress jw-player-7-for-wp allows Exploiting Incorrectly Configured Access Control Secu...	2026-04-08	5.4	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.