Known Vulnerabilities for Wp All Export by Soflyy

Listed below are 2 of the newest known vulnerabilities associated with "Wp All Export" by "Soflyy".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-58375 json JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @Ji... Not Provided 2026-06-30 2026-07-01
CVE-2026-58174 json Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the... Not Provided 2026-06-30 2026-06-30
CVE-2026-56042 json Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions. Not Provided 2026-06-25 2026-06-25
CVE-2026-55198 json Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export endpoint that allows authen... Not Provided 2026-06-17 2026-06-17
CVE-2026-54299 json Astro is a web framework. Prior to 6.4.6, Astro SSR apps with prerendered error pages (/404 or /500 using export const preren... Not Provided 2026-06-22 2026-06-23
CVE-2026-54066 json SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, the patch for CVE-2026-41894 ("Path Traversal ... Not Provided 2026-06-24 2026-06-25
CVE-2026-53906 json MCO is vulnerable to Path Disclosure and Path Traversal in file handling functionality related to data export and upload. Imp... Not Provided 2026-07-01 2026-07-01
CVE-2026-50871 json An OS command injection vulnerability in the media archiving and export pipeline component of kanishka-linux Reminiscence v0.... Not Provided 2026-06-15 2026-06-16
CVE-2026-50733 json Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowi... Not Provided 2026-06-05 2026-06-05
CVE-2026-49952 json Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated r... Not Provided 2026-06-15 2026-06-16
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report