June 13, 2026CVE-2026-10580 reveals a critical authentication bypass in the Hippoo Mobile App for WooCommerce plugin (versions
June 12, 2026CVE-2026-8206 is a critical vulnerability in the Kirki plugin (versions 6.0.0 to 6.0.6) allowing unauthenticated account takeover via password reset.…
June 9, 2026CVE-2025-6254 affects the Doctreat Core plugin (versions
June 2, 2026CVE-2026-5076 affects the ARMember plugin for WordPress (up to 7.3.1) with a critical CVSS score of 9.8. This SQL injection…
May 22, 2026CVE-2026-42680 is a critical privilege escalation vulnerability in the Contest Gallery Pro plugin for WordPress, affecting versions up to 29.0.1.…
May 21, 2026CVE-2026-6960 affects BookingPress Appointment Booking Pro versions up to 5.6, allowing unauthenticated file uploads with a CVSS score of 9.8.…
May 21, 2026CVE-2026-6555 affects the ProSolution WP Client plugin (up to 2.0.0) with a critical CVSS score of 9.8. Unauthenticated attackers can…
May 20, 2026CVE-2026-6279 affects the Fusion Builder plugin for WordPress (up to version 3.15.2) with a critical CVSS score of 9.8. Unauthenticated…
May 20, 2026CVE-2026-5118 affects the Divi Form Builder plugin (up to version 5.1.2) with a critical CVSS score of 9.8, allowing unauthenticated…
May 19, 2026CVE-2026-7637 is a critical PHP Object Injection vulnerability in the Boost plugin for WordPress (up to 2.0.3) with a CVSS…
May 19, 2026CVE-2026-7284 affects the Easy Elements plugin for WordPress (up to version 1.4.4) with a critical CVSS score of 9.8. Unauthenticated…
May 18, 2026CVE-2026-4883 reveals a critical file upload vulnerability in the Piotnet Forms plugin for WordPress (up to version 2.1.40) with a…
May 18, 2026CVE-2026-4885 affects the Piotnet Addons for Elementor Pro plugin (up to version 7.1.70) with a critical CVSS score of 9.8.…
May 17, 2026CVE-2025-15484 affects the Woc Order Alert plugin (up to 3.6.2) with a critical CVSS score of 9.8, allowing remote code…
May 14, 2026CVE-2026-5229 affects the Form Notify plugin for WordPress (up to v1.1.10) with a critical CVSS score of 9.8. Unauthenticated attackers…
May 14, 2026CVE-2026-8181 affects the Burst Statistics plugin (versions 3.4.0 to 3.4.1.1) with a CVSS score of 9.8. Unauthenticated attackers can impersonate…
May 13, 2026CVE-2026-6510 is a critical vulnerability (CVSS 9.8) in the InfusedWoo Pro plugin (versions
May 13, 2026CVE-2026-6512 affects the InfusedWoo Pro plugin for WordPress (up to v5.1.2) with a critical CVSS score of 9.1. Unauthenticated attackers…
May 13, 2026CVE-2026-6271 affects the Career Section plugin for WordPress (up to version 1.7) with a critical CVSS score of 9.8. Unauthenticated…
May 5, 2026CVE-2026-5722 affects the Smart Wishlist For More Convert Premium plugin (up to v1.9.14) with a critical CVSS score of 9.8.…
