June 13, 2026CVE-2026-49104 affects the Cf7 Infusionsoft plugin (up to version 1.2.1) with a high severity CVSS score of 8.1. Unauthenticated attackers…
June 13, 2026CVE-2026-49105 affects the Cf7 Zendesk plugin for WordPress (up to 1.1.4) with a high severity CVSS score of 8.1. Unauthenticated…
June 13, 2026CVE-2026-49085 affects the Cf7 Insightly plugin for WordPress, with a CVSS score of 8.1. Users should upgrade to version 1.1.5…
June 12, 2026CVE-2026-8438 affects the All In One WP Security And Firewall plugin (up to version 5.4.7) with a CVSS score of…
June 12, 2026CVE-2026-5415 affects the Advanced Google Recaptcha plugin, allowing authenticated attackers to bypass authentication due to a nonce check flaw. Users…
June 11, 2026CVE-2026-7537 affects the Mobile Dj Manager plugin (up to 1.7.8.3) with a CVSS score of 7.2. Authenticated attackers can exploit…
June 11, 2026CVE-2026-8901 affects the Crm Integration Freshworks Any Form plugin (up to v1.0.15) with a CVSS score of 7.2. It allows…
June 10, 2026CVE-2026-10795 affects UpdraftPlus plugin versions up to 1.26.4 with a high severity CVSS score of 8.1. Patch to 1.26.5 to…
June 10, 2026CVE-2026-9185 affects the 6Storage Rentals plugin for WordPress (up to 2.22.0) with a CVSS score of 7.5. Unauthenticated attackers can…
June 10, 2026CVE-2026-7556 affects the FV WordPress Flowplayer plugin with a CVSS score of 7.2. This high-severity XSS vulnerability allows attackers to…
June 10, 2026CVE-2026-9851 affects the Booking Package plugin for WordPress (up to v1.7.16) with a CVSS score of 7.2. Authenticated attackers can…
June 9, 2026CVE-2026-3018 affects the Newsletters Lite plugin for WordPress (up to v4.13) with a CVSS score of 7.5. This high-severity SQL…
June 9, 2026CVE-2026-11616 affects the Events For Geodirectory plugin (up to version 2.3.28) with a CVSS score of 8.8. Authenticated users can…
June 9, 2026CVE-2026-9662 reveals a high severity Local File Inclusion vulnerability in the Recover Exit For WooCommerce plugin (up to 1.0.3). Unauthenticated…
June 2, 2026CVE-2026-5073 reveals a high severity SQL injection vulnerability in the ARMember plugin for WordPress, affecting versions up to 7.3.1. Users…
June 2, 2026CVE-2026-1829 affects the Content Visibility For Divi Builder plugin (up to version 4.02) with a CVSS score of 8.8. Authenticated…
May 22, 2026CVE-2026-6895 affects the WishList Member plugin (up to version 3.30.1) with a CVSS score of 8.8. It allows privilege escalation…
May 22, 2026CVE-2026-6419 affects Wishlist Member X plugin versions up to 3.30.1, allowing privilege escalation for authenticated users. With a CVSS score…
May 22, 2026CVE-2026-9284 affects the WooCommerce PayPal Payments plugin (up to 4.0.1) with a CVSS of 8.2. It allows unauthorized order manipulation…
May 22, 2026CVE-2026-6898 affects Wishlist Member X plugin versions up to 3.30.1, allowing authenticated attackers to take over sites by modifying the…
