May 22, 2026CVE-2026-6419 affects Wishlist Member X plugin versions up to 3.30.1, allowing privilege escalation for authenticated users. With a CVSS score…
May 22, 2026CVE-2026-8073 affects the Kirki plugin for WordPress (up to version 6.0.6) with a CVSS score of 7.5. Unauthenticated attackers can…
May 22, 2026CVE-2026-42672 reveals a high-severity SQL injection vulnerability in the WP Directory Kit plugin for WordPress (up to 1.5.1). Unauthenticated attackers…
May 22, 2026CVE-2026-42678 affects the GiveWP plugin (up to version 4.14.5) with a high severity CVSS score of 7.2 due to stored…
May 21, 2026CVE-2026-8679 affects the AudioIgniter plugin (v2.0.2) with a CVSS score of 7.5. Unauthenticated attackers can access sensitive playlist metadata. Update…
May 21, 2026CVE-2026-9011 affects the Ditty News Ticker plugin (up to version 3.1.65) with a CVSS score of 7.5. This high-severity authentication…
May 21, 2026CVE-2026-9018 affects Easy Elements plugin versions up to 1.4.5, allowing unauthenticated privilege escalation with a CVSS score of 8.8. Ensure…
May 21, 2026CVE-2026-4834 affects the WP ERP Pro plugin (up to v1.5.1) with a high severity CVSS score of 7.5. This SQL…
May 20, 2026CVE-2026-6456 affects the Account Switcher plugin for WordPress (up to version 1.0.2) with a high severity CVSS score of 8.8.…
May 19, 2026CVE-2026-7613 affects the Pixel Cost Of Goods plugin for WordPress (up to 1.2.12) with a high severity CVSS score of…
May 19, 2026CVE-2026-5200 affects the AcyMailing plugin (up to version 10.8.2) with a CVSS score of 8.8. Authenticated attackers can exploit this…
May 19, 2026CVE-2026-7522 affects the Advanced Database Cleaner Premium plugin (up to v4.1.0) with a CVSS score of 8.8. Authenticated attackers can…
May 19, 2026CVE-2026-7467 affects the Expand Maker plugin (up to version 3.5.7) with a CVSS score of 8.8. This high-severity privilege escalation…
May 19, 2026CVE-2026-3985 affects the Creative Mail By Constant Contact plugin (up to v1.6.9) with a CVSS score of 7.5. This high-severity…
May 19, 2026CVE-2026-9010 affects the Boost plugin for WordPress (up to version 2.0.3) with a CVSS score of 7.5. Unauthenticated SQL injection…
May 18, 2026CVE-2026-42639 affects the GD Rating System plugin for WordPress (up to version 3.6.2) with a CVSS score of 7.5. Unauthenticated…
May 18, 2026CVE-2026-8912 affects the Contest Gallery plugin for WordPress (up to 28.1.6) with a CVSS score of 7.5. This high-severity SQL…
May 18, 2026CVE-2026-42647 reveals a high severity SQL Injection vulnerability in the Joomsport Sports League Results Management plugin for WordPress (versions up…
May 18, 2026CVE-2026-5306 affects the Check Email plugin (up to version 2.0.13) with a CVSS score of 7.2 due to stored XSS…
May 18, 2026CVE-2026-42385 affects Profile Builder Pro versions up to 3.15.0, with a CVSS score of 7.2. This high-severity stored XSS vulnerability…
