May 18, 2026CVE-2026-42386 affects the Order Delivery Date For WooCommerce plugin (up to v4.5.1) with a CVSS score of 7.5. Patch to…
May 18, 2026CVE-2026-42649 affects the Favicon Rotator plugin for WordPress (up to version 1.2.11) with a CVSS score of 7.2. Unauthenticated attackers…
May 18, 2026CVE-2026-42381 affects the Funnel Builder plugin for WordPress (up to 3.15.0.1) with a high severity SQL injection vulnerability (CVSS 7.5).…
May 17, 2026CVE-2026-42653 affects the SliceWP Affiliates plugin (up to v1.2.6) with a CVSS score of 7.2, exposing users to stored XSS…
May 17, 2026CVE-2026-3772 affects WP Editor plugin versions up to 1.2.9.2 with a CVSS score of 8.8. It allows unauthenticated attackers to…
May 17, 2026CVE-2026-42774 affects the Jet Engine plugin for WordPress (up to version 3.8.8.1) with a CVSS score of 7.5. Unauthenticated SQL…
May 17, 2026CVE-2026-42650 affects AutomatorWP plugin versions up to 5.6.7, with a CVSS score of 7.2. This high-severity XSS vulnerability allows unauthenticated…
May 17, 2026CVE-2026-42658 affects the Classified Listing plugin for WordPress (up to version 5.3.8) with a CVSS score of 7.2. Users should…
May 16, 2026CVE-2026-4935 affects the Suretriggers plugin for WordPress, with a CVSS score of 7.5. This high-severity SQL injection vulnerability allows unauthenticated…
May 16, 2026CVE-2026-42665 affects the WP Data Access plugin (up to version 5.5.70) with a CVSS score of 7.5. This high-severity SQL…
May 16, 2026CVE-2026-8719 affects the Ai Engine plugin for WordPress (up to version 3.4.9) with a CVSS score of 8.8. This high-severity…
May 16, 2026CVE-2026-40798 affects the wpForo plugin for WordPress (up to v3.0.4) with a CVSS score of 7.5. This high-severity SQL injection…
May 16, 2026CVE-2026-42773 affects the Store Manager Connector plugin for WordPress (up to version 1.3.2) with a CVSS score of 7.5. Unauthenticated…
May 15, 2026CVE-2026-4029 affects the Wp Db Backup plugin (up to version 2.5.2) with a high severity CVSS of 7.5, allowing unauthorized…
May 15, 2026CVE-2026-6177 affects the Custom Twitter Feeds plugin for WordPress (up to version 2.5.4) with a CVSS score of 7.2. This…
May 15, 2026CVE-2026-4609 affects the ProfileGrid User Profiles plugin (up to 5.9.8.4) with a CVSS score of 7.1. Authenticated attackers can join…
May 15, 2026CVE-2026-7635 affects the Coreactivity plugin for WordPress (versions up to 3.0) with a CVSS score of 8.1. Unauthenticated attackers can…
May 15, 2026CVE-2026-6690 affects the LifePress plugin for WordPress (up to version 2.2.2) with a CVSS score of 7.2. This high-severity stored…
May 14, 2026CVE-2026-6228 affects the ACF Frontend Form Element plugin for WordPress (up to version 3.28.36) with a CVSS score of 8.8.…
May 14, 2026CVE-2026-6403 affects the Quick Playground plugin for WordPress (up to version 1.3.3) with a high severity CVSS score of 7.5.…
