June 14, 2026CVE-2026-49767 affects the wpForo plugin for WordPress versions up to 3.1.0, allowing unauthorized access to user profiles. Update to version…
June 14, 2026CVE-2026-49764 affects the Custom Registration Form Builder With Submission Manager plugin (up to 6.0.8.6) with a CVSS score of 5.3.…
June 14, 2026CVE-2026-49775 affects the Usc E Shop plugin (up to v2.11.28) with a CVSS score of 5.3. This medium severity vulnerability…
June 14, 2026CVE-2026-49773 affects the FV Flowplayer Video Player plugin (up to version 7.5.51.7212) with a CVSS score of 6.4. Authenticated attackers…
June 14, 2026CVE-2026-49077 affects the Wp EMember plugin for WordPress (up to v10.2.2) with a medium severity CVSS score of 5.3. Unauthenticated…
June 14, 2026CVE-2026-49771 affects the Photo Gallery plugin for WordPress (up to version 1.8.41) with a medium severity score of 6.5. Authenticated…
June 14, 2026CVE-2026-49110 affects the Upsell Order Bump Offer For WooCommerce plugin (up to v3.1.4), allowing remote code execution due to missing…
June 13, 2026CVE-2019-25738 affects the Hybrid Composer plugin for WordPress (up to version 1.4.6) with a medium severity CVSS score of 5.3.…
June 13, 2026CVE-2026-49078 affects WP Travel Engine plugin versions up to 6.7.10, allowing unauthorized access due to a missing capability check. Upgrade…
June 13, 2026CVE-2026-8608 affects the Event Monster plugin (up to v2.1.0) with a medium severity (CVSS 5.3) vulnerability. Unauthenticated attackers can forge…
June 13, 2026CVE-2026-8385 affects WP Google Maps versions up to 10.0.09, allowing unauthenticated users to access sensitive marker data. Upgrade to 10.0.10…
June 13, 2026CVE-2026-49082 affects the Chatway Live Chat plugin (up to version 1.4.8), exposing sensitive data to authenticated attackers. Update to version…
June 13, 2026CVE-2026-49112 affects the Shared Files plugin for WordPress (up to version 1.7.64) with a medium severity CVSS score of 5.3.…
June 13, 2026CVE-2026-9016 affects the Debug Log Manager plugin (up to 2.5.0) with a medium severity (CVSS 5.3) vulnerability. Users should upgrade…
June 13, 2026CVE-2026-49081 affects the User Registration Stripe plugin for WordPress (up to version 1.3.12) with a CVSS score of 5.3. It…
June 13, 2026CVE-2019-25727 affects the 10WebAdManager plugin for WordPress (up to version 1.0.11) with a CVSS score of 5.3. Unauthenticated attackers can…
June 12, 2026CVE-2026-8976 affects Feedzy Rss Feeds plugin versions up to 5.1.7, allowing authenticated users to bypass authorization. Update to 5.1.8 to…
June 12, 2026CVE-2026-9719 affects the LatePoint plugin (up to v5.6.0) with a medium severity (CVSS 4.3) CSRF vulnerability. Patch to v5.6.1 to…
June 12, 2026CVE-2026-7523 affects the Alba Board plugin for WordPress (up to v2.1.3) with a medium severity (CVSS 4.3) authentication bypass vulnerability.…
June 12, 2026CVE-2026-8900 affects the Simple SEO Slideshow plugin for WordPress (up to v1.2.8) with a medium severity CVSS score of 6.4.…
