May 14, 2026CVE-2026-7046 affects the Nex Forms Express WP Form Builder plugin (up to version 9.1.12) with a CVSS score of 4.9.…
May 14, 2026CVE-2026-4683 affects the Smartcat WPML plugin (up to v3.1.77) with a CVSS score of 6.5. Unauthenticated attackers can overwrite API…
May 14, 2026CVE-2026-8425 affects the Notify Odoo plugin for WordPress (up to 1.0.1) with a medium severity (CVSS 4.3) CSRF vulnerability. Unauthenticated…
May 14, 2026CVE-2026-7563 affects the Classified Listing plugin for WordPress (up to version 5.3.10), allowing authenticated users to add unauthorized order notes.…
May 14, 2026CVE-2026-5361 affects Envira Gallery Lite plugin versions up to 1.12.4, with a medium severity score of 6.4. Users should update…
May 14, 2026CVE-2026-6415 affects the Advanced Custom Fields Font Awesome plugin (up to version 5.0.2) with a medium severity (CVSS 6.4) Stored…
May 14, 2026CVE-2026-7525 affects the My Calendar plugin for WordPress (up to 3.7.9) with a medium severity (CVSS 4.3) authentication bypass. Update…
May 14, 2026CVE-2026-3829 affects the WP Letsencrypt Ssl plugin (up to version 7.8.5.10) with a medium severity CVSS score of 5.4. Authenticated…
May 14, 2026CVE-2026-5243 affects The Plus Addons for Elementor plugin (up to 6.4.11) with a medium severity XSS vulnerability. Users should update…
May 14, 2026CVE-2026-5486 affects Unlimited Elements for Elementor (up to version 2.0.7) with a CVSS score of 6.5. This medium severity SQL…
May 14, 2026CVE-2026-7648 affects LearnPress plugin versions up to 4.3.5, allowing authenticated users to bypass payments for courses. Upgrade to version 4.3.6…
May 13, 2026CVE-2026-6504 affects the Royal Elementor Addons plugin (up to v1.7.1058) with a CVSS score of 6.4. This medium severity stored…
May 13, 2026CVE-2026-6225 affects the Taskbuilder plugin for WordPress (v5.0.6 and below) with a CVSS score of 6.5. Authenticated users can exploit…
May 13, 2026CVE-2026-6252 affects the Display A Meta Field As Block plugin (up to v1.5.2) with a CVSS score of 6.4. Authenticated…
May 13, 2026CVE-2026-6145 affects the User Registration plugin for WordPress (up to 5.1.5) with a CVSS score of 5.3. Unauthenticated attackers can…
May 13, 2026CVE-2026-6206 affects the MW WP Form plugin (up to version 5.1.2) with a medium severity (CVSS 5.3) vulnerability allowing data…
May 13, 2026CVE-2026-3694 affects the Bold Page Builder plugin (up to v5.6.8) with a medium severity CVSS score of 6.4. Authenticated attackers…
May 13, 2026CVE-2026-5193 affects the Essential Addons For Elementor Lite plugin (up to v6.5.13), allowing privilege escalation for authenticated users. Update to…
May 13, 2026CVE-2026-6670 affects the Media Sync plugin for WordPress (up to v1.4.9) with a medium severity (CVSS 6.5) Path Traversal vulnerability.…
May 13, 2026CVE-2026-5365 affects the LatePoint plugin for WordPress (up to 5.3.2) with a medium severity CVSS score of 4.3. Unauthenticated attackers…
