EUVD-2026-37708

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

CVE-2026-54816 WordPress Advanced Ads plugin <= 2.0.21 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

EUVD-2026-37707

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

EUVD-2026-37705

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11...

CVE-2026-54818 WordPress Slimstat Analytics plugin <= 5.4.11 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11...

WordPress wpDataTables plugin <= 7.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Expatch in WordPress Plugin wpDataTables versions = 7.4...

CVE-2026-54811

Unauthenticated SQL Injection in WP eMember v10.9.4 versions...

CVE-2026-54806

Unauthenticated PHP Object Injection in WP Activity Log = 5.6.3.1 versions...

CVE-2026-54187

Unauthenticated SQL Injection in JetEngine = 3.8.10.1 versions...

CVE-2026-54194

Contributor PHP Object Injection in Fusion Builder = 3.15.4 versions...

CVE-2026-54185

Subscriber SQL Injection in Cornerstone 7.8.8 versions...

CVE-2026-54186

Unauthenticated SQL Injection in JobSearch = 3.2.9 versions...

CVE-2026-53876

RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who logs in to the web console as an administrator...

CVE-2026-52706

Unauthenticated PHP Object Injection in JetEngine = 3.8.10 versions...

CVE-2026-49080

Unauthenticated SQL Injection in wpDataTables = 7.3.6 versions...

CVE-2026-49107

Unauthenticated PHP Object Injection in Thrive Apprentice 10.8.10.2 versions...

CVE-2026-49084

Unauthenticated SQL Injection in JetEngine 3.8.9.1 versions...

CVE-2026-49079

Unauthenticated SQL Injection in JetSearch = 3.5.17 versions...

CVE-2026-49075

Contributor PHP Object Injection in JetEngine = 3.8.9.1 versions...

CVE-2026-49076

Unauthenticated SQL Injection in JetEngine = 3.8.9.1 versions...