CVE-2026-9178

The WP Forms Connector plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.8. The plugin registers the REST route wp/v3/user/list/ callback userDetail with permissioncallback set to 'returntrue', and the function's home-grown authentication only...

CVE-2026-4297

The Welcome Software Publishing plugin for WordPress is vulnerable to Arbitrary Options Update in all versions up to and including 0.0.31. This is due to a missing capability check in the ncsetOption function, which is exposed via the nc.setOption XML-RPC method. The function authenticates the us...

CVE-2026-8622

The CVE-2026-8622 entry concerns the WordPress plugin Image Sizes on Demand (versions affected: all up to and including 1.3). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the PHP_SELF server variable caused by insufficient input sanitization and output escaping. It allows unaut...

EUVD-2026-38679

The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up to, and including, 1.0.0. This is due to the pravelchangepassword AJAX handler — registered via wpajaxnoprivpravelchangepassword and...

CVE-2026-4297

The CVE concerns the Welcome Software Publishing WordPress plugin (

EUVD-2026-38664

The Welcome Software Publishing plugin for WordPress is vulnerable to Arbitrary Options Update in all versions up to and including 0.0.31. This is due to a missing capability check in the ncsetOption function, which is exposed via the nc.setOption XML-RPC method. The function authenticates the us...

EUVD-2026-38661

The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8. This is due to insufficient escaping on the user-supplied 'order' parameter read directly from $GET'order' into...

Masteriyo LMS <= 1.7.2 - Unauthenticated Privilege Escalation

The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the updateloggedinuser function in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers t...

PAN-OS Management Web Interface - Authentication Bypass

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege...

Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting

PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute...

Piwigo 13.7.0 - SQL Injection

Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vulnerability in the login of the administrator screen. The SQL statement that acquires the HTTP Header User-Agent is vulnerable at the endpoint that records user information when logging in to the...

Netgear-WN604 downloadFile.php - Information Disclosure

There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be...

Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass

The WordPress Social Login and Register Discord, Google, Twitter, LinkedIn plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes...

Payara Server - Cross-Site Scripting

Payara Server versions 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 contain a stored XSS vulnerability caused by improper input sanitization in the REST Management Interface. This allows attackers to mislead administrators into changing the admin password via a URL payload; however, the exploit...

Limit Login Attempts - Stored Cross-Site Scripting

Limit Login Attempts WordPress plugin 4.0.72 contains a stored cross-site scripting caused by unsanitized and unescaped settings, letting malicious administrators inject Javascript code, exploit requires administrator privileges. id: CVE-2022-1029 info: name: Limit Login Attempts - Stored...

WordPress User Registration & Membership <= 5.1.2 - Unauthenticated Privilege Escalation

User Registration & Membership WordPress plugin = 5.1.2 contains an improper privilege management vulnerability caused by accepting user-supplied roles without server-side allowlist enforcement, letting unauthenticated attackers create administrator accounts id: CVE-2026-1492 info: name: WordPres...

WordPress File Upload Plugin < 4.24.8 - Cross-Site Scripting

The WordPress File Upload plugin before version 4.24.8 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the 'dir' parameter in the file browser page before outputting it back, which could allow attackers to execute arbitrary JavaScript code...

HyperComments <= 1.2.2 - Arbitrary Options Update

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hcrequesthandler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to...

SysAid On-Prem <= 23.3.40 - XML External Entity

SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives. id: CVE-2025-2775 info: name: SysAid On-Prem = 23.3.40 - XML External Entity...

The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation

The Opal Estate Pro plugin ≤ 1.7.5 is vulnerable to privilege escalation. Due to missing role restrictions in the onregisteruser function, users can register with any role. This allows unauthenticated attackers to create administrator accounts. id: CVE-2025-6934 info: name: The Opal Estate Pro –...