CVE-2026-4066

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relationalpostssearch function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abov...

EUVD-2024-16622

Malicious code in bioql PyPI...

EUVD-2024-33478

Malicious code in bioql PyPI...

CVE-2024-10693

The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.3 via the Unfold widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level acces...

PT-2023-16593 · WordPress · Shortcodes Ultimate

Name of the Vulnerable Software and Affected Versions: Shortcodes Ultimate WordPress plugin versions prior to 5.12.8 Description: The issue allows any authenticated users, such as subscribers, to view draft, private, or even password-protected posts. It is also possible to leak the password of...