CVE-2026-49057 WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in JobSearch = 3.2.7 versions...

CVE-2026-39433

The CVE-2026-39433 entry concerns the WordPress WPAMS plugin (Apartment Management) with versions

CVE-2026-39433 WordPress WPAMS plugin < 49.5.3 - Arbitrary Content Deletion vulnerability

Subscriber Arbitrary Content Deletion in WPAMS 49.5.3 versions...

CVE-2026-34895

The CVE covers WordPress Softlab Core plugin, versions prior to 1.2.11, affected by an unauthenticated Local File Inclusion. The root cause is an LFI flaw in Softlab Core

CVE-2026-34894 WordPress Integrio Core plugin < 1.2.8 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Integrio Core 1.2.8 versions...

CVE-2026-34893 WordPress Thegov Core plugin < 2.0.23 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Thegov Core 2.0.23 versions...

CVE-2026-27395 WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...

CVE-2026-27395

Vulnerability: WordPress Support Board plugin fallbacks to Privilege Escalation in versions

CVE-2025-69131 WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

CVE-2024-24909

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

CVE-2024-24909

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

EUVD-2024-55622

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulnerability to escalate privileges. The malicious user may gain the ability to run arbitrary code...

CVE-2024-24909

The CVE affects Dell OpenManage Integration with Microsoft Windows Admin Center, specifically the gateway plugin, which contains a Remote Code Execution vulnerability. A remote authenticated user could potentially escalate privileges and run arbitrary code remotely, with a CVSS v3.1 base score of...

WordPress JobSearch plugin <= 3.2.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin JobSearch versions = 3.2.9...

CVE-2026-8442

The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8. This is due to missing authorization checks on the wpfbhidereview and wprpsavereviewadmin AJAX handlers combined with insufficient path validation in the wpfbhidereviewaj...

CVE-2026-8176

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...

CVE-2026-52714

Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO = 12.4.16 versions...

CVE-2026-39581

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

CVE-2026-8176

CVE-2026-8176 affects the LatePoint – Calendar Booking Plugin for WordPress. In versions up to 5.5.1, three independent flaws allow an authenticated Agent+ to overwrite a WordPress Administrator’s password without using an Administrator-only API, enabling privilege escalation to Administrator. Th...

EUVD-2026-37060

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...