CVE-2026-24574 WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

EUVD-2026-31743

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

CVE-2026-24574

CVE-2026-24574 concerns the WordPress plugin Export WP Page to Static HTML/CSS (versions up to and including 6.0.0). The issue is a Cross-Site Request Forgery (CSRF) vulnerability in this plugin, with CVSSv3.1: base score 6.5 (Medium). Attack vector: Network; attack complexity: Low; privileges re...

WordPress QR Redirector plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin QR Redirector versions = 2.0.3...

WordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Export WP Page to Static HTML/CSS versions = 6.0.0...

CVE-2026-24597

The CVE concerns the WordPress Organization Chart plugin (WpDevArt) for WordPress, affected versions up to 1.7.5. The issue is a Cross-Site Request Forgery (CSRF) vulnerability in the Organization chart component, allowing unauthorized actions to be performed by an authenticated user in some cont...

CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

CVE-2026-24597 WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5...

WordPress Organization chart plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Organization chart versions = 1.7.5...

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

DEBIAN-CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

UBUNTU-CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

CVE-2026-24546 WordPress GamiPress plugin <= 7.6.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GamiPress: from n/a through 7.6.3...

WordPress GamiPress plugin <= 7.6.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by bosz in WordPress Plugin GamiPress versions = 7.6.3...

WordPress WPCS plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hhhai in WordPress Plugin WPCS versions = 1.3.1...

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

EUVD-2026-31719

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...