CVE-2026-22380

creationtimestamp| type| source ---|---|--- 2026-02-21 00:45:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfdfgwcmni25 2026-02-21 00:45:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfdfhuwzpy2k 2026-02-21 00:47:59+00:00| seen|...

CVE-2026-27169

creationtimestamp| type| source ---|---|--- 2026-02-21 00:17:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddvp6qps2t 2026-02-21 00:18:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddwqnowt2n 2026-02-23 22:20:09+00:00| seen|...

CVE-2026-27168

creationtimestamp| type| source ---|---|--- 2026-02-21 00:17:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddvo54ng25 2026-02-21 00:18:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddwj3bfn2h 2026-02-21 03:00:29+00:00| seen|...

CVE-2026-27203

creationtimestamp| type| source ---|---|--- 2026-02-21 00:17:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddvgzhlh2c 2026-02-21 00:18:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddwb7iuy2s...

CVE-2026-26323

creationtimestamp| type| source ---|---|--- 2026-02-20 19:14:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfcsxtdjwp2c 2026-02-20 19:46:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfcuq2q7qb2v...

CVE-2026-25332

Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...

CVE-2026-1219

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'loadtracknoteajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers...

CVE-2025-13842

The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including 7.5.0. This is due to the Gutenberg block renderer trusting the $REQUEST'postid' parameter without verification in the...

CVE-2026-1646

The Advance Block Extend plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TitleColor block attribute in the Latest Posts Gutenberg block in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-2690

creationtimestamp| type| source ---|---|--- 2026-02-20 04:40:12+00:00| seen| https://bsky.app/profile/potato.software/post/3mfbc45wxy22a 2026-02-20 04:40:12+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfbc456caj2e...

CVE-2026-26980

creationtimestamp| type| source ---|---|--- 2026-02-20 02:18:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfb266mz4n2f 2026-02-20 02:18:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfb26hfbr72n 2026-02-20 02:18:46+00:00| seen|...

CVE-2025-30412

creationtimestamp| type| source ---|---|--- 2026-02-20 01:19:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawunhsjr2x 2026-02-20 01:19:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawv76wt32k 2026-02-20 16:00:16+00:00| seen|...

CVE-2025-30411

creationtimestamp| type| source ---|---|--- 2026-02-20 01:18:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawsz3ojr2f 2026-02-20 01:18:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawtwqa5o2h 2026-02-20 01:19:02+00:00| seen|...

CVE-2025-30410

creationtimestamp| type| source ---|---|--- 2026-02-20 01:18:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawsrqlx52d 2026-02-20 01:18:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawtp73ed2k 2026-02-20 01:18:55+00:00| seen|...

CVE-2026-26975

creationtimestamp| type| source ---|---|--- 2026-02-20 01:17:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawskqi6z2f 2026-02-20 01:18:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfawti2fy32k 2026-02-20 01:30:31+00:00| seen|...

CVE-2025-71243

creationtimestamp| type| source ---|---|--- 2026-02-19 16:31:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf7zfeggqx2u 2026-02-19 16:32:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf7zhav6ty2t 2026-03-09 09:47:36+00:00| seen|...

CVE-2026-25940

creationtimestamp| type| source ---|---|--- 2026-02-19 16:30:19+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mf7zczbkxv2o 2026-02-19 16:30:21+00:00| seen| https://infosec.exchange/users/offseq/statuses/116098244070941374 2026-02-19 16:31:25+00:00| seen|...

CVE-2026-2386

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 6.4.7. This is due to the tpaecreatepage AJAX handler authorizing users only with...

CVE-2026-1219

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'loadtracknoteajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers...

CVE-2026-1219 MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 4.0 - 5.10 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'loadtracknoteajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers...