CVE-2026-1786

The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dgtwoptions' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including...

CVE-2026-20654

creationtimestamp| type| source ---|---|--- 2026-02-12 02:47:13+00:00| seen| https://bsky.app/profile/speedyfriend67.bsky.social/post/3memy2pauyc2i 2026-02-12 02:47:56+00:00| seen| https://bsky.app/profile/speedyfriend67.bsky.social/post/3memy3zdwhc2i...

CVE-2026-20700

creationtimestamp| type| source ---|---|--- 2026-02-11 18:36:24+00:00| seen| https://bsky.app/profile/applsec.bsky.social/post/3mem4n4e4aq2x 2026-02-11 18:36:34+00:00| seen| https://infosec.exchange/users/applsec/statuses/116053441380483263 2026-02-11 20:40:51+00:00| seen|...

CVE-2026-0958

creationtimestamp| type| source ---|---|--- 2026-02-11 12:21:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3melhorpbvs2v 2026-02-11 13:55:16+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3melmweqeno2j...

CVE-2026-2295

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...

CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...

CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxpostgridloadmore' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated attacker...

CVE-2026-1786 Twitter posts to Blog <= 1.11.25 - Missing Authorization to Unauthenticated Plugin Settings Update

The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dgtwoptions' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including...

WordPress Twitter posts to Blog plugin <= 1.11.25 - Missing Authorization to Unauthenticated Plugin Settings Update vulnerability

Missing Authorization to Unauthenticated Plugin Settings Update vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Twitter posts to Blog versions = 1.11.25...

CVE-2026-25808

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpoint without authorization. This vulnerability is...

WordPress plugin Twitter posts to Blog 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Version...

PT-2026-7511

The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax post grid load more' function in all versions up to, and including, 1.3.2. This makes it possible for unauthenticated...

CVE-2025-52436

creationtimestamp| type| source ---|---|--- 2026-02-10 16:18:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejegruwr32v 2026-02-10 16:18:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejehxrag32g 2026-02-11 13:55:10+00:00| seen|...

CVE-2026-1603

creationtimestamp| type| source ---|---|--- 2026-02-10 16:17:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejegksy3522 2026-02-10 16:18:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mejehqfp3l2h 2026-02-11 04:00:00+00:00| seen|...

CVE-2025-6967

creationtimestamp| type| source ---|---|--- 2026-02-10 14:18:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mej5qq7ylq22 2026-02-10 14:18:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mej5qzmxgb2o 2026-02-10 14:18:56+00:00| seen|...

CVE-2026-23717

creationtimestamp| type| source ---|---|--- 2026-02-10 11:01:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meisqqcfja2r 2026-02-10 11:01:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meisrmrzns22 2026-02-10 11:06:43+00:00| seen|...

CVE-2025-15310

creationtimestamp| type| source ---|---|--- 2026-02-10 00:19:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehou653bx2v 2026-02-10 00:19:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mehouhenqv2r...

CVE-2026-25808

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpoint without authorization. This vulnerability is...

UBUNTU-CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

CVE-2026-25808

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpoint without authorization. This vulnerability is...