WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting

WordPress W3 Total Cache plugin before 2.1.4 is susceptible to cross-site scripting within the extension parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This can allow an attacker to convince an authenticated admin into clicking a link to run...

WordPress Easy Forms for Mailchimp Plugin < 6.8.9 - Cross-Site Scripting

The Easy Forms for Mailchimp plugin before version 6.8.9 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape the sqlerror parameter before outputting it back in the page when the debug option is enabled, which could allow attackers to execute...

CVE-2026-50195

creationtimestamp| type| source ---|---|--- 2026-06-19 01:31:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mom72udh7u25 2026-06-19 09:11:46+00:00| seen| https://bsky.app/profile/canartuc.com/post/3momyrcpuo42y 2026-06-19 10:03:46+00:00| seen|...

CVE-2026-54223

creationtimestamp| type| source ---|---|--- 2026-06-18 05:55:00+00:00| seen| https://cert.pl/en/posts/2026/06/CVE-2026-54219 2026-06-18 16:08:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mol7lg5tfb27...

CVE-2026-46766

creationtimestamp| type| source ---|---|--- 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8...

CVE-2026-1767

creationtimestamp| type| source ---|---|--- 2026-06-16 04:15:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moewsbzgsh2n...

CVE-2016-20081

creationtimestamp| type| source ---|---|--- 2026-06-15 16:19:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3modosme33v2v...

CVE-2026-5079

creationtimestamp| type| source ---|---|--- 2026-06-15 14:11:08+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3modhmggois27 2026-06-15 16:13:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3modohbamvv2h 2026-06-15 18:01:42+00:00| seen|...

CVE-2026-12217

creationtimestamp| type| source ---|---|--- 2026-06-15 04:30:26+00:00| seen| https://infosec.exchange/users/offseq/statuses/116752241414863988 2026-06-15 04:30:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3moch6lbnsc2i 2026-06-15 05:00:05+00:00| seen|...

CVE-2026-53470

creationtimestamp| type| source ---|---|--- 2026-06-14 23:16:13+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mobvmpno5q2m 2026-06-15 16:31:52+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3modpi4b34v2k 2026-06-18 10:07:09+00:00| seen|...

CVE-2025-55660

creationtimestamp| type| source ---|---|--- 2026-06-13 22:34:11+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mo7csmvpjk2f...

CVE-2026-54398

creationtimestamp| type| source ---|---|--- 2026-06-13 02:14:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mo56n2nt6m2j...

PT-2026-49102

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A floating point exception occurs in the avidmx process function within the isomedia/isom write.c file. A floating point exception is a runtime error that happens when a program attempts an illegal arithmeti...

Malicious Package

Overview @web-3d-tool/sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview paypal-payouts-bridge is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

PT-2026-48751

Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...

CVE-2026-3326

creationtimestamp| type| source ---|---|--- 2026-06-10 10:51:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnwk66y52s2r 2026-06-10 12:00:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnwnylckjr2p...

CVE-2026-36934

creationtimestamp| type| source ---|---|--- 2026-06-09 22:15:53+00:00| seen| https://gist.github.com/OxBat/67c10534910e1409e04ae923c38fca2b...

CVE-2017-20251

creationtimestamp| type| source ---|---|--- 2026-06-09 13:12:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnubkiaxde2r 2026-06-09 19:00:13+00:00| published-proof-of-concept| Telegram/Twzxtbvyqic9grgE7JaZrbs3i9BOrZG8PBBvMyWgrTB7Ya8 2026-06-09 23:00:05+00:00|...

CVE-2026-10523

creationtimestamp| type| source ---|---|--- 2026-06-09 08:30:20+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-567 2026-06-09 17:18:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnupbjfggb2x 2026-06-09 17:28:39+00:00| seen|...