CVE-2026-49110 WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability

Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...

CVE-2026-49109

CVE-2026-49109 concerns the WordPress plugin set “Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms” (versions

CVE-2026-49109 WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms = 1.4.3 versions...

CVE-2026-49106 WordPress Integration for Contact Form 7 and Constant Contact plugin <= 1.1.6 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact = 1.1.6 versions...

CVE-2026-49105

CVE-2026-49105 concerns the WordPress plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms, with affected versions

CVE-2026-49105 WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...

EUVD-2026-36882

Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...

CVE-2026-49105 WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...

CVE-2026-49106

The CVE-2026-49106 entry concerns the WordPress plugin “Integration for Contact Form 7 and Constant Contact” (versions ≤ 1.1.6). The vulnerability is an unauthenticated PHP Object Injection in that integration, enabling an attacker to potentially manipulate PHP objects without authentication. The...

CVE-2026-49104

CVE-2026-49104 affects the WordPress plugin “Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms” (versions

EUVD-2026-36881

Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms = 1.2.1 versions...

CVE-2026-49104 WordPress Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.2.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms = 1.2.1 versions...

CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Contributor Privilege Escalation in LatePoint = 5.5.1 versions...

CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability

Contributor Privilege Escalation in LatePoint = 5.5.1 versions...

CVE-2026-49085

CVE-2026-49085 affects the WP Insightly plugin for WordPress when used with Contact Form 7, WPForms, Elementor, Formidable, and Ninja Forms (versions

CVE-2026-49085 WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...

EUVD-2026-36880

Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms = 1.1.4 versions...

CVE-2026-49083

Summary: CVE-2026-49083 affects the WordPress LatePoint plugin and is a privilege-escalation vulnerability in versions ≤ 5.5.1. What’s affected: WordPress LatePoint plugin (versions up to and including 5.5.1). Impact (as per provided metrics): CVSS 3.1 base score 7.5 (High), with network attack v...

CVE-2026-49082 WordPress Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons plugin <= 1.4.8 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Chatway Live Chat AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons = 1.4.8 versions...

CVE-2026-49082 WordPress Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons plugin <= 1.4.8 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Chatway Live Chat AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons = 1.4.8 versions...