PT-2026-46352

Unauthenticated Local File Inclusion in Mission = 1.22 versions...

PT-2026-46339

Unauthenticated Local File Inclusion in Snow Club = 1.1 versions...

PT-2026-46371

Unauthenticated Local File Inclusion in Eros = 1.3 versions...

PT-2026-46347

Subscriber Broken Access Control in Genemy = 1.6.6 versions...

PT-2026-46330

Unauthenticated Local File Inclusion in Nexio = 1.10.0 versions...

PT-2026-46354

Unauthenticated Local File Inclusion in Gat = 1.16 versions...

PT-2026-46325

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

PT-2026-46379

Unauthenticated Local File Inclusion in ITactics = 1.0 versions...

PT-2026-46321

Unauthenticated Cross Site Scripting XSS in Qreatix = 1.9.4 versions...

PT-2026-46333

Unauthenticated Local File Inclusion in Iona = 1.0.8 versions...

PT-2026-46362

Unauthenticated Local File Inclusion in Granola = 1.13 versions...

PT-2026-46367

Unauthenticated Local File Inclusion in WineShop = 3.17 versions...

WordPress Dokan plugin <= 5.0.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Dokan versions = 5.0.2...

WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin AutomatorWP versions = 5.7.2...

WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by adhikara13 in WordPress Plugin JobSearch versions = 3.2.7...

WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.9.4...

WordPress MasterStudy LMS Pro plugin <= 4.8.20 - Authenticated (Instructor+) SQL Injection vulnerability

Authenticated Instructor+ SQL Injection vulnerability discovered by Rafie Muhammad - Awesome Motive, Inc. in WordPress Plugin MasterStudy LMS Pro versions = 4.8.20...

WordPress Quiz And Survey Master plugin <= 11.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by endy in WordPress Plugin Quiz And Survey Master versions = 11.1.2...

WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.9.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by fayespiegel in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.9.7...

WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Septio Noerdiansyah in WordPress Plugin Really Simple SSL versions = 9.5.10...