WordPress Active Products Tables for WooCommerce plugin <= 1.0.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.9...

WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin AIWU versions = 1.4.17...

WordPress WP Statistics plugin <= 14.16.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin WP Statistics versions = 14.16.6...

WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Booknetic versions = 4.8.5...

WordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by hhhai in WordPress Plugin WP Full Stripe Free versions = 8.4.1...

WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ilay Striechman in WordPress Plugin CformsII versions = 15.1.3...

Exploit for CVE-2026-8732

CVE-2026-8732 - WordPress WP Google Map Pro Mass Scanner & Aut...

WordPress WpTravelly plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by benzdeus in WordPress Plugin WpTravelly versions = 2.1.7...

WordPress Slimstat Analytics plugin < 5.4.0 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by mcdruid in WordPress Plugin Slimstat Analytics versions 5.4.0...

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows site owners to embed customizable Google Map...

WordPress HT Contact Form plugin <= 2.8.2 - Unauthenticated Stored Cross-Site Scripting via File Upload Field vulnerability

Unauthenticated Stored Cross-Site Scripting via File Upload Field vulnerability discovered by Azril Fathoni kiseki - Heroes Cyber Security in WordPress Plugin HT Contact Form 7 versions = 2.8.2...

WordPress GutenBee – Gutenberg Blocks plugin <= 2.20.1 - Authenticated (Author+) Arbitrary File Upload vulnerability

Authenticated Author+ Arbitrary File Upload vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin GutenBee versions = 2.20.1...

WordPress Crawlomatic Multipage Scraper Post Generator plugin <= 2.7.2 - Authenticated (Author+) Remote Code Execution vulnerability

Authenticated Author+ Remote Code Execution vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Crawlomatic Multisite Scraper Post Generator versions = 2.7.2...

WordPress Advanced Custom Fields: Extended plugin <= 0.9.2.5 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by daroo in WordPress Plugin ACF Extended versions = 0.9.2.5...

WordPress plugin GiveWP 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Contest Gallery Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Classified Listing 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress plugin WP Document Revisions 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress plugin Hydra Booking 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...