CVE-2026-3279 Enable jQuery Migrate Helper <= 1.4.1 - Missing Authorization to Authenticated (Subscriber+) jQuery Version Downgrade

The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the downgradejqueryversion function in all versions up to, and including, 1.4.1. This is due to the function only verifying a nonce without checking user...

EUVD-2026-32099

The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the downgradejqueryversion function in all versions up to, and including, 1.4.1. This is due to the function only verifying a nonce without checking user...

CVE-2026-3279

The CVE concerns the Enable jQuery Migrate Helper plugin for WordPress. A missing capability check in the downgrade_jquery_version() function (present in all versions up to 1.4.1) allows authenticated attackers with Subscriber-level access or higher to downgrade the site-wide jQuery from 3.7.1 to...

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.10 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by dodoh4t in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.8.10...

EUVD-2026-32097

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...

CVE-2026-6268

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...

CVE-2026-6268

The advisory concerns the EventPress WordPress theme before 22.2. The issue is that the id parameter in the eventpress_customizer_notify_dismiss_action AJAX handler is not sanitized or escaped before it is echoed in the response. This leads to Reflected Cross-Site Scripting (XSS) that can be exec...

CVE-2026-8867

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

CVE-2026-8884 Instant-Quote.co Quotation Page <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-32096

The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2026-8884 Instant-Quote.co Quotation Page <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-32095

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

CVE-2026-8884

The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2026-8884

The CVE-2026-8884 entry concerns the Instant-Quote.co Quotation Page plugin for WordPress, vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to 1.3.4. The root cause described is insufficient input sanitization and output escaping. The impact stated is that aut...

CVE-2026-8867 Post Categories Gallery <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

CVE-2026-8899

The CVE-2026-8899 entry concerns the WordPress Auto Thumbnail plugin (versions up to 1.0). Affected component is the athn_thumbnails() function handling the thumbnails shortcode; width and height attributes are unsafely concatenated into an HTML tag, leading to Stored Cross-Site Scripting. Explo...

CVE-2026-8899 Auto Thumbnails <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Auto Thumbnail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'thumbnails' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on the shortcode's 'width' and 'height' attributes in the athnthumbnail...

CVE-2026-8994 Login with NEAR <= 0.3.3 - Authentication Bypass via 'account' Parameter

The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The ajaxLoginWithNear function — registered as a wpajaxnopriv action and therefore reachable by unauthenticated users — accepts an attacker-supplied account POST parameter...

CVE-2026-8994

The Login with NEAR plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.3.3. The ajaxLoginWithNear function — registered as a wpajaxnopriv action and therefore reachable by unauthenticated users — accepts an attacker-supplied account POST parameter...

EUVD-2026-32093

The Auto Thumbnail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'thumbnails' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on the shortcode's 'width' and 'height' attributes in the athnthumbnail...