CVE-2026-40790

The CVE-2026-40790 entry concerns the WordPress WP SMS plugin, versions ≤ 7.2.1, with a Subscriber Sensitive Data Exposure vulnerability. The connected data specify a network-accessible issue with low attacker privileges, no user interaction, and high confidentiality impact (CVSS v3.1 base 6.5, M...

CVE-2026-40789 WordPress Amelia plugin <= 2.2 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Amelia = 2.2 versions...

CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability

Subscriber Broken Access Control in ChatBot = 7.9.7 versions...

CVE-2026-40788

CVE-2026-40788 affects WordPress ChatBot plugin versions

CVE-2026-40789

CVE-2026-40789 affects WordPress Amelia plugin (versions

CVE-2026-40788 WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability

Subscriber Broken Access Control in ChatBot = 7.9.7 versions...

CVE-2026-40787 WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

CVE-2026-40787 WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

CVE-2026-40787

The vulnerability concerns the WordPress Quiz And Survey Master plugin (versions ≤ 11.0.0). It is an unauthenticated Cross Site Scripting (XSS) flaw identified in these releases. The connected sources confirm the affected product and the XSS impact but do not specify the exact root cause, vulnera...

CVE-2026-40782 WordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...

CVE-2026-40785 WordPress AutomatorWP plugin <= 5.6.7 - Broken Authentication vulnerability

Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...

CVE-2026-40782 WordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WPAdverts = 2.3.0 versions...

CVE-2026-40785 WordPress AutomatorWP plugin <= 5.6.7 - Broken Authentication vulnerability

Subscriber Broken Authentication in AutomatorWP = 5.6.7 versions...

CVE-2026-40785

CVE-2026-40785 concerns WordPress AutomatorWP plugin

CVE-2026-40782

CVE-2026-40782 : Unauthenticated Broken Access Control in WordPress WPAdverts plugin (versions

CVE-2026-40781 WordPress ReviewX plugin <= 2.3.6 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...

CVE-2026-40781

CVE-2026-40781 affects the WordPress ReviewX plugin ≤ 2.3.6. Root cause: unauthenticated broken authentication vulnerability leading to high-severity impact (CVSSv3.1 base score 7.5; Network attack vector, no user interaction, no privileges required; integrity impact HIGH). Affected software is t...

CVE-2026-40781 WordPress ReviewX plugin <= 2.3.6 - Broken Authentication vulnerability

Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...

CVE-2026-40779 WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability

Contributor Arbitrary File Deletion in Link Library = 7.8.8 versions...

CVE-2026-40776 WordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WP Event SOlution = 4.1.8 versions...