CVE-2026-7783 - CodeCanyon Perfex CRM Admin Kanban Endpoint AbstractKanban.php applySortQuery sql injection
CVE ID :CVE-2026-7783
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component Admin Kanban Endpoint. This manipulation of the argument this causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7783
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component Admin Kanban Endpoint. This manipulation of the argument this causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7784 - RTGS2017 NagaAgent Skills Endpoint extensions.py path traversal
CVE ID :CVE-2026-7784
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7784
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7785 - A-G-U-P-T-A wireshark-mcp pyshark_mcp.py quick_capture os command injection
CVE ID :CVE-2026-7785
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7785
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-7788 - Axle-Bucamp MCP-Docusaurus document.py get_content path traversal
CVE ID :CVE-2026-7788
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of the argument DOCS_DIR/path results in path traversal. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-7788
Published : May 5, 2026, 12:16 a.m. | 1 hour, 41 minutes ago
Description :A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of the argument DOCS_DIR/path results in path traversal. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44028 - Nix Lix Unbounded Recursion Stack-to-Heap Overflow
CVE ID :CVE-2026-44028
Published : May 5, 2026, 1:16 a.m. | 41 minutes ago
Description :An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix Archive) parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite memory on the heap and could allow arbitrary code execution as the Nix daemon (run as root in multi-user installations) if ASLR hardening is bypassed. This can be exploited by all users able to connect to the daemon (e.g., in Nix, this is configurable via the allowed-users setting, defaulting to all users). The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 for Nix (introduced in 2.24.4); and 2.95.2, 2.94.2, and 2.93.4 for Lix (introduced in 2.93.0).
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44028
Published : May 5, 2026, 1:16 a.m. | 41 minutes ago
Description :An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix Archive) parser could lead to a stack-to-heap overflow when the parser is run on a coroutine stack. The stack is allocated without a guard page, which means that a stack overflow could overwrite memory on the heap and could allow arbitrary code execution as the Nix daemon (run as root in multi-user installations) if ASLR hardening is bypassed. This can be exploited by all users able to connect to the daemon (e.g., in Nix, this is configurable via the allowed-users setting, defaulting to all users). The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 for Nix (introduced in 2.24.4); and 2.95.2, 2.94.2, and 2.93.4 for Lix (introduced in 2.93.0).
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44029 - Nix Directory Traversal Vulnerability
CVE ID :CVE-2026-44029
Published : May 5, 2026, 1:16 a.m. | 41 minutes ago
Description :An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 (introduced in 2.24.7);
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44029
Published : May 5, 2026, 1:16 a.m. | 41 minutes ago
Description :An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 (introduced in 2.24.7);
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4409 - Subscribe To Comments Reloaded <= 240119 - Improper Authorization to Unauthenticated Arbitrary Subscription Management
CVE ID :CVE-2026-4409
Published : May 5, 2026, 3:15 a.m. | 2 hours, 43 minutes ago
Description :The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the global key from any public post page, forge authorization keys and manage comment subscription preferences for arbitrary users
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4409
Published : May 5, 2026, 3:15 a.m. | 2 hours, 43 minutes ago
Description :The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the global key from any public post page, forge authorization keys and manage comment subscription preferences for arbitrary users
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4730 - Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'chartid' Shortcode Attribute
CVE ID :CVE-2026-4730
Published : May 5, 2026, 3:15 a.m. | 2 hours, 43 minutes ago
Description :The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4730
Published : May 5, 2026, 3:15 a.m. | 2 hours, 43 minutes ago
Description :The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-5100 - AWP Classifieds <= 4.4.5 - Unauthenticated SQL Injection via 'regions'
CVE ID :CVE-2026-5100
Published : May 5, 2026, 3:15 a.m. | 2 hours, 42 minutes ago
Description :The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-5100
Published : May 5, 2026, 3:15 a.m. | 2 hours, 42 minutes ago
Description :The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-5247 - Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.10.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'wrapper' Shortcode Attribute
CVE ID :CVE-2026-5247
Published : May 5, 2026, 3:15 a.m. | 2 hours, 42 minutes ago
Description :The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction] shortcode in all versions up to, and including, 4.10.0. This is due to insufficient input sanitization on the wrapper attribute. The plugin uses esc_html() to escape the value, but esc_html() only encodes HTML entities and does not prevent attribute injection when the value is used as an HTML tag name in a sprintf() call. An attacker can inject event handler attributes via spaces in the wrapper value. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Since it is also possible for administrators to make this functionality available to lower-privileged users, this introduces the possibility of abuse by contributors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-5247
Published : May 5, 2026, 3:15 a.m. | 2 hours, 42 minutes ago
Description :The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction] shortcode in all versions up to, and including, 4.10.0. This is due to insufficient input sanitization on the wrapper attribute. The plugin uses esc_html() to escape the value, but esc_html() only encodes HTML entities and does not prevent attribute injection when the value is used as an HTML tag name in a sprintf() call. An attacker can inject event handler attributes via spaces in the wrapper value. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Since it is also possible for administrators to make this functionality available to lower-privileged users, this introduces the possibility of abuse by contributors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-5505 - WP-Clippy <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID :CVE-2026-5505
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `clippy` shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-5505
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `clippy` shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6255 - Simple Owl Shortcodes <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'num' Shortcode Attribute
CVE ID :CVE-2026-6255
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owls_wrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6255
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owls_wrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6696 - Zingaya Click-to-Call <= 1.0 - Reflected Cross-Site Scripting via 'email' Parameter
CVE ID :CVE-2026-6696
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6696
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's sign-up admin page in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6700 - DX Sources <= 2.0.1 - Cross-Site Request Forgery to Settings Update
CVE ID :CVE-2026-6700
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settings_page_build function. This makes it possible for unauthenticated attackers to trick a logged-in administrator into submitting a forged request that modifies the plugin's configuration options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6700
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on the settings_page_build function. This makes it possible for unauthenticated attackers to trick a logged-in administrator into submitting a forged request that modifies the plugin's configuration options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6701 - addfreespace <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings Page
CVE ID :CVE-2026-6701
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6701
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6702 - Publish 2 Ping.fm <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'wpPingPingKey' Parameter
CVE ID :CVE-2026-6702
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admin/options-general.php?page=admin.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6702
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the '/wp-admin/options-general.php?page=admin.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-6704 - Blog Settings <= 1.0 - Reflected Cross-Site Scripting via 'page' Parameter
CVE ID :CVE-2026-6704
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-6704
Published : May 5, 2026, 3:16 a.m. | 2 hours, 42 minutes ago
Description :The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2948 - Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Server-Side Request Forgery via 'imageUrl'
CVE ID :CVE-2026-2948
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.5.3 via the import_images() function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-2948
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.5.3 via the import_images() function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-35228 - Oracle Open Source Projects Oracle MCP Server Helper Tool SQL Injection Vulnerability
CVE ID :CVE-2026-35228
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server Helper Tool. Successful attacks of this vulnerability can result in Oracle MCP Server Helper Tool executing malicious SQL.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-35228
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server Helper Tool. Successful attacks of this vulnerability can result in Oracle MCP Server Helper Tool executing malicious SQL.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-3456 - GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation <= 1.2.0 - Unauthenticated SQL Injection via 'attributekey'
CVE ID :CVE-2026-3456
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-3456
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4665 - WP Carousel Free <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-caption' Attribute
CVE ID :CVE-2026-4665
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox `data-caption` attributes in all versions up to, and including, 2.7.10. This is due to the `fancybox-config.js` script reading the carousel container's `id` attribute directly from the DOM to construct a jQuery selector without sanitization. When a Contributor crafts an HTML block with a malformed carousel container ID (containing characters invalid for jQuery selectors), the custom fancybox configuration throws a JavaScript error and fails to initialize. This causes the bundled fancybox library (v3.5.7) to fall back to its default caption handling, which renders the `data-caption` attribute content as raw HTML. Since WordPress allows `data-*` attributes through `wp_kses_post()`, this makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user clicks an image in the crafted carousel lightbox.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4665
Published : May 5, 2026, 4:16 a.m. | 1 hour, 42 minutes ago
Description :The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox `data-caption` attributes in all versions up to, and including, 2.7.10. This is due to the `fancybox-config.js` script reading the carousel container's `id` attribute directly from the DOM to construct a jQuery selector without sanitization. When a Contributor crafts an HTML block with a malformed carousel container ID (containing characters invalid for jQuery selectors), the custom fancybox configuration throws a JavaScript error and fails to initialize. This causes the bundled fancybox library (v3.5.7) to fall back to its default caption handling, which renders the `data-caption` attribute content as raw HTML. Since WordPress allows `data-*` attributes through `wp_kses_post()`, this makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user clicks an image in the crafted carousel lightbox.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...