π¨ CVE-2026-39537
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
π@cveNotify
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
π@cveNotify
Patchstack
Local File Inclusion in WordPress Mikado Core Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39539
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
π@cveNotify
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking <= 2.1.2 versions.
π@cveNotify
Patchstack
PHP Object Injection in WordPress Alloggio - Hotel Booking Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39548
Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in MagOne <= 9.0 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress MagOne Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39577
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
π@cveNotify
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
π@cveNotify
Patchstack
PHP Object Injection in WordPress Playroom Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39596
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
π@cveNotify
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
π@cveNotify
Patchstack
SQL Injection in WordPress Blocksy Companion Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39597
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WPZOOM Addons for Elementor Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39598
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
π@cveNotify
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
π@cveNotify
Patchstack
Arbitrary File Upload in WordPress Academy LMS Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.