π¨ CVE-2026-39577
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
π@cveNotify
Unauthenticated PHP Object Injection in Playroom <= 1.4.1 versions.
π@cveNotify
Patchstack
PHP Object Injection in WordPress Playroom Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39596
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
π@cveNotify
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
π@cveNotify
Patchstack
SQL Injection in WordPress Blocksy Companion Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39597
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
π@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WPZOOM Addons for Elementor Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-39598
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
π@cveNotify
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
π@cveNotify
Patchstack
Arbitrary File Upload in WordPress Academy LMS Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40721
Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
π@cveNotify
Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.
π@cveNotify
Patchstack
Local File Inclusion in WordPress Element Pack Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40722
Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Yoast SEO Premium: from n/a through 26.6.
π@cveNotify
Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Yoast SEO Premium: from n/a through 26.6.
π@cveNotify
Patchstack
Broken Access Control in WordPress Yoast SEO Premium Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40723
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
π@cveNotify
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress Bricks Builder Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40724
CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions.
π@cveNotify
CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions.
π@cveNotify
Patchstack
Arbitrary File Download in WordPress Client Portal (Pro) Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40725
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
π@cveNotify
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
π@cveNotify
Patchstack
PHP Object Injection in WordPress WooCommerce Product Filters Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2026-40726
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
π@cveNotify
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
π@cveNotify
Patchstack
Broken Access Control in WordPress User Registration Stripe Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.