🚨 CVE-2026-39596
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
🎖@cveNotify
Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.
🎖@cveNotify
Patchstack
SQL Injection in WordPress Blocksy Companion Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-39597
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WPZOOM Addons for Elementor Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-39598
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
🎖@cveNotify
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server.
This issue affects Academy LMS Pro: from n/a before 3.5.2.
🎖@cveNotify
Patchstack
Arbitrary File Upload in WordPress Academy LMS Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-40722
Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Yoast SEO Premium: from n/a through 26.6.
🎖@cveNotify
Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Yoast SEO Premium: from n/a through 26.6.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Yoast SEO Premium Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-40724
CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions.
🎖@cveNotify
CP Client Arbitrary File Download in Client Portal (Pro) <= 5.6.2 versions.
🎖@cveNotify
Patchstack
Arbitrary File Download in WordPress Client Portal (Pro) Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-40725
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
🎖@cveNotify
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
🎖@cveNotify
Patchstack
PHP Object Injection in WordPress WooCommerce Product Filters Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-40726
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress User Registration Stripe Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.