🚨 CVE-2026-49778
Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WPFunnels Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-52705
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions.
🎖@cveNotify
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions.
🎖@cveNotify
Patchstack
Arbitrary File Upload in WordPress SigmaForms Pro – AI Generated Forms Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54188
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress JetEngine Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54189
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress JetEngine Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54195
Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress JetFormBuilder Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54806
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
🎖@cveNotify
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
🎖@cveNotify
Patchstack
PHP Object Injection in WordPress WP Activity Log Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-9690
Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions.
🎖@cveNotify
Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions.
🎖@cveNotify
Patchstack
Arbitrary File Download in WordPress WP Media folder Addon Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-59554
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
🎖@cveNotify
Unauthenticated SQL Injection in Advanced Ads – Tracking < 3.0.7 versions.
🎖@cveNotify
Patchstack
SQL Injection in WordPress Advanced Ads – Tracking Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-60230
Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection.
This issue affects The Barber Shop: from n/a through 1.9.
🎖@cveNotify
Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection.
This issue affects The Barber Shop: from n/a through 1.9.
🎖@cveNotify
Patchstack
PHP Object Injection in WordPress The Barber Shop Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-69115
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
🎖@cveNotify
Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme <= 1.2.2 versions.
🎖@cveNotify
Patchstack
Local File Inclusion in WordPress LuxMed | Medicine & Healthcare Doctor WordPress Theme Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-69130
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
🎖@cveNotify
Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.
🎖@cveNotify
Patchstack
PHP Object Injection in WordPress Entrepreneur - Booking for Small Businesses WordPress Theme Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-69189
Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects JobBank: from n/a through 1.2.3.
🎖@cveNotify
Missing Authorization vulnerability in EMV JobBank allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects JobBank: from n/a through 1.2.3.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress JobBank Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.