🚨 CVE-2026-54842
Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Royal MCP: from n/a through 1.4.25.
🎖@cveNotify
Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Royal MCP: from n/a through 1.4.25.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Royal MCP Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54844
Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress CheckView Automated Testing Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54848
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data.
This issue affects APIExperts Square for WooCommerce: from n/a through 4.7.3.
🎖@cveNotify
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data.
This issue affects APIExperts Square for WooCommerce: from n/a through 4.7.3.
🎖@cveNotify
Patchstack
Sensitive Data Exposure in WordPress APIExperts Square for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54849
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
🎖@cveNotify
Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions.
🎖@cveNotify
Patchstack
SQL Injection in WordPress Premmerce Wishlist for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56005
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
🎖@cveNotify
Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WP Activity Log Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56013
Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions.
🎖@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions.
🎖@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress License Manager for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56014
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Master Slider Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56023
Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions.
🎖@cveNotify
Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce <= 1.6.2 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress UPI QR Code Payment Gateway for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56042
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
🎖@cveNotify
Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Advanced Order Export For WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56050
Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects PPOM for WooCommerce: from n/a through 33.0.18.
🎖@cveNotify
Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects PPOM for WooCommerce: from n/a through 33.0.18.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress PPOM for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56051
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress TablePress Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56071
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Forminator Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57619
Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions.
🎖@cveNotify
Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions.
🎖@cveNotify
Patchstack
Sensitive Data Exposure in WordPress Elementor Website Builder Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.