๐จ CVE-2026-56046
Subscriber Cross Site Scripting (XSS) in ListingPro <= 2.9.11 versions.
๐@cveNotify
Subscriber Cross Site Scripting (XSS) in ListingPro <= 2.9.11 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress ListingPro Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56047
Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.3 versions.
๐@cveNotify
Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.3 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress perfmatters Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56048
Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions.
๐@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions.
๐@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress Payment Gateway Based Fees and Discounts for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56057
Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
๐@cveNotify
Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.
๐@cveNotify
Patchstack
PHP Object Injection in WordPress Uncanny Automator Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56059
Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions.
๐@cveNotify
Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions.
๐@cveNotify
Patchstack
Arbitrary File Upload in WordPress Travel Booking Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56061
Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions.
๐@cveNotify
Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions.
๐@cveNotify
Patchstack
Broken Access Control in WordPress Subscriptions for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56063
Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions.
๐@cveNotify
Unauthenticated Broken Access Control in MailChimp Block <= 1.1.15 versions.
๐@cveNotify
Patchstack
Broken Access Control in WordPress MailChimp Block Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56066
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images <= 3.11.4 versions.
๐@cveNotify
Unauthenticated Arbitrary File Deletion in ShortPixel Adaptive Images <= 3.11.4 versions.
๐@cveNotify
Patchstack
Arbitrary File Deletion in WordPress ShortPixel Adaptive Images Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56067
Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions.
๐@cveNotify
Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions.
๐@cveNotify
Patchstack
SQL Injection in WordPress JetSmartFilters Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56069
Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions.
๐@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions.
๐@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress Toolset Forms Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56070
Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions.
๐@cveNotify
Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions.
๐@cveNotify
Patchstack
SQL Injection in WordPress Advance Product Search Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56072
Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions.
๐@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WoodMart Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-56773
Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases and tables via endpoints like GET /api/v2/tables/get and POST /api/v2/tables/updateRecords.
๐@cveNotify
Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Attackers can read table schemas, create tables, and modify or delete records across bases and tables via endpoints like GET /api/v2/tables/get and POST /api/v2/tables/updateRecords.
๐@cveNotify
GitHub
[sync] T4883 route CSV table imports through V2 by tea-artist ยท Pull Request #3285 ยท teableio/teable
๐ Automated sync from EE repository.
29 commit(s) synced since last sync.
Authors
Aries X caoxing9@gmail.com
Boris boris2code@outlook.com
Jun Lu hammond@teable.io
SkyHuang sky.huang.fe@gmail.com
U...
29 commit(s) synced since last sync.
Authors
Aries X caoxing9@gmail.com
Boris boris2code@outlook.com
Jun Lu hammond@teable.io
SkyHuang sky.huang.fe@gmail.com
U...
๐จ CVE-2026-57312
Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions.
๐@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Everest Forms Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-57313
Subscriber Cross Site Scripting (XSS) in SureCart <= 4.2.2 versions.
๐@cveNotify
Subscriber Cross Site Scripting (XSS) in SureCart <= 4.2.2 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress SureCart Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
๐จ CVE-2026-57314
Unauthenticated Cross Site Scripting (XSS) in SureCart <= 4.3.2 versions.
๐@cveNotify
Unauthenticated Cross Site Scripting (XSS) in SureCart <= 4.3.2 versions.
๐@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress SureCart Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.