🚨 CVE-2026-9610
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
🎖@cveNotify
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
🎖@cveNotify
Ibm
Security Bulletin: Multiple Vulnerabilities in IBM Datacap
Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 008.
🚨 CVE-2026-57620
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS.
This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8.
🎖@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS.
This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Exclusive Addons Elementor Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-66123
Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions.
🎖@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions.
🎖@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress BookPro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-24547
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress SiteGround Email Marketing Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-54837
Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet <= 1.8.1 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet <= 1.8.1 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Intranet & Private Site – All-In-One Intranet Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56010
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
🎖@cveNotify
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
🎖@cveNotify
Patchstack
Privilege Escalation in WordPress Abandoned Cart Pro for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56029
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions.
🎖@cveNotify
Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions.
🎖@cveNotify
Patchstack
Broken Authentication in WordPress CorvusPay WooCommerce Payment Gateway Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56035
Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions.
🎖@cveNotify
Unauthenticated Multiple Vulnerabilities in BitFire Security <= 5.0.3 versions.
🎖@cveNotify
Patchstack
Multiple Vulnerabilities in WordPress BitFire Security Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56043
Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Customer Reviews for WooCommerce <= 5.110.1 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Customer Reviews for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56069
Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions.
🎖@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions.
🎖@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress Toolset Forms Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57315
Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.
🎖@cveNotify
Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.
🎖@cveNotify
Patchstack
Remote Code Execution (RCE) in WordPress Blocksy Companion Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
❤1
🚨 CVE-2026-57617
Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions.
🎖@cveNotify
Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress SeedProd Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57630
Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions.
🎖@cveNotify
Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions.
🎖@cveNotify
Patchstack
Insecure Direct Object References (IDOR) in WordPress Blocksy Companion Pro Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57655
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
🎖@cveNotify
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
🎖@cveNotify
Patchstack
Cross Site Request Forgery (CSRF) in WordPress Child Theme Wizard Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.