🚨 CVE-2026-27436
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
🎖@cveNotify
Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.
🎖@cveNotify
Patchstack
Arbitrary Code Execution in WordPress Five Star Business Profile and Schema Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-39448
Unauthenticated Broken Access Control in NOWPayments for WooCommerce <= 1.4.0 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in NOWPayments for WooCommerce <= 1.4.0 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress NOWPayments for WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-56037
Deserialization of Untrusted Data vulnerability in Themify Themify Popup allows Object Injection.
This issue affects Themify Popup: from n/a through 1.4.3.
🎖@cveNotify
Deserialization of Untrusted Data vulnerability in Themify Themify Popup allows Object Injection.
This issue affects Themify Popup: from n/a through 1.4.3.
🎖@cveNotify
Patchstack
PHP Object Injection in WordPress Themify Popup Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57342
Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive Images <= 3.11.3 versions.
🎖@cveNotify
Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive Images <= 3.11.3 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress ShortPixel Adaptive Images Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57343
Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Real Estate 7 Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57344
Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.4.2 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.4.2 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Classified Listing Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57345
Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager <= 3.0.3 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Internal Links Manager Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57347
Subscriber Sensitive Data Exposure in Hotel Booking Lite <= 6.0.3 versions.
🎖@cveNotify
Subscriber Sensitive Data Exposure in Hotel Booking Lite <= 6.0.3 versions.
🎖@cveNotify
Patchstack
Sensitive Data Exposure in WordPress Hotel Booking Lite Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57348
Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions <= 3.0.4 versions.
🎖@cveNotify
Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions <= 3.0.4 versions.
🎖@cveNotify
Patchstack
Server Side Request Forgery (SSRF) in WordPress Paid Member Subscriptions Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57350
Unauthenticated Cross Site Scripting (XSS) in WP Debugging <= 2.12.2 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WP Debugging <= 2.12.2 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WP Debugging Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57351
Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber <= 2.9.2 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber <= 2.9.2 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress HandL UTM Grabber Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57352
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce <= 2.2.0 versions.
🎖@cveNotify
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce <= 2.2.0 versions.
🎖@cveNotify
Patchstack
Broken Authentication in WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57353
Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.
🎖@cveNotify
Subscriber Broken Access Control in Link Whisper Premium <= 2.9.0 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Link Whisper Premium Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57355
Subscriber Broken Access Control in Classified Listing <= 5.4.2 versions.
🎖@cveNotify
Subscriber Broken Access Control in Classified Listing <= 5.4.2 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress Classified Listing Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57356
Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce Wishlist <= 1.9.19 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce Wishlist <= 1.9.19 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress MC Woocommerce Wishlist Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-57357
Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO <= 2.6.6 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO <= 2.6.6 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Search Atlas SEO Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.