CVE-2026-2948 | jegstudio Gutenverse Plugin up to 3.5.3 on WordPress import_images server-side request forgery

May 5, 2026 Yanac

A vulnerability classified as critical was found in jegstudio Gutenverse Plugin up to 3.5.3 on WordPress. This affects the function import_images. Such manipulation leads to server-side request forgery.

This vulnerability is listed as CVE-2026-2948. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2026-4665 | shapedplugin WP Carousel Free Plugin up to 2.7.10 on WordPress Fancybox fancybox-config.js wp_kses_post cross site scripting
CVE-2026-44029 | NixOS Nix up to 2.34.6 absolute path traversal (GHSA-gr92-w2r5-qw5p)