CVE-2026-9829 | 10web Photo Gallery Plugin up to 1.8.41 on WordPress AJAX page sql injection
A vulnerability categorized as critical has been discovered in 10web Photo Gallery Plugin up to 1.8.41 on WordPress. The affected
Read More
Author: Yanac
CVE-2025-12656 | wpvividplugins WPvivid Plugin up to 0.9.128 on WordPress Path Validation delete_cancel_staging_site file inclusion
A vulnerability identified as problematic has been detected in wpvividplugins WPvivid Plugin up to 0.9.128 on WordPress. The impacted element
Read More
CVE-2026-10038 | smub Charitable Plugin up to 1.8.11.1 on WordPress save_avatar authorization
A vulnerability labeled as critical has been found in smub Charitable Plugin up to 1.8.11.1 on WordPress. This affects the
Read More
CVE-2026-8608 | awordpresslife Event Monster Plugin up to 2.1.0 on WordPress PayPal API capture_payment data authenticity
A vulnerability marked as critical has been reported in awordpresslife Event Monster Plugin up to 2.1.0 on WordPress. This impacts
Read More
CVE-2026-7565 | ThimPress LearnPress Plugin up to 4.1.4 on WordPress import-user-file path traversal
A vulnerability described as critical has been identified in ThimPress LearnPress Plugin up to 4.1.4 on WordPress. Affected is an
Read More
CVE-2026-7665 | wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress Elementor Template ajax_load_more authorization
A vulnerability classified as problematic has been found in wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress.
Read More
CVE-2026-8502 | ThimPress LearnPress Plugin up to 4.3.6 on WordPress archive-course return_type authorization
A vulnerability classified as problematic was found in ThimPress LearnPress Plugin up to 4.3.6 on WordPress. Affected by this issue
Read More
CVE-2026-8978 | crafium OptinCraft Plugin up to 1.2.0 on WordPress order_by sql injection
A vulnerability, which was classified as critical, has been found in crafium OptinCraft Plugin up to 1.2.0 on WordPress. This
Read More
CVE-2026-8611 | klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on WordPress invoice_id authorization
A vulnerability, which was classified as problematic, was found in klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on
Read More
CVE-2026-9851 | masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress AJAX Endpoint Schedule::updateUser administrator authorization
A vulnerability has been found in masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress and classified as problematic. This
Read More