Vulns

03-03

CVE-2026-8976 | ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress authorization

A vulnerability marked as critical has been reported in ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress.

A vulnerability described as problematic has been identified in alejo30 Alba Board Plugin up to 2.1.3 on WordPress. This affects

A vulnerability classified as critical has been found in TP-Link Tapo C520WS v2. This vulnerability affects unknown code of the

A vulnerability classified as critical was found in TP-Link Tapo C520WS v2. This issue affects some unknown processing of the

A vulnerability, which was classified as critical, has been found in TP-Link Tapo C520WS v2. Impacted is an unknown function

A vulnerability, which was classified as problematic, was found in wpdevteam EmbedPress Plugin up to 4.5.3 on WordPress. The affected

A vulnerability has been found in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to

A vulnerability was found in spacetime Ad Inserter Plugin up to 2.8.15 on WordPress and classified as problematic. This affects

A vulnerability was found in davidanderson All-In-One Security Plugin up to 5.4.7 on WordPress. It has been classified as problematic.

A vulnerability was found in payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress. It has been declared

CVE-2026-10725 | CRUX Protocol::HTTP/2 up to 1.12 on Perl headers_decode HTTP/2 Bomb data amplification
CVE-2026-47730 | twigphp Twig Profiler HtmlDumper cross site scripting
CVE-2026-47732 | twigphp Twig __toString sandbox
CVE-2026-11447 | GL.iNet GL-MT3000 up to 4.4.5 MTK Backend iwinfo.so iwinfo_backend device command injection