Security

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

11567

Total

772

Critical

3269

High

3678

Medium

CVE ID	Severity	Score	Description	Published
CVE-2026-39713	UNKNOWN	—	Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mailercloud …	Apr 08, 2026
CVE-2026-39712	MEDIUM	5.3	Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: …	Apr 08, 2026
CVE-2026-39711	UNKNOWN	—	Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 \| Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 \| …	Apr 08, 2026
CVE-2026-39710	MEDIUM	5.4	Cross-Site Request Forgery (CSRF) vulnerability in stmcan RT-Theme 18 \| Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 \| Extensions: from n/a …	Apr 08, 2026
CVE-2026-39709	UNKNOWN	—	Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through …	Apr 08, 2026
CVE-2026-39708	MEDIUM	6.5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a …	Apr 08, 2026
CVE-2026-39707	UNKNOWN	—	Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal …	Apr 08, 2026
CVE-2026-39706	MEDIUM	5.3	Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Make My Trivia: from n/a …	Apr 08, 2026
CVE-2026-39705	UNKNOWN	—	Missing Authorization vulnerability in Mulika Team MIPL WC Multisite Sync mipl-wc-multisite-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MIPL WC Multisite Sync: …	Apr 08, 2026
CVE-2026-39704	MEDIUM	5.3	Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals …	Apr 08, 2026
CVE-2026-39703	UNKNOWN	—	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects …	Apr 08, 2026
CVE-2026-39702	MEDIUM	6.5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows DOM-Based XSS.This issue affects Animation Addons …	Apr 08, 2026
CVE-2026-39701	UNKNOWN	—	Missing Authorization vulnerability in Andrew ShopWP wpshopify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShopWP: from n/a through <= 5.2.4.	Apr 08, 2026
CVE-2026-39700	MEDIUM	5.3	Missing Authorization vulnerability in WPXPO WowOptin optin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowOptin: from n/a through <= 1.4.32.	Apr 08, 2026
CVE-2026-39699	UNKNOWN	—	Missing Authorization vulnerability in massiveshift AI Workflow Automation ai-workflow-automation-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Workflow Automation: from n/a through …	Apr 08, 2026
CVE-2026-39698	MEDIUM	5.3	Missing Authorization vulnerability in PublisherDesk The Publisher Desk ads.txt the-publisher-desk-ads-txt allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Publisher Desk ads.txt: from …	Apr 08, 2026
CVE-2026-39697	UNKNOWN	—	Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue …	Apr 08, 2026
CVE-2026-39696	MEDIUM	6.5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elfsight Elfsight WhatsApp Chat CC elfsight-whatsapp-chat allows DOM-Based XSS.This issue affects Elfsight WhatsApp …	Apr 08, 2026
CVE-2026-39695	UNKNOWN	—	Server-Side Request Forgery (SSRF) vulnerability in podigee Podigee podigee allows Server Side Request Forgery.This issue affects Podigee: from n/a through <= 1.4.0.	Apr 08, 2026
CVE-2026-39694	MEDIUM	5.3	Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simply Schedule Appointments: from n/a through …	Apr 08, 2026
CVE-2026-39693	UNKNOWN	—	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fesomia FSM Custom Featured Image Caption fsm-custom-featured-image-caption allows DOM-Based XSS.This issue affects FSM …	Apr 08, 2026
CVE-2026-39692	MEDIUM	6.5	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tagDiv tagDiv Composer td-composer allows Stored XSS.This issue affects tagDiv Composer: from n/a …	Apr 08, 2026
CVE-2026-39691	UNKNOWN	—	Missing Authorization vulnerability in AdAstraCrypto Cryptocurrency Donation Box – Bitcoin & Crypto Donations cryptocurrency-donation-box allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency …	Apr 08, 2026
CVE-2026-39690	MEDIUM	5.3	Missing Authorization vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Author Avatars List/Block: from n/a …	Apr 08, 2026
CVE-2026-39689	UNKNOWN	—	Missing Authorization vulnerability in eshipper eShipper Commerce eshipper-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eShipper Commerce: from n/a through <= 2.16.12.	Apr 08, 2026

« Prev 366 367 368 369 370 Next »