Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-05-14
CVE-2026-6206 - Mw Wp Form Plugin
The MW WP Form plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.1.2 via the _get_post_property_from_querystring() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.
PLUGIN
Mw Wp Form
CVE-2026-6206
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6145 - User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Plugin
The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is due to the is_admin_creation_process() method relying solely on the presence of action=createuser in the $_REQUEST superglobal without performing any authentication or capability check. This makes it possible for unauthenticated attackers to bypass the admin approval requirement when registering new accounts via the fallback submission path.
PLUGIN
User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder
CVE-2026-6145
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6510 - Infusedwoo Pro Plugin
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwar_save_recipe() AJAX handler. This makes it possible for unauthenticated attackers to create a malicious automation recipe that pairs an HTTP post trigger with an auto-login action, allowing any unauthenticated visitor to visit a crafted URL and receive authentication cookies for any targeted user account (e.g., administrator), achieving complete authentication bypass and privilege escalation.
PLUGIN
Infusedwoo Pro
CVE-2026-6510
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6670 - Media Sync Plugin
The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'sub_dir' and 'media_items' parameters. This is due to insufficient validation of user-supplied file paths, which are not checked for directory traversal sequences or restricted to the intended uploads directory. This makes it possible for authenticated attackers, with Author-level access and above, to perform actions on files outside of the originally intended directory.
PLUGIN
Media Sync
CVE-2026-6670
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6271 - Career Section Plugin
The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated attackers to upload files that may be executable, which makes remote code execution possible.
PLUGIN
Career Section
CVE-2026-6271
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6506 - Infusedwoo Pro Plugin
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to the infusedwoo_gdpr_upddata() function missing authorization and capability checks, as well as lacking restrictions on which user meta keys can be updated. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their own wp_capabilities user meta to grant themselves Administrator role privileges.
PLUGIN
Infusedwoo Pro
CVE-2026-6506
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-5395 - Conversational Form Builder Plugin
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Fluent Forms manager-level access and above, to bypass form-level access restrictions to access submissions from forms they are not authorized to view, export data from arbitrary database tables, and enumerate database table names via error message disclosure.
PLUGIN
Conversational Form Builder
CVE-2026-5395
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6225 - Task Management Tool With Kanban Board Plugin
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'project_search' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Task Management Tool With Kanban Board
CVE-2026-6225
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6252 - Meta Field Block Plugin
The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tagName' block attribute in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Meta Field Block
CVE-2026-6252
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-5365 - Latepoint Plugin
The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 5.3.2. This is due to missing nonce verification on the request_cancellation() function. This makes it possible for unauthenticated attackers to cancel a logged-in customer's bookings via a forged request, granted they can trick the customer into performing an action such as clicking on a link.
PLUGIN
Latepoint
CVE-2026-5365
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-3892 - Classified Listings Plugin
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to set an arbitrary filesystem path via the profile update handler. This makes it possible for authenticated attackers, with subscriber level access and above, to delete arbitrary files on the server.
PLUGIN
Classified Listings
CVE-2026-3892
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-3718 - Managewp Worker Plugin
The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to, and including, 4.9.31. This is due to insufficient input sanitization and output escaping of attacker-controlled header values. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrator visits the plugin's connection management page with debug parameters.
PLUGIN
Managewp Worker
CVE-2026-3718
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-5193 - Widgets Plugin
The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.5.13. This is due to insufficient role validation in the 'register_user' function, which only blocks the 'administrator' role. This makes it possible for authenticated attackers, with author level access and above, to create new user accounts with elevated privileges such as editor.
PLUGIN
Widgets
CVE-2026-5193
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-3694 - Bold Page Builder Plugin
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the bt_bb_button shortcode in all versions up to, and including, 5.6.8. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Bold Page Builder
CVE-2026-3694
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-8181 - Burst Statistics Plugin
The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when validating application passwords from the Authorization header. This makes it possible for unauthenticated attackers, with knowledge of an administrator username, to impersonate that administrator for the duration of the request by supplying any random Basic Authentication password achieving privilege escalation.
PLUGIN
Burst Statistics
CVE-2026-8181
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-5396 - Fluent Forms Plugin
The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is due to the SubmissionPolicy class authorizing submission-level actions (read, modify, delete, add notes) based on a user-supplied `form_id` query parameter. This makes it possible for authenticated attackers, with Fluent Forms Manager access restricted to specific forms, to read, modify status, add notes to, and permanently delete form submissions belonging to any other form by spoofing the form_id parameter to a form they are authorized for.
PLUGIN
Fluent Forms
CVE-2026-5396
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6417 - Gls Shipping For Woocommerce Plugin
The GLS Shipping for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failed_orders' parameter in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Gls Shipping For Woocommerce
CVE-2026-6417
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-5243 - Woocommerce Plugin
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored cross-site scripting via the `menu_hover_click` parameter of the Navigation Menu Lite widget in all versions up to, and including, 6.4.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Woocommerce
CVE-2026-5243
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-3829 - Ssl Scan Plugin
The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wple_basic_get_requests' function in all versions up to, and including, 7.8.5.10. This makes it possible for authenticated attackers, with subscriber level access and above, to reset the SSL setup state, force SSL to appear complete, and modify plan selection options.
PLUGIN
Ssl Scan
CVE-2026-3829
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-7648 - Wordpress Lms Plugin For Create And Sell Online Courses
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key in all versions up to, and including, 4.3.5. This is due to improper handling of user-supplied request parameters in the REST API endpoint, which passes the unsanitized parameter array to the add_to_cart() function where array_merge() allows attacker-controlled values to overwrite hardcoded defaults. This makes it possible for authenticated attackers, with subscriber-level access and above, to enroll in any paid course entirely free of charge by supplying a…
PLUGIN
Wordpress Lms Plugin For Create And Sell Online Courses
CVE-2026-7648
Risk Score