Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Search results

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total5
Critical0
High1
Medium4
Reset
Showing 1-5 of 5 records
Threat Entry Updated 2026-05-07

CVE-2026-27329 - YITH WooCommerce Wishlist Plugin

Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooCommerce Wishlist: from n/a through 4.12.0.

PLUGIN YITH WooCommerce Wishlist

CVE-2026-27329

MEDIUM CVSS 5.3 2026-05-07
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-27326 - AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme: from n/a through

THEME AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme

CVE-2026-27326

HIGH CVSS 8.1 2026-03-05
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-2732 - Enable Media Replace Plugin

The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'RemoveBackGroundViewController::load' function in all versions up to, and including, 4.1.7. This makes it possible for authenticated attackers, with Author-level access and above, to replace any attachment with a removed background attachment.

PLUGIN Enable Media Replace

CVE-2026-2732

MEDIUM CVSS 5.4 2026-03-04
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-27328 - EduBlink Plugin

Missing Authorization vulnerability in DevsBlink EduBlink edublink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EduBlink: from n/a through

PLUGIN EduBlink

CVE-2026-27328

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-27327 - YayMail – WooCommerce Email Customizer Plugin

Missing Authorization vulnerability in YayCommerce YayMail – WooCommerce Email Customizer yaymail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YayMail – WooCommerce Email Customizer: from n/a through

PLUGIN YayMail – WooCommerce Email Customizer

CVE-2026-27327

MEDIUM CVSS 4.3 2026-02-19
Open Full Technical Breakdown
Scroll to top