Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-06-05
CVE-2026-10580 - Hippoo Mobile App For Woocommerce Plugin
The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to and including 1.9.4. This is due to a logic conflation in HippooPermissions::get_user_permissions(), which returns the same null sentinel for both administrators and unauthenticated visitors — a value that HippooPermissions::has_role_access() unconditionally interprets as full administrator access — causing override_extension_permission_callback() to assign __return_true as the permission callback for every WordPress and WooCommerce REST route cloned under /wc-hippoo/v1/ext/ by HippooControllerWithAuth::re_register_external_routes(), while the block_unauthorized_access() pre-dispatch guard fails to block unauthenticated…
PLUGIN
Hippoo Mobile App For Woocommerce
CVE-2026-10580
Risk Score
Threat Entry
Updated 2026-06-05
CVE-2026-49777 - Product Slider Pro for WooCommerce Plugin
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fix to an existing release without publishing a new version. While the patch provided by the vendor is valid, releasing it under the existing version number leaves users unable to reliably determine whether they are running a patched or vulnerable installation. As a result, we treat this…
PLUGIN
Product Slider Pro for WooCommerce
CVE-2026-49777
Risk Score
Threat Entry
Updated 2026-06-02
CVE-2026-5076 - Armember Premium Plugin
The ARMember Premium plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 7.3.1. The plugin stores a plaintext copy of the password reset key in the `arm_reset_password_key` user meta field when a user requests a password reset. This is in addition to the hashed key that WordPress core stores securely in `wp_users.user_activation_key`. The plaintext key stored in `wp_usermeta` can be used with the plugin's custom `armrp` reset action to set a new password for any user. Combined with another vulnerability such…
PLUGIN
Armember Premium
CVE-2026-5076
Risk Score
Threat Entry
Updated 2026-06-02
CVE-2026-0611 - WordPress component
Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by supplying valid .NET URI endpoints. Attackers can write ASPX webshells to the IIS wwwroot directory to achieve unauthenticated remote code execution on the system. Port 8989 is not exposed in a default Sentinel installation; exploitation requires that the .NET Remoting port has been explicitly made network-accessible through deliberate configuration…
UNKNOWN
WordPress component
CVE-2026-0611
Risk Score
Threat Entry
Updated 2026-06-02
CVE-2026-42684 - WP Job Portal Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1.
PLUGIN
WP Job Portal
CVE-2026-42684
Risk Score
Threat Entry
Updated 2026-06-02
CVE-2026-8206 - Kirki Plugin
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions 6.0.0 to 6.0.6. This is due to the plugin accepting an arbitrary email address when a username is used in the password reset request. This makes it possible for unauthenticated attackers to send a password reset link for any user registered on the site to their own email address.
PLUGIN
Kirki
CVE-2026-8206
Risk Score
Threat Entry
Updated 2026-06-01
CVE-2026-42672 - WP Directory Kit Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.1.
PLUGIN
WP Directory Kit
CVE-2026-42672
Risk Score
Threat Entry
Updated 2026-06-01
CVE-2026-48879 - AIWU Plugin
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17.
PLUGIN
AIWU
CVE-2026-48879
Risk Score
Threat Entry
Updated 2026-06-01
CVE-2026-48866 - Gravity Forms Plugin
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1.
PLUGIN
Gravity Forms
CVE-2026-48866
Risk Score
Threat Entry
Updated 2026-06-01
CVE-2026-42682 - wpForo Forum Plugin
Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6.
PLUGIN
wpForo Forum
CVE-2026-42682
Risk Score
Threat Entry
Updated 2026-06-01
CVE-2026-42680 - Contest Gallery Pro Plugin
Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a through 29.0.1.
PLUGIN
Contest Gallery Pro
CVE-2026-42680
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-4290 - Wp Travel Pro Plugin
The WP Travel Pro plugin for WordPress is vulnerable to arbitrary user deletion via the /wp-json/wp-travel/v1/travel-guide/{user_id} REST API endpoint in all versions up to, and including, 10.6.0. This is due to the check_permission() callback unconditionally returning true and the Database::delete() method passing the user ID directly to wp_delete_user() without any role validation. This makes it possible for unauthenticated attackers to delete arbitrary user accounts, including those of administrators.
PLUGIN
Wp Travel Pro
CVE-2026-4290
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-3655 - Login With Phone Number Plugin
The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through 1.8.60. This is due to the Firebase verification flow in the `lwp_ajax_register` AJAX handler not binding the Firebase session to the phone number supplied in the request. The `idehweb_lwp_activate_through_firebase()` function validates that a Firebase OTP session is legitimate, but the `phoneNumber` returned by Firebase is never compared against the victim's stored phone number. This makes it possible for unauthenticated attackers to authenticate as any user who has a phone number…
PLUGIN
Login With Phone Number
CVE-2026-3655
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-8732 - Wp Maps Pro Plugin
The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmp_temp_access_ajax AJAX action being registered with wp_ajax_nopriv_ and protected only by a nonce check using the fc-call-nonce nonce, which is publicly embedded into every frontend page via wp_localize_script as the nonce field of the wpgmp_local JavaScript object, rendering the check ineffective as an access control mechanism. This makes it possible for unauthenticated attackers to invoke the wpgmp_temp_access_support handler with check_temp=false, which…
PLUGIN
Wp Maps Pro
CVE-2026-8732
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-8809 - Acf Extended Plugin
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation via Validation Bypass in all versions up to and including 0.9.2.5. The vulnerability exists due to the after_validate_save_post() function unconditionally trusting the attacker-controlled _acf_post_id POST parameter — with no authentication or integrity verification — to select a cleanup branch that silently discards all validation errors not prefixed with acfe:. This makes it possible for unauthenticated attackers to suppress both the role allow-list validation error added by acfe_field_user_roles::validate_front_value() and the administrator-role capability guard error added by acfe_module_form_action_user::validate_action(), causing…
PLUGIN
Acf Extended
CVE-2026-8809
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-38707 - WordPress component
A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
UNKNOWN
WordPress component
CVE-2026-38707
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-38704 - WordPress component
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
UNKNOWN
WordPress component
CVE-2026-38704
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-38703 - WordPress component
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
UNKNOWN
WordPress component
CVE-2026-38703
Risk Score
Threat Entry
Updated 2026-05-29
CVE-2026-38702 - WordPress component
A command injection vulnerability exists in the Admin Access feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target devices.
UNKNOWN
WordPress component
CVE-2026-38702
Risk Score
Threat Entry
Updated 2026-05-27
CVE-2026-42757 - WebinarIgnition Plugin
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through < 4.08.253.
PLUGIN
WebinarIgnition
CVE-2026-42757
Risk Score