Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-05-26
CVE-2026-42773 - eMagicOne Store Manager Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2.
PLUGIN
eMagicOne Store Manager
CVE-2026-42773
Risk Score
Threat Entry
Updated 2026-05-22
CVE-2026-6960 - BookingPress Appointment Booking Pro Plugin
The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to, and including, 5.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a signature custom field is added to the booking form.
PLUGIN
BookingPress Appointment Booking Pro
CVE-2026-6960
Risk Score
Threat Entry
Updated 2026-05-21
CVE-2026-39531 - WP Directory Kit Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.0.
PLUGIN
WP Directory Kit
CVE-2026-39531
Risk Score
Threat Entry
Updated 2026-05-21
CVE-2026-5118 - Divi Form Builder Plugin
The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin accepting a user-controlled 'role' parameter from POST data during user registration without validating it against the form's configured default_user_role setting. This makes it possible for unauthenticated attackers to create administrator accounts by tampering with the role parameter during registration.
PLUGIN
Divi Form Builder
CVE-2026-5118
Risk Score
Threat Entry
Updated 2026-05-21
CVE-2026-6279 - Fusion Builder Plugin
The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function Injection in versions up to and including 3.15.2. This is due to the `wp_conditional_tags` case in `Fusion_Builder_Conditional_Render_Helper::get_value()` passing attacker-controlled values from a base64-decoded JSON blob directly to `call_user_func()` without any allowlist validation. This is exploitable by unauthenticated attackers through the `fusion_get_widget_markup` AJAX endpoint, which is registered for non-privileged (unauthenticated) users via `wp_ajax_nopriv_fusion_get_widget_markup`. The endpoint is protected only by a nonce (`fusion_load_nonce`), but this nonce is generated for user ID 0 and is deterministically…
PLUGIN
Fusion Builder
CVE-2026-6279
Risk Score
Threat Entry
Updated 2026-05-21
CVE-2026-45444 - Gift Cards For WooCommerce Pro Plugin
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6.
PLUGIN
Gift Cards For WooCommerce Pro
CVE-2026-45444
Risk Score
Threat Entry
Updated 2026-05-20
CVE-2026-9065 - WordPress Core
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integration_id', 'provider') on the REST API endpoint '/surecart/v1/integrations/{id}'. The root cause is a flawed escaping bypass in the query builder ('wp-query-builder'). Values passed to the 'where()' method are only sanitized via '$wpdb->prepare()' when they do **not** contain a dot ('.') or the WordPress table prefix ('wp_'). By including a dot anywhere in the payload, an attacker completely bypasses the escaping logic and injects arbitrary SQL into the 'WHERE' clause, allowing full UNION-based extraction of…
CORE
WordPress Core
CVE-2026-9065
Risk Score
Threat Entry
Updated 2026-05-20
CVE-2026-7637 - Boost Plugin
The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST_USER_LOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow…
PLUGIN
Boost
CVE-2026-7637
Risk Score
Threat Entry
Updated 2026-05-20
CVE-2026-7284 - Easy Elements Plugin
The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.4.4. This is due to the 'easyel_handle_register' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.
PLUGIN
Easy Elements
CVE-2026-7284
Risk Score
Threat Entry
Updated 2026-05-20
CVE-2026-6555 - Prosolution Wp Client Plugin
The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and uploaded to a web-accessible directory. This makes it possible for unauthenticated attackers to upload malicious PHP files and achieve remote code execution by sending a valid first file followed by a malicious file.
PLUGIN
Prosolution Wp Client
CVE-2026-6555
Risk Score
Threat Entry
Updated 2026-05-19
CVE-2026-4883 - Piotnet Forms Plugin
The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in all versions up to, and including, 2.1.40. The plugin uses an incomplete extension blacklist that only blocks php, phpt, php5, php7, and exe extensions, while allowing dangerous extensions such as .phar or .phtml to be uploaded. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The exploit can only be exploited if…
PLUGIN
Piotnet Forms
CVE-2026-4883
Risk Score
Threat Entry
Updated 2026-05-19
CVE-2026-4885 - Piotnet Addons For Elementor Pro Plugin
The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafe_ajax_form_builder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only blocks php, phpt, php5, php7, and exe extensions, while allowing dangerous extensions such as .phar or .phtml to be uploaded. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The exploit can only…
PLUGIN
Piotnet Addons For Elementor Pro
CVE-2026-4885
Risk Score
Threat Entry
Updated 2026-05-15
CVE-2026-5229 - Form Notify Plugin
The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email address (which is common), the plugin falls back to reading the 'form_notify_line_email' cookie value without verifying that the LINE account is associated with that email address. This makes it possible for unauthenticated attackers to gain access to any user account on the site, including…
PLUGIN
Form Notify
CVE-2026-5229
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6512 - Infusedwoo Pro Plugin
The InfusedWoo Pro plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to permanently delete arbitrary posts, pages, products, or orders, mass-delete all comments on any post, and change any post's status.
PLUGIN
Infusedwoo Pro
CVE-2026-6512
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6510 - Infusedwoo Pro Plugin
The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwar_save_recipe() AJAX handler. This makes it possible for unauthenticated attackers to create a malicious automation recipe that pairs an HTTP post trigger with an auto-login action, allowing any unauthenticated visitor to visit a crafted URL and receive authentication cookies for any targeted user account (e.g., administrator), achieving complete authentication bypass and privilege escalation.
PLUGIN
Infusedwoo Pro
CVE-2026-6510
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-6271 - Career Section Plugin
The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated attackers to upload files that may be executable, which makes remote code execution possible.
PLUGIN
Career Section
CVE-2026-6271
Risk Score
Threat Entry
Updated 2026-05-14
CVE-2026-8181 - Burst Statistics Plugin
The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the `is_mainwp_authenticated()` function when validating application passwords from the Authorization header. This makes it possible for unauthenticated attackers, with knowledge of an administrator username, to impersonate that administrator for the duration of the request by supplying any random Basic Authentication password achieving privilege escalation.
PLUGIN
Burst Statistics
CVE-2026-8181
Risk Score
Threat Entry
Updated 2026-05-05
CVE-2026-40797 - WebinarIgnition Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253.
PLUGIN
WebinarIgnition
CVE-2026-40797
Risk Score
Threat Entry
Updated 2026-05-05
CVE-2026-5294 - Geeky Bot Plugin
The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files into wp-content/plugins/. This makes it possible for unauthenticated attackers to perform arbitrary plugin installation and achieve remote code execution.
PLUGIN
Geeky Bot
CVE-2026-5294
Risk Score
Threat Entry
Updated 2026-05-05
CVE-2026-5722 - Smart Wishlist For More Convert Plugin
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible for unauthenticated attackers to authenticate as existing users, including administrators, by obtaining a valid guest verification token for an attacker-controlled email, changing the same guest customer email to the target account email through the public waitlist flow, and then using the original verification link.
PLUGIN
Smart Wishlist For More Convert
CVE-2026-5722
Risk Score