Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total917
Critical917
High0
Medium0
Reset
Showing 21-40 of 917 records
Threat Entry Updated 2026-03-11

CVE-2026-0953 - Tutor LMS Pro Theme

The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that the email provided in the authentication request matches the email from the validated OAuth token. This makes it possible for unauthenticated attackers to log in as any existing user, including administrators, by supplying a valid OAuth token from their own account along with the victim's email address.

THEME Tutor LMS Pro

CVE-2026-0953

CRITICAL CVSS 9.8 2026-03-10
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-2446 - Powerpack For Learndash Plugin

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

PLUGIN Powerpack For Learndash

CVE-2026-2446

CRITICAL CVSS 9.8 2026-03-06
Open Full Technical Breakdown
Threat Entry Updated 2026-03-05

CVE-2026-2599 - Contact Form Entries Plugin

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input in the 'download_csv' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme…

PLUGIN Contact Form Entries

CVE-2026-2599

CRITICAL CVSS 9.8 2026-03-05
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-2418 - Login With Salesforce Plugin

The Login with Salesforce WordPress plugin through 1.0.2 does not validate that users are allowed to login through Salesforce, allowing unauthenticated users to be authenticated as any user (such as admin) by simply knowing the email

PLUGIN Login With Salesforce

CVE-2026-2418

CRITICAL CVSS 9.1 2026-03-05
Open Full Technical Breakdown
Threat Entry Updated 2026-03-06

CVE-2026-28043 - Healer - Doctor, Clinic & Medical WordPress Theme

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a through

THEME Healer - Doctor, Clinic & Medical WordPress Theme

CVE-2026-28043

CRITICAL CVSS 9.8 2026-03-05
Open Full Technical Breakdown
Threat Entry Updated 2026-03-10

CVE-2026-22390 - Builderall Builder for WordPress Plugin

Improper Control of Generation of Code ('Code Injection') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through

PLUGIN Builderall Builder for WordPress

CVE-2026-22390

CRITICAL CVSS 9.9 2026-03-05
Open Full Technical Breakdown
Threat Entry Updated 2026-03-03

CVE-2026-1492 - User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Plugin

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a user-supplied role during membership registration without properly enforcing a server-side allowlist. This makes it possible for unauthenticated attackers to create administrator accounts by supplying a role value during membership registration.

PLUGIN User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

CVE-2026-1492

CRITICAL CVSS 9.8 2026-03-03
Open Full Technical Breakdown
Threat Entry Updated 2026-03-03

CVE-2026-2628 - All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login Plugin

The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators.

PLUGIN All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login

CVE-2026-2628

CRITICAL CVSS 9.8 2026-03-03
Open Full Technical Breakdown
Threat Entry Updated 2026-03-02

CVE-2026-2251 - Xerox FreeFlow Core Plugin

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads

PLUGIN Xerox FreeFlow Core

CVE-2026-2251

CRITICAL CVSS 9.8 2026-02-27
Open Full Technical Breakdown
Threat Entry Updated 2026-02-27

CVE-2025-12981 - Listee Theme

The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This makes it possible for unauthenticated attackers to register as Administrator by manipulating the user_role parameter during registration.

THEME Listee

CVE-2025-12981

CRITICAL CVSS 9.8 2026-02-27
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-23693 - Elementskit Lite Plugin

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor (elementskit-lite) WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API credentials and insufficiently validates certain parameters, including the list parameter, when constructing upstream Mailchimp API requests. An unauthenticated attacker can abuse the endpoint as an open proxy to Mailchimp, potentially triggering unauthorized API calls, manipulating subscription data, exhausting API quotas, or causing resource consumption on the affected WordPress site.

PLUGIN Elementskit Lite

CVE-2026-23693

CRITICAL CVSS 9.3 2026-02-23
Open Full Technical Breakdown
Threat Entry Updated 2026-02-23

CVE-2026-24956 - Download Manager Addons for Elementor Plugin

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This issue affects Download Manager Addons for Elementor: from n/a through

PLUGIN Download Manager Addons for Elementor

CVE-2026-24956

CRITICAL CVSS 9.3 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22365 - Soleng Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through

PLUGIN Soleng

CVE-2026-22365

CRITICAL CVSS 9.8 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-23549 - WpEvently Plugin

Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Object Injection.This issue affects WpEvently: from n/a through

PLUGIN WpEvently

CVE-2026-23549

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-23542 - Grand Restaurant Plugin

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through

PLUGIN Grand Restaurant

CVE-2026-23542

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-1994 - s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions Plugin

The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 260127. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

PLUGIN s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions

CVE-2026-1994

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-1405 - Slider Future Plugin

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'slider_future_handle_image_upload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

PLUGIN Slider Future

CVE-2026-1405

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-0926 - Prodigy Commerce Plugin

The Prodigy Commerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'parameters[template_name]' parameter. This makes it possible for unauthenticated attackers to include and read arbitrary files or execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

PLUGIN Prodigy Commerce

CVE-2026-0926

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2025-13851 - Buyent Classified Plugin

The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This makes it possible for unauthenticated attackers to register accounts with arbitrary roles, including administrator, by manipulating the _buyent_classified_user_type parameter during the registration process, granting them complete control over the WordPress site.

PLUGIN Buyent Classified

CVE-2025-13851

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2025-13563 - Lizza Lms Pro Plugin

The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the 'lizza_lms_pro_register_user_front_end' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.

PLUGIN Lizza Lms Pro

CVE-2025-13563

CRITICAL CVSS 9.8 2026-02-19
Open Full Technical Breakdown
Scroll to top