Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-24
CVE-2026-4020 - Gravity Smtp Plugin
The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permission_callback that unconditionally returns true, allowing any unauthenticated visitor to access it. When the ?page=gravitysmtp-settings query parameter is appended, the plugin's register_connector_data() method populates internal connector data, causing the endpoint to return approximately 365 KB of JSON containing the full System Report. This makes it possible for unauthenticated attackers to retrieve detailed system configuration data including PHP…
PLUGIN
Gravity Smtp
CVE-2026-4020
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-5130 - Debugger Troubleshooter Plugin
The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wp_debug_troubleshoot_simulate_user cookie value directly as a user ID without any cryptographic validation or authorization checks. The cookie value was used to override the determine_current_user filter, which allowed unauthenticated attackers to impersonate any user by simply setting the cookie to their target user ID. This made it possible for unauthenticated attackers to gain administrator-level access and perform any privileged actions including creating new…
PLUGIN
Debugger Troubleshooter
CVE-2026-5130
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-3124 - Download Monitor Plugin
The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment() function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary pending orders by exploiting a mismatch between the PayPal transaction token and the local order, allowing theft of paid digital goods by paying a minimal amount for a low-cost item and using that payment token to finalize a high-value order.
PLUGIN
Download Monitor
CVE-2026-3124
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-4987 - Other Custom Form Builder Plugin
The SureForms – Contact Form, Payment Form & Other Custom Form Builder plugin for WordPress is vulnerable to Payment Amount Bypass in all versions up to, and including, 2.5.2. This is due to the create_payment_intent() function performing a payment validation solely based on the value of a user-controlled parameter. This makes it possible for unauthenticated attackers to bypass configured form payment-amount validation and create underpriced payment/subscription intents by setting form_id to 0.
PLUGIN
Other Custom Form Builder
CVE-2026-4987
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-4248 - Ultimate Member Plugin
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the '{usermeta:password_reset_link}' template tag being processed within post content via the '[um_loggedin]' shortcode, which generates a valid password reset token for the currently logged-in user viewing the page. This makes it possible for authenticated attackers, with Contributor-level access and above, to craft a malicious pending post that, when previewed by an Administrator, generates a password reset token for the Administrator and exfiltrates it to an attacker-controlled…
PLUGIN
Ultimate Member
CVE-2026-4248
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-2511 - Js Support Ticket Plugin
The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, and including, 3.0.4. This is due to the user-supplied `multiformid` value being passed to `esc_sql()` without enclosing the result in quotes in the SQL query, rendering the escaping ineffective against payloads that do not contain quote characters. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract…
PLUGIN
Js Support Ticket
CVE-2026-2511
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-2231 - Fluent Booking Plugin
The Fluent Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 2.0.01 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Fluent Booking
CVE-2026-2231
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-4329 - Blackhole Bad Bots Plugin
The Blackhole for Bad Bots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent HTTP header in all versions up to and including 3.8. This is due to insufficient input sanitization and output escaping. The plugin uses sanitize_text_field() when capturing bot data (which strips HTML tags but does not escape HTML entities like double quotes), then stores the data via update_option(). When an administrator views the Bad Bots log page, the stored data is output directly into HTML input value attributes (lines 75-83) without esc_attr() and into…
PLUGIN
Blackhole Bad Bots
CVE-2026-4329
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-2931 - Amelia Booking Plugin
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with customer-level permissions or above to change user passwords and potentially take over administrator accounts. The vulnerability is in the pro plugin, which has the same slug.
PLUGIN
Amelia Booking
CVE-2026-2931
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-3328 - Acf Frontend Form Element Plugin
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via deserialization of the 'post_content' of admin_form posts in all versions up to, and including, 3.28.31. This is due to the use of WordPress's `maybe_unserialize()` function without class restrictions on user-controllable content stored in admin_form post content. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.
PLUGIN
Acf Frontend Form Element
CVE-2026-3328
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-4758 - Wp Job Portal Plugin
The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
PLUGIN
Wp Job Portal
CVE-2026-4758
Risk Score
Threat Entry
Updated 2026-04-29
CVE-2026-32546 - Restrict Content Plugin
Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through
PLUGIN
Restrict Content
CVE-2026-32546
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32545 - Taboola Pixel Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n/a through
PLUGIN
Taboola Pixel
CVE-2026-32545
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32544 - OOPSpam Anti-Spam Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through
PLUGIN
OOPSpam Anti-Spam
CVE-2026-32544
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32542 - Fusion Builder Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
PLUGIN
Fusion Builder
CVE-2026-32542
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32534 - JS Help Desk Plugin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through
PLUGIN
JS Help Desk
CVE-2026-32534
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32538 - SMTP Mailer Plugin
Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through
PLUGIN
SMTP Mailer
CVE-2026-32538
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32537 - Visual Portfolio, Photo Gallery & Post Grid Plugin
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through
PLUGIN
Visual Portfolio, Photo Gallery & Post Grid
CVE-2026-32537
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32540 - Bookly Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through
PLUGIN
Bookly
CVE-2026-32540
Risk Score
Threat Entry
Updated 2026-04-24
CVE-2026-32530 - Creator LMS Plugin
Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through
PLUGIN
Creator LMS
CVE-2026-32530
Risk Score