Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3,629
Critical0
High3,629
Medium0
Reset
Showing 281-300 of 3629 records
Threat Entry Updated 2026-04-29

CVE-2026-32484 - weForms Plugin

Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through

PLUGIN weForms

CVE-2026-32484

HIGH CVSS 8.8 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-32488 - User Registration Plugin

Incorrect Privilege Assignment vulnerability in wpeverest User Registration user-registration allows Privilege Escalation.This issue affects User Registration: from n/a through

PLUGIN User Registration

CVE-2026-32488

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-29

CVE-2026-32441 - Comments Import & Export Plugin

Missing Authorization vulnerability in WebToffee Comments Import & Export comments-import-export-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comments Import & Export: from n/a through

PLUGIN Comments Import & Export

CVE-2026-32441

HIGH CVSS 7.7 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-29

CVE-2026-32485 - WP User Frontend Plugin

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through

PLUGIN WP User Frontend

CVE-2026-32485

HIGH CVSS 7.5 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-31913 - Scape Plugin

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through < 1.5.16.

PLUGIN Scape

CVE-2026-31913

HIGH CVSS 8.6 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-29

CVE-2026-31921 - Product Rearrange for WooCommerce Plugin

Missing Authorization vulnerability in Devteam HaywoodTech Product Rearrange for WooCommerce products-rearrange-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Rearrange for WooCommerce: from n/a through

PLUGIN Product Rearrange for WooCommerce

CVE-2026-31921

HIGH CVSS 8.2 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27088 - Darna Framework Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through

PLUGIN Darna Framework

CVE-2026-27088

HIGH CVSS 7.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27087 - Wolverine Framework Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through

PLUGIN Wolverine Framework

CVE-2026-27087

HIGH CVSS 7.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27081 - Rosebud Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through

PLUGIN Rosebud

CVE-2026-27081

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27080 - Deston Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from n/a through

PLUGIN Deston

CVE-2026-27080

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27079 - Amfissa Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Amfissa amfissa allows PHP Local File Inclusion.This issue affects Amfissa: from n/a through

PLUGIN Amfissa

CVE-2026-27079

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27078 - Emaurri Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through

PLUGIN Emaurri

CVE-2026-27078

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27077 - MultiOffice Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes MultiOffice multioffice allows PHP Local File Inclusion.This issue affects MultiOffice: from n/a through

PLUGIN MultiOffice

CVE-2026-27077

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27076 - LuxeDrive Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through

PLUGIN LuxeDrive

CVE-2026-27076

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27075 - Belfort Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Belfort belfort allows PHP Local File Inclusion.This issue affects Belfort: from n/a through

PLUGIN Belfort

CVE-2026-27075

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27048 - The Aisle Core Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes The Aisle Core theaisle-core allows PHP Local File Inclusion.This issue affects The Aisle Core: from n/a through

PLUGIN The Aisle Core

CVE-2026-27048

HIGH CVSS 8.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27054 - Penci Soledad Data Migrator Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Soledad Data Migrator penci-data-migrator allows Reflected XSS.This issue affects Penci Soledad Data Migrator: from n/a through

PLUGIN Penci Soledad Data Migrator

CVE-2026-27054

HIGH CVSS 7.1 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27045 - WooCommerce Infinite Scroll Plugin

Deserialization of Untrusted Data vulnerability in sbthemes WooCommerce Infinite Scroll sb-woocommerce-infinite-scroll allows Object Injection.This issue affects WooCommerce Infinite Scroll: from n/a through

PLUGIN WooCommerce Infinite Scroll

CVE-2026-27045

HIGH CVSS 8.8 2026-03-25
Open Full Technical Breakdown
Threat Entry Updated 2026-04-24

CVE-2026-27040 - WZone Plugin

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through

PLUGIN WZone

CVE-2026-27040

HIGH CVSS 8.8 2026-03-25
Open Full Technical Breakdown
Scroll to top