Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3,039
Critical0
High3,039
Medium0
Reset
Showing 641-660 of 3039 records
Threat Entry Updated 2026-01-08

CVE-2026-21447 - Bagisto Plugin

Bagisto is an open source laravel eCommerce platform. Prior to version 2.3.10, an Insecure Direct Object Reference vulnerability in the customer order reorder function allows any authenticated customer to add items from another customer's order to their own shopping cart by manipulating the order ID parameter. This exposes sensitive purchase information and enables potential fraud. Version 2.3.10 patches the issue.

PLUGIN Bagisto

CVE-2026-21447

HIGH CVSS 7.1 2026-01-02
Open Full Technical Breakdown
Threat Entry Updated 2026-01-08

CVE-2026-21446 - Bagisto Plugin

Bagisto is an open source laravel eCommerce platform. In versions on the 2.3 branch prior to 2.3.10, API routes remain active even after initial installation is complete. The underlying API endpoints (`/install/api/*`) are directly accessible and exploitable without any authentication. An attacker can bypass the Ib installer entirely by calling the API endpoints directly. This allows any unauthenticated attacker to create admin accounts, modify application configurations, and potentially overwrite existing data. Version 2.3.10 fixes the issue.

PLUGIN Bagisto

CVE-2026-21446

HIGH CVSS 8.8 2026-01-02
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-21445 - Langflow Plugin

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data and system operations that should require proper authorization. Version 1.7.0.dev45 contains a patch.

PLUGIN Langflow

CVE-2026-21445

HIGH CVSS 8.8 2026-01-02
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-21433 - Emlog Plugin

Emlog is an open source website building system. Versions up to and including 2.5.19 are vulnerable to server-side Out-of-Band (OOB) requests / SSRF via uploaded SVG files. An attacker can upload a crafted SVG to http[:]//emblog/admin/media[.]php which contains external resource references. When the server processes/renders the SVG (thumbnailing, preview, or sanitization), it issues an HTTP request to the attacker-controlled host. Impact: server-side SSRF/OOB leading to internal network probing and potential metadata/credential exposure. As of time of publication, no known patched versions are available.

PLUGIN Emlog

CVE-2026-21433

HIGH CVSS 7.7 2026-01-02
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-21430 - Emlog Plugin

Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery (CSRF). This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site scripting, leads to account takeover. As of time of publication, no known patched versions are available.

PLUGIN Emlog

CVE-2026-21430

HIGH CVSS 7.0 2026-01-02
Open Full Technical Breakdown
Threat Entry Updated 2026-01-06

CVE-2026-21428 - Cpp Httplib Plugin

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the ``write_headers`` function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add extra headers, modify request body unexpectedly & trigger an SSRF attack. When combined with a server that supports http1.1 pipelining (springboot, python twisted etc), this can be used for server side request forgery (SSRF). Version 0.30.0 fixes this issue.

PLUGIN Cpp Httplib

CVE-2026-21428

HIGH CVSS 7.7 2026-01-01
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2025-28949 - WordPress Core

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codedraft Mediabay - WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay - WordPress Media Library Folders: from n/a through 1.4.

CORE WordPress Core

CVE-2025-28949

HIGH CVSS 8.5 2025-12-31
Open Full Technical Breakdown
Threat Entry Updated 2025-12-31

CVE-2025-14509 - Woo Lucky Wheel Plugin

The Lucky Wheel for WooCommerce – Spin a Sale plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.1.13. This is due to the plugin using eval() to execute user-supplied input from the 'Conditional Tags' setting without proper validation or sanitization. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute arbitrary PHP code on the server. In WordPress multisite installations, this allows Site Administrators to execute arbitrary code, a capability they should not have since plugin/theme file editing…

PLUGIN Woo Lucky Wheel

CVE-2025-14509

HIGH CVSS 7.2 2025-12-30
Open Full Technical Breakdown
Threat Entry Updated 2025-12-31

CVE-2025-13592 - Advanced Ads Plugin

The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the 'change-ad__content' shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server.

PLUGIN Advanced Ads

CVE-2025-13592

HIGH CVSS 7.2 2025-12-29
Open Full Technical Breakdown
Threat Entry Updated 2025-12-29

CVE-2025-13417 - Plugin Organizer

The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before using it in a SQL statement, allowing subscribers to perform SQL injection attacks.

PLUGIN Plugin Organizer

CVE-2025-13417

HIGH CVSS 8.6 2025-12-29
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-12934 - Beaver Builder Lite Version Plugin

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicate_wpml_layout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary posts with the content of other existing posts, potentially exposing private and password-protected content and deleting any content that is not saved in revisions or backups. Posts must have been created with Beaver Builder to be copied or…

PLUGIN Beaver Builder Lite Version

CVE-2025-12934

HIGH CVSS 8.1 2025-12-23
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-14855 - Sureforms Plugin

The SureForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form field parameters in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Sureforms

CVE-2025-14855

HIGH CVSS 7.2 2025-12-21
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-14800 - Redirection For Contact Form 7 Plugin

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'move_file_to_upload' function in all versions up to, and including, 3.2.7. This makes it possible for unauthenticated attackers to copy arbitrary files on the affected site's server. If 'allow_url_fopen' is set to 'On', it is possible to upload a remote file to the server.

PLUGIN Redirection For Contact Form 7

CVE-2025-14800

HIGH CVSS 8.1 2025-12-21
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-9343 - Customer Ticketing System Plugin

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ticket subjects in all versions up to, and including, 3.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Customer Ticketing System

CVE-2025-9343

HIGH CVSS 7.2 2025-12-21
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2025-14071 - Free Wordpress Website Builder Plugin

The Live Composer – Free WordPress Website Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.2 via deserialization of untrusted input in the dslc_module_posts_output shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an…

PLUGIN Free Wordpress Website Builder

CVE-2025-14071

HIGH CVSS 7.5 2025-12-21
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-12980 - Postx Plugin

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the '/ultp/v2/get_dynamic_content/' REST API endpoint in all versions up to, and including, 5.0.3. This makes it possible for unauthenticated attackers to retrieve sensitive user metadata, including password hashes.

PLUGIN Postx

CVE-2025-12980

HIGH CVSS 7.5 2025-12-21
Open Full Technical Breakdown
Threat Entry Updated 2025-12-23

CVE-2025-7782 - Wp Jobhunt Plugin

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.

PLUGIN Wp Jobhunt

CVE-2025-7782

HIGH CVSS 7.6 2025-12-20
Open Full Technical Breakdown
Threat Entry Updated 2025-12-19

CVE-2025-13999 - Audio Player Plugin

The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

PLUGIN Audio Player

CVE-2025-13999

HIGH CVSS 7.2 2025-12-19
Open Full Technical Breakdown
Threat Entry Updated 2025-12-19

CVE-2025-13307 - Ocean Modal Window Plugin

The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set (edit_pages capability). The conditions are then executed as part of an eval statement executed on every site page. This leads to remote code execution.

PLUGIN Ocean Modal Window

CVE-2025-13307

HIGH CVSS 7.2 2025-12-19
Open Full Technical Breakdown
Scroll to top