Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3,023
Critical0
High3,023
Medium0
Reset
Showing 141-160 of 3023 records
Threat Entry Updated 2026-02-20

CVE-2026-24959 - JS Help Desk Plugin

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through

PLUGIN JS Help Desk

CVE-2026-24959

HIGH CVSS 8.5 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-24950 - Authorsy Plugin

Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through

PLUGIN Authorsy

CVE-2026-24950

HIGH CVSS 7.5 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-24955 - Whizz Plugins

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Whizz Plugins whizz-plugins allows Reflected XSS.This issue affects Whizz Plugins: from n/a through

PLUGIN Whizz Plugins

CVE-2026-24955

HIGH CVSS 7.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-23

CVE-2026-24949 - PhotoMe Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through

PLUGIN PhotoMe

CVE-2026-24949

HIGH CVSS 7.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-24948 - Reflector Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Reflector reflector-plugins allows Reflected XSS.This issue affects Reflector: from n/a through

PLUGIN Reflector

CVE-2026-24948

HIGH CVSS 7.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22384 - Applay - Shortcodes Plugin

Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through

PLUGIN Applay - Shortcodes

CVE-2026-22384

HIGH CVSS 8.8 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-24941 - WP Job Portal Plugin

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through

PLUGIN WP Job Portal

CVE-2026-24941

HIGH CVSS 7.5 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-23

CVE-2026-24943 - Grand Conference Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Conference grandconference allows Reflected XSS.This issue affects Grand Conference: from n/a through

PLUGIN Grand Conference

CVE-2026-24943

HIGH CVSS 7.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-04-15

CVE-2026-22381 - PawFriends - Pet Shop and Veterinary WordPress Theme

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows PHP Local File Inclusion.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through

THEME PawFriends - Pet Shop and Veterinary WordPress Theme

CVE-2026-22381

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22380 - UnlimHost Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UnlimHost unlimhost allows PHP Local File Inclusion.This issue affects UnlimHost: from n/a through

PLUGIN UnlimHost

CVE-2026-22380

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22379 - Netmix Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Netmix netmix allows PHP Local File Inclusion.This issue affects Netmix: from n/a through

PLUGIN Netmix

CVE-2026-22379

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22378 - Blabber Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through

PLUGIN Blabber

CVE-2026-22378

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22377 - Saveo Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Saveo saveo allows PHP Local File Inclusion.This issue affects Saveo: from n/a through

PLUGIN Saveo

CVE-2026-22377

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22376 - Parkivia Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Parkivia parkivia allows PHP Local File Inclusion.This issue affects Parkivia: from n/a through

PLUGIN Parkivia

CVE-2026-22376

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22375 - Impacto Patronus Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusion.This issue affects Impacto Patronus: from n/a through

PLUGIN Impacto Patronus

CVE-2026-22375

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22374 - Zio Alberto Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through

PLUGIN Zio Alberto

CVE-2026-22374

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22373 - Fooddy Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through

PLUGIN Fooddy

CVE-2026-22373

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22372 - Isida Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Isida isida allows PHP Local File Inclusion.This issue affects Isida: from n/a through

PLUGIN Isida

CVE-2026-22372

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-24

CVE-2026-22371 - Gustavo Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through

PLUGIN Gustavo

CVE-2026-22371

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-22370 - Marveland Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Marveland marveland allows PHP Local File Inclusion.This issue affects Marveland: from n/a through

PLUGIN Marveland

CVE-2026-22370

HIGH CVSS 8.1 2026-02-20
Open Full Technical Breakdown
Scroll to top