Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-03-23
CVE-2026-3339 - Keep Backup Daily Plugin
The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the `kbd_open_upload_dir` AJAX action. This is due to insufficient validation of the `kbd_path` parameter, which is only sanitized with `sanitize_text_field()` - a function that does not strip path traversal sequences. This makes it possible for authenticated attackers, with Administrator-level access and above, to list the contents of arbitrary directories on the server outside of the intended uploads directory.
PLUGIN
Keep Backup Daily
CVE-2026-3339
Risk Score
Threat Entry
Updated 2026-03-17
CVE-2026-22210 - Wpdiscuz Plugin
wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through unescaped attachment URLs in HTML output by exploiting the WpdiscuzHelperUpload class. Attackers can craft malicious attachment records or filter hooks to inject arbitrary JavaScript into img and anchor tag attributes, executing code in the context of WordPress users viewing comments.
PLUGIN
Wpdiscuz
CVE-2026-22210
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2026-25423 - Real 3D FlipBook Plugin
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through
PLUGIN
Real 3D FlipBook
CVE-2026-25423
Risk Score
Threat Entry
Updated 2026-02-19
CVE-2025-14270 - Security Plugin
The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the wa_order_number_save_number_field function. This makes it possible for authenticated attackers, with Editor-level access and above, to modify WhatsApp phone numbers used by the plugin, redirecting customer orders and messages to attacker-controlled phone numbers.
PLUGIN
Security
CVE-2025-14270
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1582 - Wp All Export Plugin
The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison (==) instead of strict comparison (===). This makes it possible for unauthenticated attackers to bypass authentication using "magic hash" values when the expected MD5 hash prefix happens to be numeric-looking (matching pattern ^0e\d+$), allowing download of sensitive export files containing PII, business data, or database information.
PLUGIN
Wp All Export
CVE-2026-1582
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-2419 - Wp Downloadmanager Plugin
The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'download_path' configuration parameter. This is due to insufficient validation of the download path setting, which allows directory traversal sequences to bypass the WP_CONTENT_DIR prefix check. This makes it possible for authenticated attackers, with Administrator-level access and above, to configure the plugin to list and access arbitrary files on the server by exploiting the file browser functionality.
PLUGIN
Wp Downloadmanager
CVE-2026-2419
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1831 - YayMail – WooCommerce Email Customizer Plugin
The YayMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized plugin installation and activation due to missing capability checks on the 'yaymail_install_yaysmtp' AJAX action and `/yaymail/v1/addons/activate` REST endpoint in all versions up to, and including, 4.3.2. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to install and activate the YaySMTP plugin.
PLUGIN
YayMail – WooCommerce Email Customizer
CVE-2026-1831
Risk Score
Threat Entry
Updated 2026-01-27
CVE-2026-24656 - Apache Karaf Decanter Plugin
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to deserialization of untrusted data, eventually causing DoS. NB: Decanter log socket collector is not installed by default. Users who have not installed Decanter log socket are not impacted by this issue. This issue affects Apache Karaf Decanter before 2.12.0. Users are recommended to upgrade to version 2.12.0, which…
PLUGIN
Apache Karaf Decanter
CVE-2026-24656
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0633 - Custom Form Builder For Elementor Plugin
The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.1.0. This is due to the use of a forgeable cookie value derived only from the entry ID and current user ID without a server-side secret. This makes it possible for unauthenticated attackers to access form submission entry data via MetForm shortcodes for entries created within the transient TTL (default is 15 minutes).
PLUGIN
Custom Form Builder For Elementor
CVE-2026-0633
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0682 - Church Admin Plugin
The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient validation of user-supplied URLs in the 'audio_url' parameter. This makes it possible for authenticated attackers, with Administrator-level access, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Church Admin
CVE-2026-0682
Risk Score
Threat Entry
Updated 2026-02-09
CVE-2026-22782 - Rustfs Plugin
RustFS is a distributed object storage system built in Rust. From >= 1.0.0-alpha.1 to 1.0.0-alpha.79, invalid RPC signatures cause the server to log the shared HMAC secret (and expected signature), which exposes the secret to log readers and enables forged RPC calls. In crates/ecstore/src/rpc/http_auth.rs, the invalid signature branch logs sensitive data. This log line includes secret and expected_signature, both derived from the shared HMAC key. Any invalidly signed request triggers this path. The function is reachable from RPC and admin request handlers. This vulnerability is fixed in 1.0.0-alpha.80.
PLUGIN
Rustfs
CVE-2026-22782
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-0989 - Red Hat Enterprise Linux 10 Plugin
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.
PLUGIN
Red Hat Enterprise Linux 10
CVE-2026-0989
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-0992 - Red Hat Enterprise Linux 10 Plugin
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.
PLUGIN
Red Hat Enterprise Linux 10
CVE-2026-0992
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2026-22920 - TDC-X401GL Plugin
The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks.
PLUGIN
TDC-X401GL
CVE-2026-22920
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2026-22919 - TDC-X401GL Plugin
An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to the extraction of sensitive data.
PLUGIN
TDC-X401GL
CVE-2026-22919
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-0976 - Red Hat Build of Keycloak Plugin
A flaw was found in Keycloak. This improper input validation vulnerability occurs because Keycloak accepts RFC-compliant matrix parameters in URL path segments, while common reverse proxy configurations may ignore or mishandle them. A remote attacker can craft requests to mask path segments, potentially bypassing proxy-level path filtering. This could expose administrative or sensitive endpoints that operators believe are not externally reachable.
PLUGIN
Red Hat Build of Keycloak
CVE-2026-0976
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2025-14457 - Drag And Drop Multiple File Upload For Contact Form 7 Plugin
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing ownership check in the dnd_codedropz_upload_delete() function in all versions up to, and including, 1.3.9.2. This makes it possible for unauthenticated attackers to delete arbitrary uploaded files when the "Send attachments as links" setting is enabled.
PLUGIN
Drag And Drop Multiple File Upload For Contact Form 7
CVE-2025-14457
Risk Score
Threat Entry
Updated 2026-01-16
CVE-2026-23497 - Lms Plugin
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages.
PLUGIN
Lms
CVE-2026-23497
Risk Score
Threat Entry
Updated 2026-01-23
CVE-2026-21889 - Weblate Plugin
Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2.
PLUGIN
Weblate
CVE-2026-21889
Risk Score
Threat Entry
Updated 2026-02-20
CVE-2026-0403 - RBE970 Plugin
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.
PLUGIN
RBE970
CVE-2026-0403
Risk Score