Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-03-19
CVE-2026-2571 - Download Manager Plugin
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'reviewUserStatus' function in all versions up to, and including, 3.3.49. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive information for any user on the site including email addresses, display names, and registration dates.
PLUGIN
Download Manager
CVE-2026-2571
Risk Score
Threat Entry
Updated 2026-03-19
CVE-2026-2512 - Simple Embed Code Plugin
The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field meta values in all versions up to, and including, 2.5.1. This is due to the plugin's sanitization function `sec_check_post_fields()` only running on the `save_post` hook, while WordPress allows custom fields to be added via the `wp_ajax_add_meta` AJAX endpoint without triggering `save_post`. The `ce_filter()` function then outputs these unsanitized meta values directly into page content without escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages…
PLUGIN
Simple Embed Code
CVE-2026-2512
Risk Score
Threat Entry
Updated 2026-03-19
CVE-2026-2559 - Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Plugin
The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `handle_office365_oauth_redirect()` function in all versions up to, and including, 3.8.0. This is due to the function being hooked to `admin_init` without any `current_user_can()` check or nonce verification. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the site's Office 365 OAuth mail configuration (access token, refresh token, and user email) via a crafted URL. The configuration option is used during wizard setup of Microsoft365…
PLUGIN
Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App
CVE-2026-2559
Risk Score
Threat Entry
Updated 2026-03-18
CVE-2026-1217 - Duplicate Post Plugin
The Yoast Duplicate Post plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clone_bulk_action_handler() and republish_request() functions in all versions up to, and including, 4.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate any post on the site including private, draft, and trashed posts they shouldn't have access to. Additionally, attackers with Author-level access and above can use the Rewrite & Republish feature to overwrite any published post with their own content.
PLUGIN
Duplicate Post
CVE-2026-1217
Risk Score
Threat Entry
Updated 2026-03-18
CVE-2026-3512 - Writeprint Stylometry Plugin
The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjl_wprintstylo_comments_nav() function. The function directly outputs the $_GET['p'] parameter into an HTML href attribute without any escaping. This makes it possible for authenticated attackers with Contributor-level permissions or higher to inject arbitrary web scripts in pages that execute if they can successfully trick another user into performing an action such as clicking on…
PLUGIN
Writeprint Stylometry
CVE-2026-3512
Risk Score
Threat Entry
Updated 2026-03-18
CVE-2026-1780 - [CR]Paid Link Manager Plugin
The [CR]Paid Link Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
[CR]Paid Link Manager
CVE-2026-1780
Risk Score
Threat Entry
Updated 2026-03-18
CVE-2026-1926 - Subscriptions For Woocommerce Plugin
The Subscriptions for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `wps_sfw_admin_cancel_susbcription()` function in all versions up to, and including, 1.9.2. This is due to the function being hooked to the `init` action without any authentication or authorization checks, and only performing a non-empty check on the nonce parameter without actually validating it via `wp_verify_nonce()`. This makes it possible for unauthenticated attackers to cancel any active WooCommerce subscription by sending a crafted GET request with an arbitrary nonce value…
PLUGIN
Subscriptions For Woocommerce
CVE-2026-1926
Risk Score
Threat Entry
Updated 2026-03-18
CVE-2026-4268 - Wp Google Maps Plugin
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpgmza_custom_js’ parameter in all versions up to, and including, 10.0.05 due to insufficient input sanitization and output escaping and missing capability check in the 'admin_post_wpgmza_save_settings' hook anonymous function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Google Maps
CVE-2026-4268
Risk Score
Threat Entry
Updated 2026-03-17
CVE-2026-2373 - Addons And Templates Kit For Elementor Plugin
The Royal Addons for Elementor – Addons and Templates Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1049 via the get_main_query_args() function due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract contents of non-public custom post types, such as Contact Form 7 submissions or WooCommerce coupons.
PLUGIN
Addons And Templates Kit For Elementor
CVE-2026-2373
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-2233 - User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration Plugin
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draft_post() function in all versions up to, and including, 4.2.8. This makes it possible for unauthenticated attackers to modify arbitrary posts (e.g. unpublish published posts and overwrite the contents) via the 'post_id' parameter.
PLUGIN
User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
CVE-2026-2233
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-1948 - NEX-Forms – Ultimate Forms Plugin for WordPress
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_license() function in all versions up to, and including, 9.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to to deactivate the plugin license.
PLUGIN
NEX-Forms – Ultimate Forms Plugin for WordPress
CVE-2026-1948
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-1883 - And Custom Post Types Plugin
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the delete_folders() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary folders created by other users.
PLUGIN
And Custom Post Types
CVE-2026-1883
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-1870 - Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor Plugin
The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to disclose private or draft LearnPress course content by supplying post_status in the params_url payload.
PLUGIN
Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor
CVE-2026-1870
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-4063 - Social Icons Widget & Block – Social Media Icons & Share Buttons Plugin
The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the add_menu_item() method hooked to admin_menu in all versions up to, and including, 4.5.8. This is due to the method performing wp_insert_post() and update_post_meta() calls to create a sharing configuration without verifying the current user has administrator-level capabilities. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger the creation of a published wpzoom-sharing configuration post with default sharing button settings, which…
PLUGIN
Social Icons Widget & Block – Social Media Icons & Share Buttons
CVE-2026-4063
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-3986 - Calculated Fields Form Plugin
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form settings in all versions up to, and including, 5.4.5.0. This is due to insufficient capability checks on the form settings save handler and insufficient input sanitization of the `fcontent` field in `fhtml` field types. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Calculated Fields Form
CVE-2026-3986
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-32412 - Gift Up Gift Cards for WordPress and WooCommerce Plugin
Server-Side Request Forgery (SSRF) vulnerability in Gift Up! Gift Up Gift Cards for WordPress and WooCommerce gift-up allows Server Side Request Forgery.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through
PLUGIN
Gift Up Gift Cards for WordPress and WooCommerce
CVE-2026-32412
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-32409 - Forminator Plugin
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through
PLUGIN
Forminator
CVE-2026-32409
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-2879 - GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools Plugin
The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2. This is due to missing validation on the `id` parameter in the `create()` method of the `GetGenieChat` REST API endpoint. The method accepts a user-controlled post ID and, when a post with that ID exists, calls `wp_update_post()` without verifying that the current user owns the post or that the post is of the expected `getgenie_chat` type. This makes it possible for authenticated attackers, with Author-level access and above, to overwrite…
PLUGIN
GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
CVE-2026-2879
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-2888 - Formidable Forms Plugin
The Formidable Forms plugin for WordPress is vulnerable to an authorization bypass through user-controlled key in all versions up to, and including, 6.28. This is due to the `frm_strp_amount` AJAX handler (`update_intent_ajax`) overwriting the global `$_POST` data with attacker-controlled JSON input and then using those values to recalculate payment amounts via field shortcode resolution in `generate_false_entry()`. The handler relies on a nonce that is publicly exposed in the page's JavaScript (`frm_stripe_vars.nonce`), which provides CSRF protection but not authorization. This makes it possible for unauthenticated attackers to manipulate PaymentIntent amounts before…
PLUGIN
Formidable Forms
CVE-2026-2888
Risk Score
Threat Entry
Updated 2026-03-16
CVE-2026-2257 - GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools Plugin
The GetGenie plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.2 due to missing validation on a user controlled key in the `action` function. This makes it possible for authenticated attackers, with Author-level access and above, to update post metadata for arbitrary posts. Combined with a lack of input sanitization, this leads to Stored Cross-Site Scripting when a higher-privileged user (such as an Administrator) views the affected post's "Competitor" tab in the GetGenie sidebar.
PLUGIN
GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
CVE-2026-2257
Risk Score