Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total11,547
Critical0
High0
Medium11,547
Reset
Showing 421-440 of 11547 records
Threat Entry Updated 2026-04-22

CVE-2026-5162 - Royal Elementor Addons Plugin

The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all versions up to, and including, 1.7.1056 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Royal Elementor Addons

CVE-2026-5162

MEDIUM CVSS 6.4 2026-04-17
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-4817 - Masterstudy Lms Learning Management System Plugin

The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order' and 'orderby' parameters in the /lms/stm-lms/order/items REST API endpoint in versions up to and including 3.7.25. This is due to insufficient input sanitization combined with a design flaw in the custom Query builder class that allows unquoted SQL injection in ORDER BY clauses. When the Query builder detects parentheses in the sort_by parameter, it treats the value as a SQL function and directly concatenates it into the…

PLUGIN Masterstudy Lms Learning Management System

CVE-2026-4817

MEDIUM CVSS 6.5 2026-04-17
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3488 - Wp Statistics Plugin

The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.16.4. This is due to missing capability checks on multiple AJAX handlers including `wp_statistics_get_filters`, `wp_statistics_getPrivacyStatus`, `wp_statistics_updatePrivacyStatus`, and `wp_statistics_dismiss_notices`. These endpoints only verify a `wp_rest` nonce via `check_ajax_referer()` but do not enforce any capability checks such as `current_user_can()` or the plugin's own `User::Access()` method. Since the `wp_rest` nonce is available to all authenticated WordPress users, this makes it possible for authenticated attackers, with Subscriber-level access and above, to access sensitive analytics data (user…

PLUGIN Wp Statistics

CVE-2026-3488

MEDIUM CVSS 6.5 2026-04-17
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-2840 - Protect Email Addresses And Phone Numbers Plugin

The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Protect Email Addresses And Phone Numbers

CVE-2026-2840

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-4160 - Conversational Form Builder Plugin

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submission_id' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validation on a user controlled key in the Stripe SCA confirmation AJAX endpoint. This makes it possible for unauthenticated attackers to modify payment status of targeted pending submissions (for example, setting the status to "failed").

PLUGIN Conversational Form Builder

CVE-2026-4160

MEDIUM CVSS 5.3 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3369 - Ai Powered Suggestions Plugin

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded image title in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Ai Powered Suggestions

CVE-2026-3369

MEDIUM CVSS 5.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-0718 - Postx Plugin

The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ultp_shareCount_callback() function in all versions up to, and including, 5.0.5. This makes it possible for unauthenticated attackers to modify the share_count post meta for any post, including private or draft posts.

PLUGIN Postx

CVE-2026-0718

MEDIUM CVSS 5.3 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3875 - Betterdocs Plugin

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs_feedback_form' shortcode in all versions up to, and including, 4.3.8. This is due to insufficient input sanitization and output escaping on user supplied shortcode attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Betterdocs

CVE-2026-3875

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3995 - Open Brain Plugin

The OPEN-BRAIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'API Key' settings field in all versions up to, and including, 0.5.0. This is due to insufficient input sanitization and output escaping. The plugin uses sanitize_text_field() which strips HTML tags but does not encode double quotes or other HTML-special characters needed for safe attribute context output. The API key value is saved via update_option() and later output into an HTML input element's value attribute without esc_attr() escaping. This makes it possible for authenticated attackers, with Administrator-level access,…

PLUGIN Open Brain

CVE-2026-3995

MEDIUM CVSS 4.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-1572 - Addons For Elementor Plugin

The Livemesh Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 9.0. This is due to missing authorization checks on the AJAX handler `lae_admin_ajax()` and insufficient output escaping on multiple checkbox settings fields. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in the plugin settings page that will execute whenever an administrator accesses the plugin settings page granted they can obtain a valid…

PLUGIN Addons For Elementor

CVE-2026-1572

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3355 - Customer Reviews For Woocommerce Plugin

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

PLUGIN Customer Reviews For Woocommerce

CVE-2026-3355

MEDIUM CVSS 6.1 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3773 - Online Accessibility Plugin

The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scan_id' parameter in all versions up to, and including, 4.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

PLUGIN Online Accessibility

CVE-2026-3773

MEDIUM CVSS 6.5 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3595 - Riaxe Product Customizer Plugin

The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.2. This is due to the plugin registering a REST API route at POST /wp-json/InkXEProductDesignerLite/customer/delete_customer without a permission_callback, causing WordPress to default to allowing unauthenticated access, and the inkxe_delete_customer() callback function taking an array of user IDs from the request body and passing each one directly to wp_delete_user() without any authentication or authorization checks. This makes it possible for unauthenticated attackers to delete arbitrary WordPress user accounts, including administrator accounts, leading…

PLUGIN Riaxe Product Customizer

CVE-2026-3595

MEDIUM CVSS 5.3 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3581 - Basic Google Maps Placemarks Plugin

The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify stored map latitude and longitude options.

PLUGIN Basic Google Maps Placemarks

CVE-2026-3581

MEDIUM CVSS 5.3 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3551 - Custom New User Notification Plugin

The Custom New User Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's admin settings in all versions up to, and including, 1.2.0. This is due to insufficient input sanitization and output escaping on multiple settings fields including 'User Mail Subject', 'User From Name', 'User From Email', 'Admin Mail Subject', 'Admin From Name', and 'Admin From Email'. The settings are registered via register_setting() without sanitize callbacks, and the values retrieved via get_option() are echoed directly into HTML input value attributes without esc_attr(). This makes it possible…

PLUGIN Custom New User Notification

CVE-2026-3551

MEDIUM CVSS 4.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-5070 - Vantage Theme

The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

THEME Vantage

CVE-2026-5070

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-4032 - Codecolorer Plugin

The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to, and including, 0.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires comments to be enabled on the target post and guest comments to be allowed.

PLUGIN Codecolorer

CVE-2026-4032

MEDIUM CVSS 6.1 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3878 - Wp Docs Plugin

The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parameter in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Wp Docs

CVE-2026-3878

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3885 - Shortcodes Ultimate Plugin

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_box' shortcode in all versions up to, and including, 7.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Shortcodes Ultimate

CVE-2026-3885

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Threat Entry Updated 2026-04-22

CVE-2026-3299 - Changeset Plugin

The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Changeset

CVE-2026-3299

MEDIUM CVSS 6.4 2026-04-16
Open Full Technical Breakdown
Scroll to top