Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total10,800
Critical0
High0
Medium10,800
Reset
Showing 481-500 of 10800 records
Threat Entry Updated 2026-02-19

CVE-2026-25384 - WP-Lister Lite for eBay Plugin

Missing Authorization vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Lister Lite for eBay: from n/a through

PLUGIN WP-Lister Lite for eBay

CVE-2026-25384

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-26

CVE-2026-25387 - Image Optimizer by Elementor Plugin

Missing Authorization vulnerability in Elementor Image Optimizer by Elementor image-optimization allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Optimizer by Elementor: from n/a through

PLUGIN Image Optimizer by Elementor

CVE-2026-25387

MEDIUM CVSS 4.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25375 - Image Photo Gallery Final Tiles Grid Plugin

Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through

PLUGIN Image Photo Gallery Final Tiles Grid

CVE-2026-25375

MEDIUM CVSS 4.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25372 - Academy LMS Plugin

Missing Authorization vulnerability in Kodezen LLC Academy LMS academy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Academy LMS: from n/a through

PLUGIN Academy LMS

CVE-2026-25372

MEDIUM CVSS 6.5 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25368 - Calculated Fields Form Plugin

Missing Authorization vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Calculated Fields Form: from n/a through

PLUGIN Calculated Fields Form

CVE-2026-25368

MEDIUM CVSS 6.5 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-25362 - FooGallery Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FooPlugins FooGallery foogallery allows Stored XSS.This issue affects FooGallery: from n/a through

PLUGIN FooGallery

CVE-2026-25362

MEDIUM CVSS 5.9 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25374 - Spa and Salon Plugin

Missing Authorization vulnerability in raratheme Spa and Salon spa-and-salon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spa and Salon: from n/a through

PLUGIN Spa and Salon

CVE-2026-25374

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-26

CVE-2026-25370 - WP Compress Plugin

Missing Authorization vulnerability in AresIT WP Compress wp-compress-image-optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress: from n/a through

PLUGIN WP Compress

CVE-2026-25370

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25367 - CitiLights Plugin

Missing Authorization vulnerability in NooTheme CitiLights noo-citilights allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CitiLights: from n/a through < 3.7.2.

PLUGIN CitiLights

CVE-2026-25367

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-25364 - Client Invoicing by Sprout Invoices Plugin

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through

PLUGIN Client Invoicing by Sprout Invoices

CVE-2026-25364

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-26

CVE-2026-25363 - FooGallery Plugin

Missing Authorization vulnerability in FooPlugins FooGallery foogallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FooGallery: from n/a through

PLUGIN FooGallery

CVE-2026-25363

MEDIUM CVSS 4.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-25343 - WP SMS Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS wp-sms allows DOM-Based XSS.This issue affects WP SMS: from n/a through

PLUGIN WP SMS

CVE-2026-25343

MEDIUM CVSS 5.9 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25337 - Coachify Plugin

Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through

PLUGIN Coachify

CVE-2026-25337

MEDIUM CVSS 5.4 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25348 - Download Alt Text AI Plugin

Missing Authorization vulnerability in alttextai Download Alt Text AI alttext-ai allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Alt Text AI: from n/a through

PLUGIN Download Alt Text AI

CVE-2026-25348

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25338 - AI ChatBot with ChatGPT and Content Generator by AYS Plugin

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through

PLUGIN AI ChatBot with ChatGPT and Content Generator by AYS

CVE-2026-25338

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25336 - Coachify Plugin

Missing Authorization vulnerability in wpcoachify Coachify coachify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coachify: from n/a through

PLUGIN Coachify

CVE-2026-25336

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25333 - Shopwell Plugin

Missing Authorization vulnerability in peregrinethemes Shopwell shopwell allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shopwell: from n/a through

PLUGIN Shopwell

CVE-2026-25333

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25335 - Secure Copy Content Protection and Content Locking Plugin

Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through

PLUGIN Secure Copy Content Protection and Content Locking

CVE-2026-25335

MEDIUM CVSS 4.3 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-27

CVE-2026-25331 - WP Activity Log Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through

PLUGIN WP Activity Log

CVE-2026-25331

MEDIUM CVSS 6.5 2026-02-19
Open Full Technical Breakdown
Threat Entry Updated 2026-02-19

CVE-2026-25332 - Endless Posts Navigation Plugin

Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through

PLUGIN Endless Posts Navigation

CVE-2026-25332

MEDIUM CVSS 5.3 2026-02-19
Open Full Technical Breakdown
Scroll to top