Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-1888 - Docus – YouTube Video Playlist Plugin
The Docus – YouTube Video Playlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'docusplaylist' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Docus – YouTube Video Playlist
CVE-2026-1888
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1808 - Orange Comfort+ accessibility toolbar for WordPress Plugin
The Orange Confort+ accessibility toolbar for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' parameter of the ocplus_button shortcode in all versions up to, and including, 0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Orange Comfort+ accessibility toolbar for WordPress
CVE-2026-1808
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1401 - Tune Library Plugin
The Tune Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via CSV import in all versions up to, and including, 1.6.3. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the injected page. The vulnerability exists because the CSV import functionality lacks authorization checks and doesn't sanitize imported data, which is later rendered without escaping through the…
PLUGIN
Tune Library
CVE-2026-1401
Risk Score
Threat Entry
Updated 2026-02-06
CVE-2025-10753 - Miniorange Login With Eve Online Google Facebook Plugin
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 6.26.14. This is due to missing capability checks and authentication verification on the OAuth redirect functionality accessible via the 'oauthredirect' option parameter. This makes it possible for unauthenticated attackers to set the global redirect URL option via the redirect_url parameter granted they can access the site directly.
PLUGIN
Miniorange Login With Eve Online Google Facebook
CVE-2025-10753
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1228 - Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) Plugin
The Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.3 via the tlgb_shortcode() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to disclose private timeline content via the id attribute supplied to the 'timeline_block' shortcode.
PLUGIN
Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines)
CVE-2026-1228
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1927 - Animation And Page Builder Blocks Plugin
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshift_app_pass_validation() function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve global plugin settings including stored AI API keys and modify plugin settings, including the injection of arbitrary web scripts via the 'custom_css' value (stored XSS). NOTE: This vulnerability was partially patched in version 12.6.
PLUGIN
Animation And Page Builder Blocks
CVE-2026-1927
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1654 - Peter’s Date Countdown Plugin
The Peter's Date Countdown plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Peter’s Date Countdown
CVE-2026-1654
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1271 - ProfileGrid – User Profiles, Groups and Communities Plugin
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pm_upload_image' and 'pm_upload_cover_image' AJAX actions. This is due to the update_user_meta() function being called outside of the user authorization check in public/partials/crop.php and public/partials/coverimg_crop.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change any user's profile picture or cover image, including administrators.
PLUGIN
ProfileGrid – User Profiles, Groups and Communities
CVE-2026-1271
Risk Score
Threat Entry
Updated 2026-02-05
CVE-2025-14079 - Customer Ticketing System Plugin
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.3.5. This is due to missing capability checks on the eh_crm_ticket_general function combined with a shared nonce that is exposed to low-privileged users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global WSDesk settings via the `eh_crm_ticket_general` AJAX action.
PLUGIN
Customer Ticketing System
CVE-2025-14079
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1319 - Webp Converter Plugin
The Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Webp Converter
CVE-2026-1319
Risk Score
Threat Entry
Updated 2026-02-05
CVE-2025-13416 - Profilegrid User Profiles Groups And Communities Plugin
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pm_deactivate_user_from_group() function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to suspend arbitrary users from groups, including administrators, via the pm_deactivate_user_from_group AJAX action.
PLUGIN
Profilegrid User Profiles Groups And Communities
CVE-2025-13416
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1268 - Dynamic Widget Content Plugin
The Dynamic Widget Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the widget content field in the Gutenberg editor sidebar in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Dynamic Widget Content
CVE-2026-1268
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0867 - Essential Widgets Plugin
The Essential Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ew-author, ew-archive, ew-category, ew-page, and ew-menu shortcodes in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in version 3.0.
PLUGIN
Essential Widgets
CVE-2026-0867
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1246 - Shortpixel Image Optimiser Plugin
The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for authenticated attackers, with Editor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information such as database credentials and authentication keys.
PLUGIN
Shortpixel Image Optimiser
CVE-2026-1246
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0742 - Smart Appointment & Booking Plugin
The Smart Appointment & Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the saab_save_form_data AJAX action in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Smart Appointment & Booking
CVE-2026-0742
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0679 - Fortis For Woocommerce Plugin
The Fortis for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to an inverted nonce check in the 'check_fortis_notify_response' function in all versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to update arbitrary WooCommerce order statuses to paid/processing/completed, effectively allowing them to mark orders as paid without payment.
PLUGIN
Fortis For Woocommerce
CVE-2026-0679
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1370 - Sibs Woocommerce Plugin
The SIBS woocommerce payment gateway plugin for WordPress is vulnerable to time-based SQL Injection via the ‘referencedId’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Sibs Woocommerce
CVE-2026-1370
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0816 - All Push Notification Plugin
The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'delete_id' parameter in all versions up to, and including, 1.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
All Push Notification
CVE-2026-0816
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0743 - Wp Content Permission Plugin
The WP Content Permission plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ohmem-message' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Wp Content Permission
CVE-2026-0743
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-0681 - Extended Random Number Generator Plugin
The Extended Random Number Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
PLUGIN
Extended Random Number Generator
CVE-2026-0681
Risk Score