Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-15
CVE-2026-24627 - Trusona for WordPress Plugin
Missing Authorization vulnerability in Trusona Trusona for WordPress trusona allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trusona for WordPress: from n/a through
PLUGIN
Trusona for WordPress
CVE-2026-24627
Risk Score
Threat Entry
Updated 2026-01-27
CVE-2026-24623 - Neoforum Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in saeros1984 Neoforum neoforum allows Reflected XSS.This issue affects Neoforum: from n/a through
PLUGIN
Neoforum
CVE-2026-24623
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24626 - Logo Slider Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt Logo Slider logo-slider-wp allows Stored XSS.This issue affects Logo Slider: from n/a through
PLUGIN
Logo Slider
CVE-2026-24626
Risk Score
Threat Entry
Updated 2026-01-27
CVE-2026-24620 - Landing Page Builder Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Landing Page Builder page-builder-add allows Stored XSS.This issue affects Landing Page Builder: from n/a through
PLUGIN
Landing Page Builder
CVE-2026-24620
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24622 - Suggestion Toolkit Plugin
Missing Authorization vulnerability in Sergiy Dzysyak Suggestion Toolkit suggestion-toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Suggestion Toolkit: from n/a through
PLUGIN
Suggestion Toolkit
CVE-2026-24622
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24625 - WooCommerce Plugin
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through
PLUGIN
WooCommerce
CVE-2026-24625
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24621 - Terms descriptions Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Statsenko Terms descriptions terms-descriptions allows DOM-Based XSS.This issue affects Terms descriptions: from n/a through
PLUGIN
Terms descriptions
CVE-2026-24621
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24617 - Easy Modal Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Iser Easy Modal easy-modal allows Stored XSS.This issue affects Easy Modal: from n/a through
PLUGIN
Easy Modal
CVE-2026-24617
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24616 - WP Popups Plugin
Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through
PLUGIN
WP Popups
CVE-2026-24616
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24614 - Flex QR Code Generator Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devsbrain Flex QR Code Generator flex-qr-code-generator allows DOM-Based XSS.This issue affects Flex QR Code Generator: from n/a through
PLUGIN
Flex QR Code Generator
CVE-2026-24614
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24619 - PopCash.Net Code Integration Tool Plugin
Missing Authorization vulnerability in PopCash PopCash.Net Code Integration Tool popcashnet-code-integration-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PopCash.Net Code Integration Tool: from n/a through
PLUGIN
PopCash.Net Code Integration Tool
CVE-2026-24619
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24615 - Cream Magazine Plugin
Missing Authorization vulnerability in themebeez Cream Magazine cream-magazine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cream Magazine: from n/a through
PLUGIN
Cream Magazine
CVE-2026-24615
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24613 - Ecwid Shopping Cart Plugin
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through
PLUGIN
Ecwid Shopping Cart
CVE-2026-24613
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24612 - Orchid Store Plugin
Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through
PLUGIN
Orchid Store
CVE-2026-24612
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24607 - Travel Monster Plugin
Missing Authorization vulnerability in wptravelengine Travel Monster travel-monster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Monster: from n/a through
PLUGIN
Travel Monster
CVE-2026-24607
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24606 - WooCommerce Plugin
Missing Authorization vulnerability in Web Impian Bayarcash WooCommerce bayarcash-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bayarcash WooCommerce: from n/a through
PLUGIN
WooCommerce
CVE-2026-24606
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24604 - Simple GDPR Cookie Compliance Plugin
Missing Authorization vulnerability in themebeez Simple GDPR Cookie Compliance simple-gdpr-cookie-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple GDPR Cookie Compliance: from n/a through
PLUGIN
Simple GDPR Cookie Compliance
CVE-2026-24604
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24605 - Elementor Plugin
Missing Authorization vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects X Addons for Elementor: from n/a through
PLUGIN
Elementor
CVE-2026-24605
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24601 - Penci Pay Writer Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Pay Writer penci-pay-writer allows Stored XSS.This issue affects Penci Pay Writer: from n/a through
PLUGIN
Penci Pay Writer
CVE-2026-24601
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24600 - Penci Review Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Review penci-review allows Stored XSS.This issue affects Penci Review: from n/a through
PLUGIN
Penci Review
CVE-2026-24600
Risk Score