Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-01-26
CVE-2026-24603 - Universal Google Adsense and Ads manager Plugin
Missing Authorization vulnerability in themebeez Universal Google Adsense and Ads manager universal-google-adsense-and-ads-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Universal Google Adsense and Ads manager: from n/a through
PLUGIN
Universal Google Adsense and Ads manager
CVE-2026-24603
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24599 - NextMove Lite Plugin
Authorization Bypass Through User-Controlled Key vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through
PLUGIN
NextMove Lite
CVE-2026-24599
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24595 - Zoho CRM Lead Magnet Plugin
Missing Authorization vulnerability in zohocrm Zoho CRM Lead Magnet zoho-crm-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zoho CRM Lead Magnet: from n/a through
PLUGIN
Zoho CRM Lead Magnet
CVE-2026-24595
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24591 - Yoast SEO Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yasir129 Turn Yoast SEO FAQ Block to Accordion faq-schema-block-to-accordion allows Stored XSS.This issue affects Turn Yoast SEO FAQ Block to Accordion: from n/a through
PLUGIN
Yoast SEO
CVE-2026-24591
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24593 - WordPress Core
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Retrieve Embedded Sensitive Data.This issue affects AWP Classifieds: from n/a through
CORE
WordPress Core
CVE-2026-24593
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24594 - Livemesh Addons for WPBakery Page Builder Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Page Builder: from n/a through
PLUGIN
Livemesh Addons for WPBakery Page Builder
CVE-2026-24594
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-24596 - Related Posts Thumbnails Plugin for WordPress
Cross-Site Request Forgery (CSRF) vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through
PLUGIN
Related Posts Thumbnails Plugin for WordPress
CVE-2026-24596
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24598 - Multilanguage by BestWebSoft Plugin
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through
PLUGIN
Multilanguage by BestWebSoft
CVE-2026-24598
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24585 - WooCommerce Plugin
Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through
PLUGIN
WooCommerce
CVE-2026-24585
Risk Score
Threat Entry
Updated 2026-01-27
CVE-2026-24584 - Tutor LMS BunnyNet Integration Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS BunnyNet Integration tutor-lms-bunnynet-integration allows DOM-Based XSS.This issue affects Tutor LMS BunnyNet Integration: from n/a through
PLUGIN
Tutor LMS BunnyNet Integration
CVE-2026-24584
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24587 - AJAX Hits Counter + Popular Posts Widget Plugin
Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through
PLUGIN
AJAX Hits Counter + Popular Posts Widget
CVE-2026-24587
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24581 - WooCommerce Plugin
Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through
PLUGIN
WooCommerce
CVE-2026-24581
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24589 - Cargus Plugin
Insertion of Sensitive Information Into Sent Data vulnerability in Cargus eCommerce Cargus cargus allows Retrieve Embedded Sensitive Data.This issue affects Cargus: from n/a through
PLUGIN
Cargus
CVE-2026-24589
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24583 - WooCommerce Plugin
Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through
PLUGIN
WooCommerce
CVE-2026-24583
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24588 - Smart Product Viewer Plugin
Missing Authorization vulnerability in topdevs Smart Product Viewer smart-product-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Product Viewer: from n/a through
PLUGIN
Smart Product Viewer
CVE-2026-24588
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24576 - UX Flat Plugin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in COP UX Flat ux-flat allows Stored XSS.This issue affects UX Flat: from n/a through
PLUGIN
UX Flat
CVE-2026-24576
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24577 - Pie Register Plugin
Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through
PLUGIN
Pie Register
CVE-2026-24577
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24580 - Ecwid Shopping Cart Plugin
Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through
PLUGIN
Ecwid Shopping Cart
CVE-2026-24580
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24579 - Ai Image Alt Text Generator for WP Plugin
Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through
PLUGIN
Ai Image Alt Text Generator for WP
CVE-2026-24579
Risk Score
Threat Entry
Updated 2026-01-26
CVE-2026-24578 - Admin login URL Change Plugin
Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through
PLUGIN
Admin login URL Change
CVE-2026-24578
Risk Score