Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-03-05
CVE-2026-28562 - Wpforo Plugin
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database.
PLUGIN
Wpforo
CVE-2026-28562
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28561 - Wpforo Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows administrators to inject persistent JavaScript via forum description fields echoed without output escaping across multiple theme template files. On multisite installations or with a compromised admin account, attackers set a forum description containing HTML event handlers that execute when any user views the forum listing.
PLUGIN
Wpforo
CVE-2026-28561
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28560 - Wpforo Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data output into an inline script block using json_encode without the JSON_HEX_TAG flag. Attackers set a forum slug containing a closing script tag or unescaped single quote to break out of the JavaScript string context and execute arbitrary script in all visitors' browsers.
PLUGIN
Wpforo
CVE-2026-28560
Risk Score
Threat Entry
Updated 2026-03-04
CVE-2026-28557 - Wpforo Plugin
wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then remap all wpForo usergroups to arbitrary WordPress roles.
PLUGIN
Wpforo
CVE-2026-28557
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28559 - Wpforo Plugin
wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query.
PLUGIN
Wpforo
CVE-2026-28559
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28556 - Wpforo Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form action handlers. Attackers with a valid form nonce can reorganize arbitrary forum content without moderator permissions, including relocating topics to private forums.
PLUGIN
Wpforo
CVE-2026-28556
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28555 - Wpforo Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid nonce with an arbitrary topic ID to bypass the moderator permission requirement and disrupt forum discussions.
PLUGIN
Wpforo
CVE-2026-28555
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28558 - Wpforo Plugin
wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload SVG files as profile avatars through the avatar upload functionality. Attackers upload a crafted SVG containing CSS injection or JavaScript event handlers that execute in the browsers of any user who views the attacker's profile page.
PLUGIN
Wpforo
CVE-2026-28558
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-28554 - Wpforo Plugin
wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers exploit the nonce-only check by submitting a valid nonce with an arbitrary post ID to bypass moderation controls entirely.
PLUGIN
Wpforo
CVE-2026-28554
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2025-13673 - Elearning And Online Course Solution Plugin
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. NOTE: This vulnerability was partially mitigated in versions 3.9.4 and 3.9.6.
PLUGIN
Elearning And Online Course Solution
CVE-2025-13673
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-2471 - Wp Mail Logging Plugin
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor calling `maybe_unserialize()` on all properties retrieved from the database without validation. This makes it possible for unauthenticated attackers to inject a PHP Object by submitting a double-serialized payload through any public-facing form that sends email (e.g., Contact Form 7). When the email is logged and subsequently viewed by an administrator,…
PLUGIN
Wp Mail Logging
CVE-2026-2471
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1542 - Super Stage Wp Plugin
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog.
PLUGIN
Super Stage Wp
CVE-2026-1542
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-27759 - Featured Image From Content Plugin
Featured Image from Content (featured-image-from-content) WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations to retrieve sensitive internal data and store it in web-accessible upload directories.
PLUGIN
Featured Image From Content
CVE-2026-27759
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-3327 - Commit Plugin
Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins. This issue affects Web Previews < v1.0.31.
PLUGIN
Commit
CVE-2026-3327
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-2751 - Centreon Web On Central Server Plugin
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.
PLUGIN
Centreon Web On Central Server
CVE-2026-2751
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-2831 - Mailarchiver Plugin
The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Mailarchiver
CVE-2026-2831
Risk Score
Threat Entry
Updated 2026-02-27
CVE-2025-14142 - Electric Enquiries Plugin
The Electric Enquiries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button' parameter of the electric-enquiry shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
PLUGIN
Electric Enquiries
CVE-2025-14142
Risk Score
Threat Entry
Updated 2026-04-15
CVE-2026-1305 - Japanized For Woocommerce Plugin
The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the `paidy_webhook_permission_check` function that unconditionally returns `true` when the webhook signature header is omitted. This makes it possible for unauthenticated attackers to bypass payment verification and fraudulently mark orders as "Processing" or "Completed" without actual payment via a crafted POST request to the Paidy webhook endpoint.
PLUGIN
Japanized For Woocommerce
CVE-2026-1305
Risk Score
Threat Entry
Updated 2026-02-27
CVE-2024-10938 - Ovri Payment Plugin
The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. If moved outside of the plugin's directory, they may interfere with the proper function of a site.
PLUGIN
Ovri Payment
CVE-2024-10938
Risk Score
Threat Entry
Updated 2026-03-02
CVE-2026-2252 - Xerox FreeFlow Core Plugin
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads
PLUGIN
Xerox FreeFlow Core
CVE-2026-2252
Risk Score