Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total15,024
Critical923
High3,044
Medium10,857
Reset
Showing 1341-1360 of 15024 records
Threat Entry Updated 2026-01-26

CVE-2026-24585 - WooCommerce Plugin

Missing Authorization vulnerability in Hyyan Abo Fakher Hyyan WooCommerce Polylang Integration woo-poly-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hyyan WooCommerce Polylang Integration: from n/a through

PLUGIN WooCommerce

CVE-2026-24585

MEDIUM CVSS 6.5 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24584 - Tutor LMS BunnyNet Integration Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS BunnyNet Integration tutor-lms-bunnynet-integration allows DOM-Based XSS.This issue affects Tutor LMS BunnyNet Integration: from n/a through

PLUGIN Tutor LMS BunnyNet Integration

CVE-2026-24584

MEDIUM CVSS 5.9 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24587 - AJAX Hits Counter + Popular Posts Widget Plugin

Missing Authorization vulnerability in kutsy AJAX Hits Counter + Popular Posts Widget ajax-hits-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AJAX Hits Counter + Popular Posts Widget: from n/a through

PLUGIN AJAX Hits Counter + Popular Posts Widget

CVE-2026-24587

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24581 - WooCommerce Plugin

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through

PLUGIN WooCommerce

CVE-2026-24581

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24589 - Cargus Plugin

Insertion of Sensitive Information Into Sent Data vulnerability in Cargus eCommerce Cargus cargus allows Retrieve Embedded Sensitive Data.This issue affects Cargus: from n/a through

PLUGIN Cargus

CVE-2026-24589

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24583 - WooCommerce Plugin

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through

PLUGIN WooCommerce

CVE-2026-24583

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24588 - Smart Product Viewer Plugin

Missing Authorization vulnerability in topdevs Smart Product Viewer smart-product-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Product Viewer: from n/a through

PLUGIN Smart Product Viewer

CVE-2026-24588

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24572 - Nelio Content Plugin

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through

PLUGIN Nelio Content

CVE-2026-24572

HIGH CVSS 8.8 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24576 - UX Flat Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in COP UX Flat ux-flat allows Stored XSS.This issue affects UX Flat: from n/a through

PLUGIN UX Flat

CVE-2026-24576

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24577 - Pie Register Plugin

Missing Authorization vulnerability in Genetech Products Pie Register pie-register allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pie Register: from n/a through

PLUGIN Pie Register

CVE-2026-24577

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24580 - Ecwid Shopping Cart Plugin

Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through

PLUGIN Ecwid Shopping Cart

CVE-2026-24580

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24579 - Ai Image Alt Text Generator for WP Plugin

Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through

PLUGIN Ai Image Alt Text Generator for WP

CVE-2026-24579

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24578 - Admin login URL Change Plugin

Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through

PLUGIN Admin login URL Change

CVE-2026-24578

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24571 - BOX NOW Delivery Plugin

Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through

PLUGIN BOX NOW Delivery

CVE-2026-24571

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24566 - iNET Webkit Plugin

Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iNET Webkit: from n/a through

PLUGIN iNET Webkit

CVE-2026-24566

MEDIUM CVSS 6.5 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24565 - B Accordion Plugin

Insertion of Sensitive Information Into Sent Data vulnerability in bPlugins B Accordion b-accordion allows Retrieve Embedded Sensitive Data.This issue affects B Accordion: from n/a through

PLUGIN B Accordion

CVE-2026-24565

MEDIUM CVSS 6.5 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24570 - Edwiser Bridge Plugin

Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through

PLUGIN Edwiser Bridge

CVE-2026-24570

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24568 - WP Travel Plugin

Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through

PLUGIN WP Travel

CVE-2026-24568

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24569 - Media Library File Size Plugin

Missing Authorization vulnerability in Sully Media Library File Size media-library-file-size allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library File Size: from n/a through

PLUGIN Media Library File Size

CVE-2026-24569

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24567 - Anything Order by Terms Plugin

Missing Authorization vulnerability in briarinc Anything Order by Terms anything-order-by-terms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Anything Order by Terms: from n/a through

PLUGIN Anything Order by Terms

CVE-2026-24567

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Scroll to top