Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total15,024
Critical923
High3,044
Medium10,857
Reset
Showing 1361-1380 of 15024 records
Threat Entry Updated 2026-01-26

CVE-2026-24561 - FluentBoards Plugin

Missing Authorization vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through

PLUGIN FluentBoards

CVE-2026-24561

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24560 - Cloudinary Plugin

Missing Authorization vulnerability in Cloudinary Cloudinary cloudinary-image-management-and-manipulation-in-the-cloud-cdn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cloudinary: from n/a through

PLUGIN Cloudinary

CVE-2026-24560

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24559 - Contact Form 7 Plugin

Insertion of Sensitive Information Into Sent Data vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Retrieve Embedded Sensitive Data.This issue affects Integration for Contact Form 7 HubSpot: from n/a through

PLUGIN Contact Form 7

CVE-2026-24559

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24558 - ABG Rich Pins Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in antoniobg ABG Rich Pins abg-rich-pins allows Stored XSS.This issue affects ABG Rich Pins: from n/a through

PLUGIN ABG Rich Pins

CVE-2026-24558

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24562 - WooCommerce Plugin

Missing Authorization vulnerability in Ryviu Ryviu – Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu – Product Reviews for WooCommerce: from n/a through

PLUGIN WooCommerce

CVE-2026-24562

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24564 - Textmetrics Plugin

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Israpil Textmetrics webtexttool allows Code Injection.This issue affects Textmetrics: from n/a through

PLUGIN Textmetrics

CVE-2026-24564

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24563 - LifePress Plugin

Missing Authorization vulnerability in Ashan Perera LifePress lifepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LifePress: from n/a through

PLUGIN LifePress

CVE-2026-24563

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24555 - ArtPlacer Widget Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Stored XSS.This issue affects ArtPlacer Widget: from n/a through

PLUGIN ArtPlacer Widget

CVE-2026-24555

MEDIUM CVSS 6.1 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24557 - Contact Form 7 Plugin

Insertion of Sensitive Information Into Sent Data vulnerability in WEN Solutions Contact Form 7 GetResponse Extension contact-form-7-getresponse-extension allows Retrieve Embedded Sensitive Data.This issue affects Contact Form 7 GetResponse Extension: from n/a through

PLUGIN Contact Form 7

CVE-2026-24557

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24556 - ElementCamp Plugin

Missing Authorization vulnerability in wpdive ElementCamp element-camp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementCamp: from n/a through

PLUGIN ElementCamp

CVE-2026-24556

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24551 - Monetag Official Plugin

Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through

PLUGIN Monetag Official Plugin

CVE-2026-24551

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24550 - Blockons Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through

PLUGIN Blockons

CVE-2026-24550

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24553 - WooCommerce Plugin

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Dotstore Fraud Prevention For Woocommerce woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers allows Retrieve Embedded Sensitive Data.This issue affects Fraud Prevention For Woocommerce: from n/a through

PLUGIN WooCommerce

CVE-2026-24553

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-28

CVE-2026-24549 - GeoDirectory Plugin

Cross-Site Request Forgery (CSRF) vulnerability in Paolo GeoDirectory allows Cross Site Request Forgery.This issue affects GeoDirectory: from n/a before 2.8.150.

PLUGIN GeoDirectory

CVE-2026-24549

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24540 - Integrate Google Drive Plugin

Missing Authorization vulnerability in Prince Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through

PLUGIN Integrate Google Drive

CVE-2026-24540

MEDIUM CVSS 5.4 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-24548 - Radio Player Plugin

Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through

PLUGIN Radio Player

CVE-2026-24548

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24541 - Download After Email Plugin

Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through

PLUGIN Download After Email

CVE-2026-24541

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24539 - Protección de datos – RGPD Plugin

Missing Authorization vulnerability in ABCdatos Protección de datos – RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protección de datos – RGPD: from n/a through

PLUGIN Protección de datos – RGPD

CVE-2026-24539

MEDIUM CVSS 5.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24544 - HD Quiz Plugin

Missing Authorization vulnerability in Harmonic Design HD Quiz hd-quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HD Quiz: from n/a through

PLUGIN HD Quiz

CVE-2026-24544

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-24543 - Materialis Companion Plugin

Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through

PLUGIN Materialis Companion

CVE-2026-24543

MEDIUM CVSS 4.3 2026-01-23
Open Full Technical Breakdown
Scroll to top