Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total15,024
Critical923
High3,044
Medium10,857
Reset
Showing 1441-1460 of 15024 records
Threat Entry Updated 2026-01-27

CVE-2026-22463 - Form to Chat App Plugin

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Micro.company Form to Chat App form-to-chat allows Stored XSS.This issue affects Form to Chat App: from n/a through

PLUGIN Form to Chat App

CVE-2026-22463

MEDIUM CVSS 6.5 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22469 - DeepDigital Plugin

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mwtemplates DeepDigital deepdigital allows Code Injection.This issue affects DeepDigital: from n/a through

PLUGIN DeepDigital

CVE-2026-22469

MEDIUM CVSS 5.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22468 - Elementor Plugin

Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through

PLUGIN Elementor

CVE-2026-22468

MEDIUM CVSS 4.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22466 - WP MapIt Plugin

Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through

PLUGIN WP MapIt

CVE-2026-22466

MEDIUM CVSS 4.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22462 - Add Polylang support for Customizer Plugin

Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for Customizer add-polylang-support-for-customizer allows Cross Site Request Forgery.This issue affects Add Polylang support for Customizer: from n/a through

PLUGIN Add Polylang support for Customizer

CVE-2026-22462

MEDIUM CVSS 4.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22430 - Verdure Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verdure: from n/a through

PLUGIN Verdure

CVE-2026-22430

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22426 - Sweet Jane Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sweet Jane: from n/a through

PLUGIN Sweet Jane

CVE-2026-22426

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22411 - Dolcino Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from n/a through

PLUGIN Dolcino

CVE-2026-22411

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-30

CVE-2026-22461 - WooCommerce Plugin

Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CTX Feed: from n/a through

PLUGIN WooCommerce

CVE-2026-22461

MEDIUM CVSS 5.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-28

CVE-2026-22458 - Wanderland Plugin

Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through

PLUGIN Wanderland

CVE-2026-22458

MEDIUM CVSS 5.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-28

CVE-2026-22447 - Prowess Plugin

Missing Authorization vulnerability in Select-Themes Prowess prowess allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prowess: from n/a through

PLUGIN Prowess

CVE-2026-22447

MEDIUM CVSS 5.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22445 - Apimo Connector Plugin

Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apimo Connector: from n/a through

PLUGIN Apimo Connector

CVE-2026-22445

MEDIUM CVSS 5.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22450 - Don Peppe Plugin

Missing Authorization vulnerability in Select-Themes Don Peppe donpeppe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Don Peppe: from n/a through

PLUGIN Don Peppe

CVE-2026-22450

MEDIUM CVSS 4.3 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22402 - Triply Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through

PLUGIN Triply

CVE-2026-22402

HIGH CVSS 7.5 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22401 - Freshio Plugin

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in pavothemes Freshio freshio allows PHP Local File Inclusion.This issue affects Freshio: from n/a through

PLUGIN Freshio

CVE-2026-22401

HIGH CVSS 7.5 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22409 - Justicia Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Justicia justicia allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Justicia: from n/a through

PLUGIN Justicia

CVE-2026-22409

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22407 - Roam Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Roam: from n/a through

PLUGIN Roam

CVE-2026-22407

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22406 - Overton Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Overton: from n/a through

PLUGIN Overton

CVE-2026-22406

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-27

CVE-2026-22404 - Innovio Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through

PLUGIN Innovio

CVE-2026-22404

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-22400 - Holmes Plugin

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Holmes holmes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Holmes: from n/a through

PLUGIN Holmes

CVE-2026-22400

MEDIUM CVSS 5.4 2026-01-22
Open Full Technical Breakdown
Scroll to top