Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-39504 | 5.4 (v3.1) | WordPress InstaWP Connect plugin <= 0.1.2.5 - Broken A… |
InstaWP |
InstaWP Connect |
2026-04-08T08:30:13.405Z | 2026-04-29T09:52:01.914Z |
| cve-2026-39501 | 5.3 (v3.1) | WordPress FOX plugin <= 1.4.5 - Broken Access Control … |
RealMag777 |
FOX |
2026-04-08T08:30:13.172Z | 2026-04-29T09:52:01.916Z |
| cve-2026-39500 | 6.5 (v3.1) | WordPress themesflat-addons-for-elementor plugin <= 2.… |
Themesflat |
themesflat-addons-for-elementor |
2026-04-08T08:30:12.864Z | 2026-04-29T09:52:01.969Z |
| cve-2026-39497 | 7.6 (v3.1) | WordPress FOX plugin <= 1.4.5 - SQL Injection vulnerability |
RealMag777 |
FOX |
2026-04-08T08:30:12.597Z | 2026-04-29T09:52:01.939Z |
| cve-2026-39496 | 7.6 (v3.1) | WordPress YayMail plugin <= 4.3.3 - SQL Injection vuln… |
YayCommerce |
YayMail |
2026-04-08T08:30:12.339Z | 2026-04-29T09:52:01.932Z |
| cve-2026-39495 | 8.5 (v3.1) | WordPress Simply Schedule Appointments plugin <= 1.6.9… |
NSquared |
Simply Schedule Appointments |
2026-04-08T08:30:12.091Z | 2026-04-29T09:52:01.948Z |
| cve-2026-39488 | 6.5 (v3.1) | WordPress SureCart plugin <= 4.0.2 - Broken Access Con… |
SureCart |
SureCart |
2026-04-08T08:30:11.861Z | 2026-04-29T09:52:01.930Z |
| cve-2026-39487 | 7.6 (v3.1) | WordPress Amelia plugin <= 2.1.1 - SQL Injection vulne… |
ameliabooking |
Amelia |
2026-04-08T08:30:11.682Z | 2026-04-29T09:52:01.937Z |
| cve-2026-39486 | 8.5 (v3.1) | WordPress Download Monitor plugin <= 5.1.8 - SQL Injec… |
WP Chill |
Download Monitor |
2026-04-08T08:30:11.488Z | 2026-04-29T09:52:01.879Z |
| cve-2026-39485 | 4.3 (v3.1) | WordPress Youtube Embed Plus plugin <= 14.2.4 - Broken… |
embedplus |
Youtube Embed Plus |
2026-04-08T08:30:11.011Z | 2026-04-29T09:52:01.953Z |
| cve-2026-39484 | 4.7 (v3.1) | WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redi… |
John Darrel |
Hide My WP Ghost |
2026-04-08T08:30:10.796Z | 2026-04-29T09:52:01.908Z |
| cve-2026-39483 | 6.5 (v3.1) | WordPress VK All in One Expansion Unit plugin <= 9.113… |
Hidekazu Ishikawa |
VK All in One Expansion Unit |
2026-04-08T08:30:10.547Z | 2026-04-29T09:52:01.879Z |
| cve-2026-39482 | 6.5 (v3.1) | WordPress Post Expirator plugin <= 4.9.4 - Cross Site … |
PublishPress |
Post Expirator |
2026-04-08T08:30:10.093Z | 2026-04-29T09:52:01.909Z |
| cve-2026-39479 | 7.6 (v3.1) | WordPress OttoKit plugin <= 1.1.20 - SQL Injection vul… |
Brainstorm Force |
OttoKit |
2026-04-08T08:30:09.840Z | 2026-04-29T09:52:01.958Z |
| cve-2026-39477 | 4.3 (v3.1) | WordPress CartFlows plugin <= 2.2.3 - Broken Access Co… |
Brainstorm Force |
CartFlows |
2026-04-08T08:30:09.658Z | 2026-04-29T09:52:01.937Z |
| cve-2026-39476 | 4.3 (v3.1) | WordPress User Feedback plugin <= 1.10.1 - Broken Acce… |
Syed Balkhi |
User Feedback |
2026-04-08T08:30:09.401Z | 2026-04-29T09:52:01.915Z |
| cve-2026-39475 | 7.6 (v3.1) | WordPress User Feedback plugin <= 1.10.1 - SQL Injecti… |
Syed Balkhi |
User Feedback |
2026-04-08T08:30:09.133Z | 2026-04-29T09:52:01.836Z |
| cve-2026-39473 | 5.3 (v3.1) | WordPress Simple History plugin <= 5.24.0 - Sensitive … |
Pär Thernström |
Simple History |
2026-04-08T08:30:08.855Z | 2026-04-29T09:52:01.820Z |
| cve-2026-39469 | 4.3 (v3.1) | WordPress PageLayer plugin <= 2.0.8 - Sensitive Data E… |
Softaculous |
PageLayer |
2026-04-08T08:30:07.826Z | 2026-04-29T09:52:01.692Z |
| cve-2026-39466 | 7.6 (v3.1) | WordPress Broken Link Checker plugin <= 2.4.7 - SQL In… |
WPMU DEV - Your All-in-One WordPress Platform |
Broken Link Checker |
2026-04-08T08:30:07.229Z | 2026-04-29T09:52:01.751Z |
| cve-2026-39464 | 5.5 (v3.1) | WordPress Coming Soon Page, Under Construction & Maint… |
SeedProd |
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd |
2026-04-08T08:30:06.040Z | 2026-04-29T09:52:01.723Z |
| cve-2026-1396 | Magic Conversation For Gravity Forms <= 3.0.97 - Authe… |
magicplugins |
Magic Conversation For Gravity Forms |
2026-04-08T08:23:43.743Z | 2026-04-13T15:15:09.808Z | |
| cve-2026-4330 | Blog2Social: Social Media Auto Post & Scheduler <= 8.8… |
pr-gateway |
Blog2Social: Social Media Auto Post & Scheduler |
2026-04-08T07:43:03.247Z | 2026-04-08T17:32:59.960Z | |
| cve-2026-4654 | Awesome Support <= 6.3.7 - Authenticated (Subscriber+)… |
awesomesupport |
Awesome Support – WordPress HelpDesk & Support Plugin |
2026-04-08T07:43:02.627Z | 2026-04-08T18:50:47.666Z | |
| cve-2026-4655 | Element Pack Addons for Elementor <= 8.4.2 - Authentic… |
bdthemes |
Element Pack – Widgets, Templates & Addons for Elementor |
2026-04-08T07:43:00.898Z | 2026-04-08T16:34:12.756Z | |
| cve-2026-4483 | 7 (v4.0) | An exposed IOCTL with an insufficient access con… |
Moxa |
MxGeneralIo |
2026-04-08T07:25:03.348Z | 2026-04-08T13:53:26.094Z |
| cve-2025-1794 | AM LottiePlayer <= 3.6.0 - Authenticated (Author+) Sto… |
johanaarstein |
AM LottiePlayer |
2026-04-08T06:43:43.700Z | 2026-04-08T17:31:54.482Z | |
| cve-2026-3781 | Attendance Manager <= 0.6.2 - Authenticated (Subscribe… |
tnomi |
Attendance Manager |
2026-04-08T06:43:43.314Z | 2026-04-08T17:31:41.656Z | |
| cve-2026-4141 | Quran Translations <= 1.7 - Cross-Site Request Forgery… |
edckwt |
Quran Translations |
2026-04-08T06:43:42.869Z | 2026-04-08T17:29:19.724Z | |
| cve-2026-2838 | Whole Enquiry Cart for WooCommerce <= 1.2.1 - Authenti… |
idealwebdesignlk |
Whole Enquiry Cart for WooCommerce |
2026-04-08T06:43:42.488Z | 2026-04-13T15:15:09.983Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-avi-369 | Multiples vulnérabilités dans Oracle WebLogic Server | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-368 | Multiples vulnérabilités dans Oracle Virtualization | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-367 | Multiples vulnérabilités dans Oracle Systems | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-366 | Multiples vulnérabilités dans Oracle PeopleSoft | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-365 | Multiples vulnérabilités dans Oracle MySQL | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-364 | Multiples vulnérabilités dans Oracle Java SE | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-363 | Multiples vulnérabilités dans Oracle Database Server | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-362 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-361 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-360 | Vulnérabilité dans les produits Siemens | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-359 | Vulnérabilité dans Mitel MiVoice Connect | 2022-04-20T00:00:00.000000 | 2022-04-20T00:00:00.000000 |
| certfr-2022-avi-358 | Multiples vulnérabilités dans Postfix | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-357 | Multiples vulnérabilités dans Microsoft Edge | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-356 | Multiples vulnérabilités dans Google Chrome OS | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-355 | Vulnérabilité dans Google Chrome | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-354 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-353 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-04-19T00:00:00.000000 | 2022-04-19T00:00:00.000000 |
| certfr-2022-avi-352 | Multiples vulnérabilités dans les produits TheGreenBow | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-351 | Multiples vulnérabilités dans les logiciels Juniper | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-350 | Multiples vulnérabilités dans Juniper Junos OS et Junos OS Evolved | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-349 | Multiples vulnérabilités dans IBM Tivoli Network Manager | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-348 | Multiples vulnérabilités dans Asterisk | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-347 | Vulnérabilité dans VMware Cloud Director | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-346 | Vulnérabilité dans les produits SonicWall | 2022-04-15T00:00:00.000000 | 2022-04-15T00:00:00.000000 |
| certfr-2022-avi-345 | Multiples vulnérabilités dans les produits SAP | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |
| certfr-2022-avi-344 | Vulnérabilité dans VMware Spring | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |
| certfr-2022-avi-343 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |
| certfr-2022-avi-342 | Vulnérabilité dans les produits Palo Alto Networks | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |
| certfr-2022-avi-341 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |
| certfr-2022-avi-340 | Vulnérabilité dans Nextcloud Calendar | 2022-04-14T00:00:00.000000 | 2022-04-14T00:00:00.000000 |