Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-22339

WordPress WPJobster theme <= 6.3.5 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22339

Unauthenticated Cross Site Scripting (XSS) in WPJobster

Jobster Marketplace WPJobster n/a CVE
HIGH 8.1 CVE-2026-22338

WordPress EcoBlue theme <= 1.15 - Local File Inclusion vulnerability_CVE-2026-22338

Unauthenticated Local File Inclusion in EcoBlue

ThemeREX EcoBlue n/a CVE
HIGH 8.5 CVE-2026-22335

WordPress WooCommerce Frontend Manager – Ultimate plugin < 6.7.7 - SQL Injection vulnerability_CVE-2026-22335

Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.

WC Lovers. WooCommerce Frontend Manager – Ultimate n/a CVE
HIGH 7.5 CVE-2026-22334

WordPress Woocommerce Book Price plugin <= 1.3 - Arbitrary File Download vulnerability_CVE-2026-22334

Subscriber Arbitrary File Download in Woocommerce Book Price

WPos Woocommerce Book Price n/a CVE
CRITICAL 9.3 CVE-2026-22332

WordPress Tutor LMS Pro plugin <= 3.9.6 - SQL Injection vulnerability_CVE-2026-22332

Unauthenticated SQL Injection in Tutor LMS Pro

Themeum Tutor LMS Pro n/a CVE
HIGH 8.1 CVE-2026-22331

WordPress AutoParts theme <= 1.5.8 - Local File Inclusion vulnerability_CVE-2026-22331

Unauthenticated Local File Inclusion in AutoParts

ThemeREX AutoParts n/a CVE
HIGH 8.1 CVE-2026-22330

WordPress Right Way theme <= 4.0 - Local File Inclusion vulnerability_CVE-2026-22330

Unauthenticated Local File Inclusion in Right Way

Themeum Right Way n/a CVE
HIGH 7.1 CVE-2026-22329

WordPress Skillate theme <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22329

Unauthenticated Cross Site Scripting (XSS) in Skillate

Themeum Skillate n/a CVE
HIGH 7.1 CVE-2026-22328

WordPress Auto Repair theme <= 22.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22328

Unauthenticated Cross Site Scripting (XSS) in Auto Repair

VamTam Auto Repair n/a CVE
CRITICAL 9.9 CVE-2026-22327

WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability_CVE-2026-22327

Subscriber Arbitrary File Upload in Restaurt

Zozothemes Restaurt n/a CVE