Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.3 CVE-2026-56063

WordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerability_CVE-2026-56063

Unauthenticated Broken Access Control in MailChimp Block

bPlugins MailChimp Block n/a CVE
CRITICAL 9.3 CVE-2026-56062

WordPress Quotes llama plugin <= 3.1.5 - SQL Injection vulnerability_CVE-2026-56062

Unauthenticated SQL Injection in Quotes llama

oooorgle Quotes llama n/a CVE
HIGH 7.5 CVE-2026-56061

WordPress Subscriptions for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability_CVE-2026-56061

Unauthenticated Broken Access Control in Subscriptions for WooCommerce

WP Swings Subscriptions for WooCommerce n/a CVE
HIGH 7.5 CVE-2026-56060

WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 7.1.1 - Sensitive Data Exposure vulnerability_CVE-2026-56060

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce

tychesoftwares Print Invoice & Delivery Notes for WooCommerce n/a CVE
CRITICAL 9.9 CVE-2026-56059

WordPress Travel Booking theme <= 2.2.5 - Arbitrary File Upload vulnerability_CVE-2026-56059

Subscriber Arbitrary File Upload in Travel Booking

PhysCode Travel Booking n/a CVE
CRITICAL 9.9 CVE-2026-56058

WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability_CVE-2026-56058

Subscriber Arbitrary File Upload in Quform

ThemeCatcher Quform n/a CVE
CRITICAL 9.8 CVE-2026-56057

WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability_CVE-2026-56057

Subscriber PHP Object Injection in Uncanny Automator Pro

Uncanny Owl Uncanny Automator Pro n/a CVE
HIGH 8.8 CVE-2026-56055

WordPress RealHomes theme <= 4.5.3 - PHP Object Injection vulnerability_CVE-2026-56055

Subscriber PHP Object Injection in RealHomes

InspiryThemes RealHomes n/a CVE
MEDIUM 6.5 CVE-2026-56048

WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 3.0.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-56048

Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce

tychesoftwares Payment Gateway Based Fees and Discounts for WooCommerce n/a CVE
HIGH 7.1 CVE-2026-56047

WordPress perfmatters plugin <= 2.6.3 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56047

Unauthenticated Cross Site Scripting (XSS) in perfmatters

Perfmatters, Powered Kinsta + GeneratePress Docs Changelog Feature requests Legal Affiliate Contact perfmatters n/a CVE