Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-57340

WordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerability_CVE-2026-57340

Unauthenticated Broken Access Control in Japanized For WooCommerce

shohei.tanaka Japanized For WooCommerce n/a CVE
MEDIUM 6.6 CVE-2026-57339

WordPress Business Directory plugin <= 6.4.23 - Broken Access Control vulnerability_CVE-2026-57339

Unauthenticated Broken Access Control in Business Directory

Strategy11 Team Business Directory n/a CVE
HIGH 7.1 CVE-2026-57338

WordPress ARForms plugin <= 7.1.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57338

Unauthenticated Cross Site Scripting (XSS) in ARForms

Repute InfoSystems ARForms n/a CVE
HIGH 7.1 CVE-2026-57337

WordPress Landing Page Builder plugin <= 1.5.3.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57337

Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder

PluginOps Landing Page Builder n/a CVE
HIGH 7.1 CVE-2026-57336

WordPress Jobify theme <= 4.3.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57336

Unauthenticated Cross Site Scripting (XSS) in Jobify

Astoundify Jobify n/a CVE
MEDIUM 6.5 CVE-2026-57335

WordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerability_CVE-2026-57335

Subscriber Broken Access Control in Ads by WPQuads

Ads WPQuads Ads by WPQuads n/a CVE
MEDIUM 6.5 CVE-2026-57334

WordPress WP User Frontend plugin <= 4.3.7 - Broken Access Control vulnerability_CVE-2026-57334

Unauthenticated Broken Access Control in WP User Frontend

weDevs WP User Frontend n/a CVE
HIGH 7.1 CVE-2026-57333

WordPress Link Whisper Free plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57333

Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free

Spencer Haws Link Whisper Free n/a CVE
HIGH 7.1 CVE-2026-57332

WordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerability_CVE-2026-57332

Subscriber Broken Access Control in Wallet System for WooCommerce

WP Swings Wallet System for WooCommerce n/a CVE
CRITICAL 9.9 CVE-2026-57331

WordPress Paid Videochat Turnkey Site plugin <= 7.4.8 - Arbitrary File Deletion vulnerability_CVE-2026-57331

Performer Arbitrary File Deletion in Paid Videochat Turnkey Site

videowhisper Paid Videochat Turnkey Site n/a CVE