Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57358

WordPress Customize My Account for WooCommerce plugin <= 4.3.9 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57358

Unauthenticated Cross Site Scripting (XSS) in Customize My Account for WooCommerce

SysBasics Customize My Account for WooCommerce n/a CVE
HIGH 7.1 CVE-2026-57357

WordPress Search Atlas SEO plugin <= 2.6.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57357

Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO

Search Atlas Group Search Atlas SEO n/a CVE
HIGH 7.1 CVE-2026-57356

WordPress MC Woocommerce Wishlist plugin <= 1.9.19 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57356

Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce Wishlist

Moreconvert Team MC Woocommerce Wishlist n/a CVE
HIGH 7.1 CVE-2026-57351

WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57351

Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber

Haktan Suren HandL UTM Grabber n/a CVE
HIGH 7.1 CVE-2026-57350

WordPress WP Debugging plugin <= 2.12.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57350

Unauthenticated Cross Site Scripting (XSS) in WP Debugging

Andy Fragen WP Debugging n/a CVE
HIGH 7.1 CVE-2026-57349

WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.17 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57349

Unauthenticated Cross Site Scripting (XSS) in WPeMatico RSS Feed Fetcher

etruel WPeMatico RSS Feed Fetcher n/a CVE
HIGH 7.2 CVE-2026-57348

WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability_CVE-2026-57348

Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions

Cozmoslabs Paid Member Subscriptions n/a CVE
HIGH 7.1 CVE-2026-57345

WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57345

Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager

Webraketen Internal Links Manager n/a CVE
HIGH 7.1 CVE-2026-57344

WordPress Classified Listing plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57344

Unauthenticated Cross Site Scripting (XSS) in Classified Listing

RadiusTheme Classified Listing n/a CVE
HIGH 7.1 CVE-2026-57343

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57343

Unauthenticated Cross Site Scripting (XSS) in Real Estate 7

Contempoinc Real Estate 7 n/a CVE