Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.2 CVE-2026-57688

WordPress POS Entegratör plugin <= 3.7.103 - Broken Access Control vulnerability_CVE-2026-57688

Unauthenticated Broken Access Control in POS Entegratör

Gurmehub POS Entegratör n/a CVE
HIGH 8.5 CVE-2026-57687

WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability_CVE-2026-57687

Contributor SQL Injection in Custom Field Template

Hiroaki Miyashita Custom Field Template n/a CVE
HIGH 7.1 CVE-2026-57686

WordPress WowAddons plugin <= 1.6.14 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57686

Unauthenticated Cross Site Scripting (XSS) in WowAddons

WPXPO WowAddons n/a CVE
HIGH 7.1 CVE-2026-57682

WordPress Simple Link Directory plugin <= 15.0.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57682

Unauthenticated Cross Site Scripting (XSS) in Simple Link Directory

QuantumCloud Simple Link Directory n/a CVE
HIGH 7.1 CVE-2026-57675

WordPress WP Photo Album Plus plugin <= 9.2.02.004 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57675

Unauthenticated Cross Site Scripting (XSS) in WP Photo Album Plus

Jacob N. Breetvelt WP Photo Album Plus n/a CVE
HIGH 7.1 CVE-2026-57674

WordPress Timetics plugin <= 1.0.58 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57674

Unauthenticated Cross Site Scripting (XSS) in Timetics

Arraytics Timetics n/a CVE
HIGH 7.1 CVE-2026-57673

WordPress Optimole plugin <= 4.2.7 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57673

Unauthenticated Cross Site Scripting (XSS) in Optimole

Optimole Optimole n/a CVE
HIGH 7.1 CVE-2026-57672

WordPress wpDataTables plugin <= 6.5.1.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57672

Unauthenticated Cross Site Scripting (XSS) in wpDataTables

Melograno Venture Studio wpDataTables n/a CVE
HIGH 7.1 CVE-2026-57671

WordPress perfmatters plugin <= 2.6.4 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57671

Unauthenticated Cross Site Scripting (XSS) in perfmatters

Perfmatters perfmatters n/a CVE
HIGH 7.1 CVE-2026-57670

WordPress Google Maps CP plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57670

Unauthenticated Cross Site Scripting (XSS) in Google Maps CP

Codepeople Google Maps CP n/a CVE