Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57672

WordPress wpDataTables plugin <= 6.5.1.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57672

Unauthenticated Cross Site Scripting (XSS) in wpDataTables

Melograno Venture Studio wpDataTables n/a CVE
HIGH 7.1 CVE-2026-57671

WordPress perfmatters plugin <= 2.6.4 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57671

Unauthenticated Cross Site Scripting (XSS) in perfmatters

Perfmatters perfmatters n/a CVE
HIGH 7.1 CVE-2026-57670

WordPress Google Maps CP plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57670

Unauthenticated Cross Site Scripting (XSS) in Google Maps CP

Codepeople Google Maps CP n/a CVE
MEDIUM 6.5 CVE-2026-57669

WordPress Advanced Contact form 7 DB plugin <= 2.0.9 - Broken Access Control vulnerability_CVE-2026-57669

Subscriber Broken Access Control in Advanced Contact form 7 DB

Vsourz Digital Advanced Contact form 7 DB n/a CVE
CRITICAL 9.6 CVE-2026-57625

WordPress Admin and Site Enhancements (ASE) Pro plugin <= 8.8.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57625

Unauthenticated Cross Site Scripting (XSS) in Admin and Site Enhancements (ASE) Pro

ASE Admin and Site Enhancements (ASE) Pro n/a CVE
CRITICAL 10 CVE-2026-57624

WordPress Blocksy Companion Pro plugin <= 2.1.46 - Remote Code Execution (RCE) vulnerability_CVE-2026-57624

Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro

Creative Themes Blocksy Companion Pro n/a CVE
CRITICAL 9 CVE-2026-57623

WordPress W3 Total Cache plugin <= 2.9.4 - Arbitrary Code Execution vulnerability_CVE-2026-57623

Unauthenticated Arbitrary Code Execution in W3 Total Cache

BoldGrid W3 Total Cache n/a CVE
CRITICAL 9.8 CVE-2026-57621

WordPress Booktics plugin <= 1.0.21 - PHP Object Injection vulnerability_CVE-2026-57621

Unauthenticated PHP Object Injection in Booktics

Arraytics Booktics n/a CVE
HIGH 7.1 CVE-2026-57426

WordPress Modula – PRO plugin <= 2.10.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57426

Unauthenticated Cross Site Scripting (XSS) in Modula - PRO

Chill Media Labs S.R.L. Modula - PRO n/a CVE
HIGH 7.1 CVE-2026-57366

WordPress WPAdverts plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57366

Unauthenticated Cross Site Scripting (XSS) in WPAdverts

Greg Winiarski WPAdverts n/a CVE