Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.4 CVE-2026-49082

WordPress Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons plugin <= 1.4.8 - Sensitive Data Exposure vulnerability_CVE-2026-49082

Subscriber Sensitive Data Exposure in Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons

Chatway Live Chat Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons n/a CVE
HIGH 7.5 CVE-2026-49078

WordPress WP Travel Engine plugin <= 6.7.10 - Other Vulnerability Type vulnerability_CVE-2026-49078

Unauthenticated Other Vulnerability Type in WP Travel Engine

WP Travel Engine WP Travel Engine n/a CVE
HIGH 7.5 CVE-2026-49070

WordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerability_CVE-2026-49070

Unauthenticated Broken Access Control in Knit Pay

Knit Pay Knit Pay n/a CVE
HIGH 7.5 CVE-2026-49068

WordPress Coupon Affiliates plugin <= 7.8.1 - Sensitive Data Exposure vulnerability_CVE-2026-49068

Subscriber Sensitive Data Exposure in Coupon Affiliates

RelyWP Coupon Affiliates n/a CVE
CRITICAL 9.3 CVE-2026-49067

WordPress Advanced 301 and 302 Redirect plugin <= 1.6.9 - SQL Injection vulnerability_CVE-2026-49067

Unauthenticated SQL Injection in Advanced 301 and 302 Redirect

yydevelopment Advanced 301 and 302 Redirect 1.6.9 CVE
HIGH 7.5 CVE-2026-49066

WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability_CVE-2026-49066

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway

Conekta Group Conekta Payment Gateway n/a CVE
HIGH 8.2 CVE-2026-49065

WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerability_CVE-2026-49065

Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce

hippooo Hippoo Mobile App for WooCommerce n/a CVE
HIGH 7.3 CVE-2026-49063

WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability_CVE-2026-49063

Unauthenticated Privilege Escalation in Listdom

Webilia Inc. Listdom n/a CVE
HIGH 7.5 CVE-2026-49061

WordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerability_CVE-2026-49061

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce

WPClever WPC Product Options for WooCommerce n/a CVE
HIGH 7.5 CVE-2026-49056

WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability_CVE-2026-49056

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels

WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels n/a CVE