Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

360 New today

60,234 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

111

May 24

204

May 25

336

May 26

455

May 27

326

May 28

451

May 29

206

May 30

May 31

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

Jun 6

Critical

High

Medium

Low

Latest

CVE CVSS 6.5

Photo Gallery by 10Web <= 1.8.41 - Authenticated (Contributor+) SQL Injection via 'compact_album_order_by' Shortcode Parameter_CVE-2026-9829

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to time-based SQL Injection via 'compact_album_order_by' Shortcode Parameter in all versions up to, and including, 1.8.41 due to insufficient escaping on the user supplied parameter a...

CVE-2026-9829 10web Photo Gallery by 10Web – Mobile-Friendly Image Gallery

Jun 6, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.4	CVE-2026-9594	WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter_CVE-2026-9594 The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Sc...	flippercode	WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-9016	Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action_CVE-2026-9016 The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for Logs in al...	qriouslad	Debug Log Manager – Conveniently Monitor and Inspect Errors	Jun 6, 2026	CVE
MEDIUM 5.3	CVE-2026-8839	MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints_CVE-2026-8839 The MapPress Maps for WordPress plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and i...	chrisvrichardson	MapPress Maps for WordPress	Jun 6, 2026	CVE
MEDIUM 4.3	CVE-2026-8611	Klamra Paycal for Aspaclaria <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure via 'invoice_id' Parameter_CVE-2026-8611 The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4...	klamra22	Klamra Paycal for Aspaclaria	Jun 6, 2026	CVE
MEDIUM 4.3	CVE-2026-7624	SEO Plugin by Squirrly SEO <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations_CVE-2026-7624 The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 12.4.16. This is du...	cifi	SEO Plugin by Squirrly SEO	Jun 6, 2026	CVE
HIGH 8.1	E2D2E062-090F-	Exploit for Improper Input Validation in Apache Activemq_E2D2E062-090F-5A3A-84ED-306A6EC90608 CVE-2026-42588 – Apache ActiveMQ Jolokia Remote Code Execution Vulnerability Exploitation Criticality level: 🔴 High risk CVSS 4.0: 8.1 Vulnerabili...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
CRITICAL 9.9	B89B9C6A-46E4-	Exploit for Path Traversal in Open-Emr Openemr_B89B9C6A-46E4-5543-976C-1B968B942D25 CVE-2026-24849 OpenEMR Authenticated Arbitrary File Read EtherFax disposeDoc Proof-of-concept exploit for CVE-2026-24849, an authenticated path-tra...	N/A	N/A	Jun 6, 2026	GITHUBEXPLOIT
HIGH 8.8	MS:CVE-2026-10928	Chromium: CVE-2026-10928 Script injection in Headless_MS:CVE-2026-10928 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 5, 2026	MSCVE
HIGH 8.8	MS:CVE-2026-11086	Chromium: CVE-2026-11086 Insufficient validation of untrusted input in Dawn_MS:CVE-2026-11086 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 5, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

Photo Gallery by 10Web <= 1.8.41 - Authenticated (Contributor+) SQL Injection via 'compact_album_order_by' Shortcode Parameter_CVE-2026-9829

Recent Advisories

WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter_CVE-2026-9594

Debug Log Manager <= 2.5.0 - Unauthenticated Improper Output Neutralization for Logs via log_js_errors AJAX Action_CVE-2026-9016

MapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API Endpoints_CVE-2026-8839

Klamra Paycal for Aspaclaria <= 1.1.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Sensitive Information Exposure via 'invoice_id' Parameter_CVE-2026-8611

SEO Plugin by Squirrly SEO <= 12.4.16 - Missing Authorization to Authenticated (Contributor+) Privileged Cloud API Operations_CVE-2026-7624

Exploit for Improper Input Validation in Apache Activemq_E2D2E062-090F-5A3A-84ED-306A6EC90608

Exploit for Path Traversal in Open-Emr Openemr_B89B9C6A-46E4-5543-976C-1B968B942D25

Chromium: CVE-2026-10928 Script injection in Headless_MS:CVE-2026-10928

Chromium: CVE-2026-11086 Insufficient validation of untrusted input in Dawn_MS:CVE-2026-11086

Protect Your Attack Surface with RedGem

Security Intelligence
Feed