Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.8 CVE-2026-9691

WordPress Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.1 - PHP Object Injection vulnerability_CVE-2026-9691

Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms

CRM Perks Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms 1.1.1 CVE
CRITICAL 9.6 CVE-2026-52703

WordPress FastDup plugin <= 2.7.2 - Path Traversal vulnerability_CVE-2026-52703

Unauthenticated Path Traversal in FastDup

Ninja Team FastDup n/a CVE
HIGH 7.1 CVE-2026-52702

WordPress SEO Redirection plugin <= 9.17 - Cross Site Scripting (XSS) vulnerability_CVE-2026-52702

Unauthenticated Cross Site Scripting (XSS) in SEO Redirection

wp-buy SEO Redirection n/a CVE
HIGH 8.5 CVE-2026-52700

WordPress WCMultiShipping plugin <= 3.0.2 - SQL Injection vulnerability_CVE-2026-52700

Subscriber SQL Injection in WCMultiShipping

WcMultishipping – Mondial Relay & Chronopost for Wooommerce WCMultiShipping n/a CVE
HIGH 7.5 CVE-2026-52699

WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-52699

Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar

e4jvikwp VikRentCar n/a CVE
HIGH 8.5 CVE-2026-52697

WordPress Taskbuilder plugin <= 5.0.7 - SQL Injection vulnerability_CVE-2026-52697

Subscriber SQL Injection in Taskbuilder

Taskbuilder Taskbuilder n/a CVE
HIGH 7.5 CVE-2026-52695

WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability_CVE-2026-52695

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout

Al Monsor ABC Crypto Checkout n/a CVE
HIGH 7.5 CVE-2026-52694

WordPress Signature Add-On for WooCommerce plugin <= 2.0 - Sensitive Data Exposure vulnerability_CVE-2026-52694

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce

WP E-Signature Signature Add-On for WooCommerce n/a CVE
CRITICAL 9.3 CVE-2026-52693

WordPress eCommerce Product Catalog plugin <= 3.5.5 - SQL Injection vulnerability_CVE-2026-52693

Unauthenticated SQL Injection in eCommerce Product Catalog

impleCode eCommerce Product Catalog n/a CVE
HIGH 7.5 CVE-2026-52692

WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability_CVE-2026-52692

Unauthenticated Sensitive Data Exposure in Affiliates Manager

wp.insider Affiliates Manager n/a CVE