Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57351

WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57351

Unauthenticated Cross Site Scripting (XSS) in HandL UTM Grabber

Haktan Suren HandL UTM Grabber n/a CVE
HIGH 7.1 CVE-2026-57350

WordPress WP Debugging plugin <= 2.12.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57350

Unauthenticated Cross Site Scripting (XSS) in WP Debugging

Andy Fragen WP Debugging n/a CVE
HIGH 7.1 CVE-2026-57349

WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.17 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57349

Unauthenticated Cross Site Scripting (XSS) in WPeMatico RSS Feed Fetcher

etruel WPeMatico RSS Feed Fetcher n/a CVE
HIGH 7.2 CVE-2026-57348

WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability_CVE-2026-57348

Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions

Cozmoslabs Paid Member Subscriptions n/a CVE
MEDIUM 6.5 CVE-2026-57347

WordPress Hotel Booking Lite plugin <= 6.0.3 - Sensitive Data Exposure vulnerability_CVE-2026-57347

Subscriber Sensitive Data Exposure in Hotel Booking Lite

jetmonsters Hotel Booking Lite n/a CVE
HIGH 7.1 CVE-2026-57345

WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57345

Unauthenticated Cross Site Scripting (XSS) in Internal Links Manager

Webraketen Internal Links Manager n/a CVE
HIGH 7.1 CVE-2026-57344

WordPress Classified Listing plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57344

Unauthenticated Cross Site Scripting (XSS) in Classified Listing

RadiusTheme Classified Listing n/a CVE
HIGH 7.1 CVE-2026-57343

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57343

Unauthenticated Cross Site Scripting (XSS) in Real Estate 7

Contempoinc Real Estate 7 n/a CVE
MEDIUM 6.5 CVE-2026-57342

WordPress ShortPixel Adaptive Images plugin <= 3.11.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57342

Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive Images

ShortPixel ShortPixel Adaptive Images n/a CVE
MEDIUM 6.5 CVE-2026-49779

WordPress Tax Exempt for WooCommerce plugin <= 1.9.3 - Path Traversal vulnerability_CVE-2026-49779

Customer Path Traversal in Tax Exempt for WooCommerce

Addify Tax Exempt for WooCommerce n/a CVE