Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

122 New today

66,074 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

386

Jun 26

Jun 27

Critical

High

Medium

Low

Latest

CVE CVSS 4.3

HD Quiz 2.2.0 – 2.2.1 – Cross-Site Request Forgery via Multiple AJAX Handlers_CVE-2026-13422

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdq_validate_nonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes an...

CVE-2026-13422 harmonic_design HD Quiz 2.2.0

Jun 27, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.4	CVE-2026-13335	CodePeople Post Map for Google Maps <= 1.2.6 - Authenticated (Contributor +) Stored Cross-Site Scripting via 'cpm_point' Post Meta_CVE-2026-13335 The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpm_point' Post Meta in all versions...	codepeople	CodePeople Post Map for Google Maps	Jun 27, 2026	CVE
MEDIUM 6.5	CVE-2026-13333	Groundhogg <= 4.5.5 - Authenticated (Sales Rep+) SQL Injection via 'query[select]' Parameter_CVE-2026-13333 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'query[select]' Paramet...	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Jun 27, 2026	CVE
MEDIUM 6.5	CVE-2026-13331	Groundhogg <= 4.5.5 - Authenticated (Marketer+) SQL Injection via 'search' Parameter_CVE-2026-13331 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter ...	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Jun 27, 2026	CVE
MEDIUM 4.4	CVE-2026-11356	Ivory Search <= 5.5.15 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings_CVE-2026-11356 The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_c...	vinod-dalvi	Ivory Search – WordPress Search Plugin	Jun 27, 2026	CVE
MEDIUM 5.5	CVE-2025-59868	HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure_CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit applic...	HCLSoftware	Traveler for Microsoft Outlook <3.0.15	Jun 27, 2026	CVE
HIGH 8.3	MS:CVE-2026-50521	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability_MS:CVE-2026-50521 Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.	N/A	N/A	Jun 26, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-11647	Chromium: CVE-2026-11647 Use after free in Printing_MS:CVE-2026-11647 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-12028	Chromium: CVE-2026-12028 Use after free GPU_MS:CVE-2026-12028 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-12030	Chromium: CVE-2026-12031 Inappropriate implementation Views_MS:CVE-2026-12030 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

HD Quiz 2.2.0 – 2.2.1 – Cross-Site Request Forgery via Multiple AJAX Handlers_CVE-2026-13422

Recent Advisories

CodePeople Post Map for Google Maps <= 1.2.6 - Authenticated (Contributor +) Stored Cross-Site Scripting via 'cpm_point' Post Meta_CVE-2026-13335

Groundhogg <= 4.5.5 - Authenticated (Sales Rep+) SQL Injection via 'query[select]' Parameter_CVE-2026-13333

Groundhogg <= 4.5.5 - Authenticated (Marketer+) SQL Injection via 'search' Parameter_CVE-2026-13331

Ivory Search <= 5.5.15 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings_CVE-2026-11356

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure_CVE-2025-59868

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability_MS:CVE-2026-50521

Chromium: CVE-2026-11647 Use after free in Printing_MS:CVE-2026-11647

Chromium: CVE-2026-12028 Use after free GPU_MS:CVE-2026-12028

Chromium: CVE-2026-12031 Inappropriate implementation Views_MS:CVE-2026-12030

Protect Your Attack Surface with RedGem

Security Intelligence
Feed