Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57361

WordPress Survey Maker plugin <= 5.2.2.5 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57361

Unauthenticated Cross Site Scripting (XSS) in Survey Maker

Ays Pro Survey Maker n/a CVE
HIGH 7.1 CVE-2026-57360

WordPress eCommerce Product Catalog plugin <= 3.5.4 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57360

Unauthenticated Cross Site Scripting (XSS) in eCommerce Product Catalog

impleCode eCommerce Product Catalog n/a CVE
HIGH 7.1 CVE-2026-57359

WordPress ReviewX plugin <= 2.3.10 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57359

Unauthenticated Cross Site Scripting (XSS) in ReviewX

ReviewX ReviewX n/a CVE
HIGH 7.1 CVE-2026-57358

WordPress Customize My Account for WooCommerce plugin <= 4.3.9 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57358

Unauthenticated Cross Site Scripting (XSS) in Customize My Account for WooCommerce

SysBasics Customize My Account for WooCommerce n/a CVE
HIGH 7.1 CVE-2026-57357

WordPress Search Atlas SEO plugin <= 2.6.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57357

Unauthenticated Cross Site Scripting (XSS) in Search Atlas SEO

Search Atlas Group Search Atlas SEO n/a CVE
HIGH 7.1 CVE-2026-57356

WordPress MC Woocommerce Wishlist plugin <= 1.9.19 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57356

Unauthenticated Cross Site Scripting (XSS) in MC Woocommerce Wishlist

Moreconvert Team MC Woocommerce Wishlist n/a CVE
MEDIUM 6.5 CVE-2026-57355

WordPress Classified Listing plugin <= 5.4.2 - Broken Access Control vulnerability_CVE-2026-57355

Subscriber Broken Access Control in Classified Listing

RadiusTheme Classified Listing n/a CVE
MEDIUM 6.5 CVE-2026-57354

WordPress JetReviews plugin <= 3.0.0.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57354

Subscriber Cross Site Scripting (XSS) in JetReviews

Crocoblock. Jetimpex Inc. JetReviews n/a CVE
MEDIUM 6.5 CVE-2026-57353

WordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerability_CVE-2026-57353

Subscriber Broken Access Control in Link Whisper Premium

LinkWhisper Link Whisper Premium n/a CVE
MEDIUM 4.8 CVE-2026-57352

WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 2.2.0 - Broken Authentication vulnerability_CVE-2026-57352

Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce

VillaTheme ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce n/a CVE