Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 5.3 CVE-2026-11896

My Calendar <= 3.7.14 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Disclosure via 'vcal' Parameter_CVE-2026-11896

The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and includ...

joedolson My Calendar – Accessible Event Manager CVE
MEDIUM 4.4 CVE-2026-10104

Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via custom_thumbnail Parameter_CVE-2026-10104

The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom_thumbnail Parameter in all v...

nikhilgadhiya Product Video Gallery for Woocommerce CVE
NONE 81CC3931-A102-

sec-poc_81CC3931-A102-53DE-8AD8-B340E00AFF22

sec-poc...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 34CCFAD0-8C43-

Exploit for CVE-2021-27877_34CCFAD0-8C43-5B1F-B129-EC944F9BD546

CVE-2021-27877 Proof of Concept This repository contains a modified version of the original Rapid7 Metasploit module for CVE-2021-27877 affecting t...

N/A N/A GITHUBEXPLOIT
NONE D21BCA5D-CD24-

blindSQLi_D21BCA5D-CD24-5D1A-BDA7-AFFB29C63D11

blindSQLi A python based blind SQL injection exploitation script This script can be adapted to any SQL injectable url by simply changing the url in...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 THN:545A87363DE...

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack_THN:545A87363DEA6B47B61F5465E5995230

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirfJNnWRTyyKkXeatZdtLvMsQhba-L0J9yuyASwy4T-6nlbGWnkEl0FUBVO8wS6je9Hc9wPdu01JJ0TETOa1...

N/A N/A THN
NONE 2F37FB50-1C17-

Poc_2F37FB50-1C17-5CF9-B22D-FCF5E9C8EBC5

No description provided...

N/A N/A GITHUBEXPLOIT
NONE THN:C9A1143D73F...

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos_THN:C9A1143D73F05246E3C8D296B1E09C36

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjd_BdKzn7-7TCZJfnsZBy25kGm8xiQTrJquj8vMVsjlRXf7LXqMiJLQs8ic-lNLRc51whJzP-B4Nv9OOzfgO...

N/A N/A THN
CRITICAL 9.8 THN:84197EDE93C...

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations_THN:84197EDE93C292DD6425E3EC1760B383

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcA80dQWiuszAlBgwcxzc3suImls2cKOwk_2nYMo7UY5MNSdlKNMgibekQNEhWRuxmX5s1JcLHCd_dsDZ3m9...

N/A N/A THN
HIGH 8.1 CVE-2026-5821

Image Optimizer <= 1.7.4 - Authenticated (Author+) Arbitrary File Deletion via Post Meta Field Injection_CVE-2026-5821

The Image Optimizer plugin for WordPress is vulnerable to arbitrary file deletion in versions up to and including 1.7.4. This is due to insufficien...

elemntor Image Optimizer – Optimize Images and Convert to WebP or AVIF CVE