Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2026-57751

WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57751

Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login

Heateor Support Heateor Social Login n/a CVE
MEDIUM 5.3 CVE-2026-57750

WordPress ez Form Calculator Premium plugin <= 2.14.1.2 - Broken Access Control vulnerability_CVE-2026-57750

Unauthenticated Broken Access Control in ez Form Calculator Premium

Keksdieb ez Form Calculator Premium n/a CVE
HIGH 7.5 CVE-2026-57749

WordPress SportsPress Pro plugin <= 2.7.29 - Local File Inclusion vulnerability_CVE-2026-57749

Contributor Local File Inclusion in SportsPress Pro

ThemeBoy SportsPress Pro n/a CVE
HIGH 7.5 CVE-2026-57748

WordPress Shopify plugin <= 1.0.0 - Local File Inclusion vulnerability_CVE-2026-57748

Contributor Local File Inclusion in Shopify

Shopify Help Center Shopify n/a CVE
MEDIUM 6.5 CVE-2026-57747

WordPress Booked plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57747

Unauthenticated Cross Site Request Forgery (CSRF) in Booked

ThemeREX Booked n/a CVE
HIGH 7.1 CVE-2026-57746

WordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerability_CVE-2026-57746

Subscriber Broken Access Control in Booked

ThemeREX Booked n/a CVE
MEDIUM 6.5 CVE-2026-57731

WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability_CVE-2026-57731

Contributor Broken Access Control in Flatsome

UX-themes Flatsome n/a CVE
MEDIUM 4.3 CVE-2026-57730

WordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerability_CVE-2026-57730

Subscriber Broken Access Control in Flatsome

UX-themes Flatsome n/a CVE
MEDIUM 4.3 CVE-2026-57690

WordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57690

Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt

Fuelthemes Werkstatt n/a CVE
MEDIUM 4.3 CVE-2026-57689

WordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerability_CVE-2026-57689

Subscriber Broken Access Control in Werkstatt

Fuelthemes Werkstatt n/a CVE