Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-57764

WordPress Surbma | Yoast SEO Breadcrumb Shortcode plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57764

Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode

Surbma Surbma | Yoast SEO Breadcrumb Shortcode n/a CVE
MEDIUM 6.5 CVE-2026-57763

WordPress Structured Content plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57763

Contributor Cross Site Scripting (XSS) in Structured Content

Gordon Böhme Structured Content n/a CVE
MEDIUM 5.9 CVE-2026-57762

WordPress Simple URLs plugin <= 151 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57762

Author Cross Site Scripting (XSS) in Simple URLs

Andrew Fiebert Simple URLs n/a CVE
HIGH 7.1 CVE-2026-57761

WordPress SEOWP theme <= 3.12.2 - CSRF to Stored XSS vulnerability_CVE-2026-57761

Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP

BlueAstralThemes SEOWP n/a CVE
HIGH 8.8 CVE-2026-57759

WordPress ProfileGrid plugin <= 5.9.9.7 - CSRF to Account Takeover vulnerability_CVE-2026-57759

Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid

Metagauss ProfileGrid n/a CVE
HIGH 7.1 CVE-2026-57758

WordPress Permalink Manager for WooCommerce plugin <= 1.0.8.2 - CSRF to Stored XSS vulnerability_CVE-2026-57758

Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce

BeRocket Permalink Manager for WooCommerce n/a CVE
HIGH 7.1 CVE-2026-57757

WordPress pCloud WP Backup plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57757

Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup

ploudapp pCloud WP Backup n/a CVE
HIGH 8.5 CVE-2026-57756

WordPress nicen-localize-image plugin <= 1.4.9 - SQL Injection vulnerability_CVE-2026-57756

Contributor SQL Injection in nicen-localize-image

友人a丶 nicen-localize-image n/a CVE
MEDIUM 6.5 CVE-2026-57755

WordPress Mosaic Gallery – Advanced Gallery plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57755

Contributor Cross Site Scripting (XSS) in Mosaic Gallery – Advanced Gallery

Misbah WP Mosaic Gallery – Advanced Gallery n/a CVE
MEDIUM 6.5 CVE-2026-57754

WordPress Livemesh Addons for WPBakery Page Builder plugin <= 3.9.4 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57754

Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder

Livemesh Livemesh Addons for WPBakery Page Builder n/a CVE