Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.9 CVE-2026-49766

WordPress WP User Manager plugin <= 2.9.16 - Arbitrary File Deletion vulnerability_CVE-2026-49766

Subscriber Arbitrary File Deletion in WP User Manager

WP User Manager WP User Manager n/a CVE
CRITICAL 9.8 CVE-2026-49765

WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.8 - PHP Object Injection vulnerability_CVE-2026-49765

Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms

CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms n/a CVE
CRITICAL 9.8 CVE-2026-49764

WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability_CVE-2026-49764

Unauthenticated Broken Authentication in RegistrationMagic

Metagauss RegistrationMagic n/a CVE
CRITICAL 9.8 CVE-2026-49763

WordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerability_CVE-2026-49763

Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot

CRM Perks Integration for Contact Form 7 HubSpot n/a CVE
CRITICAL 9.8 CVE-2026-49109

WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.3 - PHP Object Injection vulnerability_CVE-2026-49109

Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms

crm perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms n/a CVE
CRITICAL 9.8 CVE-2026-49106

WordPress Integration for Contact Form 7 and Constant Contact plugin <= 1.1.6 - PHP Object Injection vulnerability_CVE-2026-49106

Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact

CRM Perks Integration for Contact Form 7 and Constant Contact n/a CVE
CRITICAL 9.8 CVE-2026-49105

WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability_CVE-2026-49105

Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms 1.1.4 CVE
CRITICAL 9.8 CVE-2026-49104

WordPress Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.2.1 - PHP Object Injection vulnerability_CVE-2026-49104

Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms

CRM Perks Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms 1.2.1 CVE
CRITICAL 9.8 CVE-2026-49085

WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability_CVE-2026-49085

Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms 1.1.4 CVE
CRITICAL 9.3 CVE-2026-49067

WordPress Advanced 301 and 302 Redirect plugin <= 1.6.9 - SQL Injection vulnerability_CVE-2026-49067

Unauthenticated SQL Injection in Advanced 301 and 302 Redirect

yydevelopment Advanced 301 and 302 Redirect 1.6.9 CVE