Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-54834

WordPress Object Cache 4 everyone plugin <= 2.3.2 - Sensitive Data Exposure vulnerability_CVE-2026-54834

Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone

fpuenteonline Object Cache 4 everyone n/a CVE
HIGH 7.4 CVE-2026-54833

WordPress Enable CORS plugin <= 2.0.3 - Backdoor vulnerability_CVE-2026-54833

Unauthenticated Backdoor in Enable CORS

Dev Kabir Enable CORS n/a CVE
HIGH 7.5 CVE-2026-54832

WordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerability_CVE-2026-54832

Unauthenticated Broken Access Control in Gutenverse Companion

Jegstudio Gutenverse Companion n/a CVE
HIGH 7.6 CVE-2026-54826

WordPress SupportCandy plugin <= 3.4.6 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-54826

Subscriber Insecure Direct Object References (IDOR) in SupportCandy

PSM Plugins SupportCandy n/a CVE
HIGH 7.5 CVE-2026-54824

WordPress Ads by WPQuads plugin <= 3.0.3 - Sensitive Data Exposure vulnerability_CVE-2026-54824

Unauthenticated Sensitive Data Exposure in Ads by WPQuads

Ads WPQuads Ads by WPQuads n/a CVE
HIGH 7.8 CVE-2026-45257

Arbitrary file overwrite via the KTLS receive path_CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assump...

FreeBSD FreeBSD 15.0-RELEASE CVE
HIGH 7.5 CVE-2026-30041

CVE-2026-30041_CVE-2026-30041

An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Servi...

n/a n/a n/a CVE
HIGH 7.5 CVE-2025-68064

WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability_CVE-2025-68064

Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.

Everthemess Goya Core n/a CVE
HIGH 7.5 CVE-2025-68063

WordPress Splash – Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability_CVE-2025-68063

Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey

StylemixThemes Splash - Sport Club WordPress Theme for Basketball, Football, Hockey n/a CVE
HIGH 8.8 CVE-2025-68052

WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2025-68052

Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking

Eagle-Themes Eagle Booking n/a CVE