Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2026-57319

WordPress FOX plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57319

Unauthenticated Cross Site Scripting (XSS) in FOX

RealMag777 FOX n/a CVE
HIGH 7.1 CVE-2026-57317

WordPress Simply Schedule Appointments plugin <= 1.6.12.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57317

Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments

NSquared Simply Schedule Appointments n/a CVE
HIGH 8.5 CVE-2026-57315

WordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerability_CVE-2026-57315

Contributor Remote Code Execution (RCE) in Blocksy Companion Pro

Creative Themes Blocksy Companion Pro n/a CVE
HIGH 7.1 CVE-2026-57314

WordPress SureCart plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57314

Unauthenticated Cross Site Scripting (XSS) in SureCart

SureCart SureCart n/a CVE
HIGH 7.1 CVE-2026-57312

WordPress Everest Forms plugin <= 3.4.8 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57312

Unauthenticated Cross Site Scripting (XSS) in Everest Forms

wpeverest Everest Forms n/a CVE
HIGH 8.7 CVE-2026-56773

Teable – Missing Authorization in v2 REST API_CVE-2026-56773

Teable's v2 REST API controller lacks @Permissions metadata on ORPC endpoints, allowing any authenticated user to bypass authorization checks. Atta...

teableio teable CVE
HIGH 7.1 CVE-2026-56072

WordPress WoodMart theme <= 8.5.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56072

Unauthenticated Cross Site Scripting (XSS) in WoodMart

Xtemos WoodMart n/a CVE
HIGH 7.5 CVE-2026-56069

WordPress Toolset Forms plugin <= 2.6.24 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-56069

Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms

Site Building with Toolset Toolset Forms n/a CVE
HIGH 8.5 CVE-2026-56064

WordPress Tourfic plugin <= 2.22.5 - SQL Injection vulnerability_CVE-2026-56064

Subscriber SQL Injection in Tourfic

Themefic Tourfic n/a CVE
HIGH 8.3 CVE-2026-56063

WordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerability_CVE-2026-56063

Unauthenticated Broken Access Control in MailChimp Block

bPlugins MailChimp Block n/a CVE