🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-6578 | Medium | 5.6 |
A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the fi…
|
— | Apr 19, 2026 |
| CVE-2026-6583 | Medium | 5.4 |
A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edi…
|
— | Apr 19, 2026 |
| CVE-2026-4801 | Medium | 6.4 |
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via exter…
|
— | Apr 18, 2026 |
| CVE-2026-2986 | Medium | 6.4 |
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes…
|
— | Apr 18, 2026 |
| CVE-2026-1559 | Medium | 6.4 |
The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'checkin_place_id' parameter in al…
|
— | Apr 18, 2026 |
| CVE-2026-0894 | Medium | 6.4 |
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin…
|
— | Apr 18, 2026 |
| CVE-2026-6048 | Medium | 6.4 |
The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget…
|
— | Apr 18, 2026 |
| CVE-2026-1838 | Medium | 6.1 |
The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all …
|
— | Apr 18, 2026 |
| CVE-2026-2505 | Medium | 5.4 |
The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including…
|
— | Apr 18, 2026 |
| CVE-2026-4817 | Medium | 6.5 |
The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based B…
|
— | Apr 17, 2026 |
| CVE-2026-6080 | Medium | 6.5 |
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to …
|
— | Apr 17, 2026 |
| CVE-2026-4666 | Medium | 6.5 |
The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of `extract($arg…
|
— | Apr 17, 2026 |
| CVE-2026-3488 | Medium | 6.5 |
The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.1…
|
— | Apr 17, 2026 |
| CVE-2026-2434 | Medium | 6.4 |
The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard' shortcode attribute…
|
— | Apr 17, 2026 |
| CVE-2026-5162 | Medium | 6.4 |
The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed …
|
— | Apr 17, 2026 |
| CVE-2026-6497 | Medium | 6.3 |
A vulnerability was determined in prasathmani TinyFileManager up to 2.6. Affected by this vulnerability is an unknown fu…
|
— | Apr 17, 2026 |
| CVE-2026-6489 | Medium | 6.3 |
A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects …
|
— | Apr 17, 2026 |
| CVE-2026-6488 | Medium | 6.3 |
A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affec…
|
— | Apr 17, 2026 |
| CVE-2026-6496 | Medium | 5.4 |
A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /fileman…
|
— | Apr 17, 2026 |
| CVE-2026-5427 | Medium | 5.3 |
The Kubio plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to and including 2.7.2. This is due…
|
— | Apr 17, 2026 |