🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3477 | Medium | 5.3 |
The PZ Frontend Manager plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including …
|
— | Apr 8, 2026 |
| CVE-2026-5167 | Medium | 5.3 |
The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to Authoriza…
|
— | Apr 8, 2026 |
| CVE-2026-4654 | Medium | 5.3 |
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object R…
|
— | Apr 8, 2026 |
| CVE-2026-4299 | Medium | 5.3 |
The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including…
|
— | Apr 8, 2026 |
| CVE-2026-2263 | Medium | 5.3 |
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modific…
|
— | Apr 8, 2026 |
| CVE-2026-32591 | Medium | 5.2 |
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an u…
|
— | Apr 8, 2026 |
| CVE-2026-39355 | Critical | 9.9 |
Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the geneal…
|
⚡ Exploit | Apr 7, 2026 |
| CVE-2026-20433 | High | 8.8 |
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of…
|
— | Apr 7, 2026 |
| CVE-2026-39342 | High | 8.8 |
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with th…
|
⚡ Exploit | Apr 7, 2026 |
| CVE-2026-5465 | High | 8.8 |
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object R…
|
— | Apr 7, 2026 |
| CVE-2026-22683 | High | 8.8 |
Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability that allows users with the Operat…
|
— | Apr 7, 2026 |
| CVE-2026-30460 | High | 8.8 |
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in t…
|
⚡ Exploit | Apr 7, 2026 |
| CVE-2026-4740 | High | 8.2 |
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). …
|
— | Apr 7, 2026 |
| CVE-2026-5736 | High | 7.3 |
A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-serve…
|
— | Apr 7, 2026 |
| CVE-2026-5692 | High | 7.3 |
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGameSpeedCfg of the fil…
|
— | Apr 7, 2026 |
| CVE-2026-5739 | High | 7.3 |
A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.…
|
— | Apr 7, 2026 |
| CVE-2026-5741 | High | 7.3 |
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_con…
|
— | Apr 7, 2026 |
| CVE-2026-22666 | High | 7.2 |
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability in the dol_eval_s…
|
— | Apr 7, 2026 |
| CVE-2026-22682 | High | 7.1 |
OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inco…
|
— | Apr 7, 2026 |
| CVE-2026-5719 | Medium | 6.3 |
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /…
|
— | Apr 7, 2026 |