🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-5502 | Medium | 5.3 |
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content m…
|
— | Apr 17, 2026 |
| CVE-2026-6492 | Medium | 5.3 |
A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea.…
|
— | Apr 17, 2026 |
| CVE-2026-6491 | Medium | 5.3 |
A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec o…
|
— | Apr 17, 2026 |
| CVE-2026-5797 | Medium | 5.3 |
The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and inc…
|
— | Apr 17, 2026 |
| CVE-2026-34197 | Critical | 9.8 |
Apache ActiveMQ — CVE-2026-34197
Apache ActiveMQ contains an improper input validation vulnerability that allows for cod…
|
— | Apr 16, 2026 |
| CVE-2023-3634 | High | 8.8 |
In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of u…
|
— | Apr 16, 2026 |
| CVE-2026-40502 | High | 8.8 |
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with cha…
|
— | Apr 16, 2026 |
| CVE-2026-40901 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocit…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-33083 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-1620 | High | 8.8 |
The Livemesh Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and …
|
— | Apr 16, 2026 |
| CVE-2026-33084 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2025-14868 | High | 8.8 |
The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal and Arbitr…
|
— | Apr 16, 2026 |
| CVE-2026-33207 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-6348 | High | 8.8 |
WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local…
|
— | Apr 16, 2026 |
| CVE-2026-33121 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-3614 | High | 8.8 |
The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up to, and includi…
|
— | Apr 16, 2026 |
| CVE-2026-40900 | High | 8.8 |
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection…
|
⚡ Exploit | Apr 16, 2026 |
| CVE-2026-3599 | High | 7.5 |
The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within…
|
— | Apr 16, 2026 |
| CVE-2026-6351 | High | 7.5 |
MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers …
|
— | Apr 16, 2026 |
| CVE-2026-5050 | High | 7.5 |
The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptog…
|
— | Apr 16, 2026 |