🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-3666 | High | 8.8 |
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4…
|
— | Apr 4, 2026 |
| CVE-2018-25251 | High | 8.4 |
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attacke…
|
— | Apr 4, 2026 |
| CVE-2018-25255 | High | 8.4 |
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local…
|
— | Apr 4, 2026 |
| CVE-2026-4896 | High | 8.1 |
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is…
|
— | Apr 4, 2026 |
| CVE-2016-20055 | High | 7.8 |
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 serv…
|
— | Apr 4, 2026 |
| CVE-2016-20056 | High | 7.8 |
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv service…
|
— | Apr 4, 2026 |
| CVE-2016-20057 | High | 7.8 |
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that …
|
— | Apr 4, 2026 |
| CVE-2016-20058 | High | 7.8 |
Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivi…
|
— | Apr 4, 2026 |
| CVE-2016-20059 | High | 7.8 |
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services…
|
— | Apr 4, 2026 |
| CVE-2016-20060 | High | 7.8 |
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attac…
|
— | Apr 4, 2026 |
| CVE-2016-20061 | High | 7.8 |
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers …
|
— | Apr 4, 2026 |
| CVE-2026-34769 | High | 7.7 |
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to version…
|
— | Apr 4, 2026 |
| CVE-2026-1233 | High | 7.5 |
The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure i…
|
— | Apr 4, 2026 |
| CVE-2018-25246 | High | 7.5 |
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application…
|
— | Apr 4, 2026 |
| CVE-2026-5526 | High | 7.3 |
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerabil…
|
— | Apr 4, 2026 |
| CVE-2018-25248 | High | 7.2 |
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inje…
|
⚡ Exploit | Apr 4, 2026 |
| CVE-2018-25250 | High | 7.2 |
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows atta…
|
— | Apr 4, 2026 |
| CVE-2026-2936 | High | 7.2 |
The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page…
|
— | Apr 4, 2026 |
| CVE-2026-5425 | High | 7.2 |
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' …
|
— | Apr 4, 2026 |
| CVE-2026-3445 | High | 7.1 |
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres…
|
— | Apr 4, 2026 |