🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2018-25246 | High | 7.5 |
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application…
|
— | Apr 4, 2026 |
| CVE-2026-5526 | High | 7.3 |
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerabil…
|
— | Apr 4, 2026 |
| CVE-2026-2936 | High | 7.2 |
The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page…
|
— | Apr 4, 2026 |
| CVE-2018-25248 | High | 7.2 |
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inje…
|
⚡ Exploit | Apr 4, 2026 |
| CVE-2018-25250 | High | 7.2 |
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows atta…
|
— | Apr 4, 2026 |
| CVE-2026-5425 | High | 7.2 |
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' …
|
— | Apr 4, 2026 |
| CVE-2026-3445 | High | 7.1 |
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres…
|
— | Apr 4, 2026 |
| CVE-2026-3571 | Medium | 6.5 |
The Pie Register – User Registration, Profiles & Content Restriction plugin for WordPress is vulnerable to unauthorized …
|
— | Apr 4, 2026 |
| CVE-2026-3309 | Medium | 6.5 |
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePres…
|
— | Apr 4, 2026 |
| CVE-2025-15064 | Medium | 6.4 |
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugi…
|
— | Apr 4, 2026 |
| CVE-2026-2600 | Medium | 6.4 |
The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
|
— | Apr 4, 2026 |
| CVE-2026-2437 | Medium | 6.4 |
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Stored Cross-S…
|
— | Apr 4, 2026 |
| CVE-2026-0552 | Medium | 6.4 |
The Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsc_displa…
|
— | Apr 4, 2026 |
| CVE-2018-25249 | Medium | 6.4 |
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to in…
|
— | Apr 4, 2026 |
| CVE-2026-0626 | Medium | 6.4 |
The WPFunnels – Easy Funnel Builder To Optimize Buyer Journeys And Get More Leads & Sales plugin for WordPress is vulner…
|
— | Apr 4, 2026 |
| CVE-2025-13368 | Medium | 6.4 |
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the P…
|
— | Apr 4, 2026 |
| CVE-2026-0664 | Medium | 6.4 |
The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button_text' p…
|
— | Apr 4, 2026 |
| CVE-2026-0738 | Medium | 6.4 |
The WP Shortcodes Plugin - Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
|
— | Apr 4, 2026 |
| CVE-2026-2949 | Medium | 6.4 |
The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the I…
|
— | Apr 4, 2026 |
| CVE-2026-2924 | Medium | 6.4 |
The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Sit…
|
— | Apr 4, 2026 |