🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4032 | Medium | 6.1 |
The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comm…
|
— | Apr 16, 2026 |
| CVE-2026-3355 | Medium | 6.1 |
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsea…
|
— | Apr 16, 2026 |
| CVE-2026-3369 | Medium | 5.4 |
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | Apr 16, 2026 |
| CVE-2026-3595 | Medium | 5.3 |
The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and inclu…
|
— | Apr 16, 2026 |
| CVE-2026-3581 | Medium | 5.3 |
The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and inclu…
|
— | Apr 16, 2026 |
| CVE-2026-0718 | Medium | 5.3 |
The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthor…
|
— | Apr 16, 2026 |
| CVE-2026-4160 | Medium | 5.3 |
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulne…
|
— | Apr 16, 2026 |
| CVE-2026-5617 | High | 8.8 |
The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3…
|
— | Apr 15, 2026 |
| CVE-2026-34632 | High | 8.2 |
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in …
|
— | Apr 15, 2026 |
| CVE-2026-4145 | High | 7.8 |
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow…
|
— | Apr 15, 2026 |
| CVE-2026-22676 | High | 7.8 |
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gai…
|
— | Apr 15, 2026 |
| CVE-2026-4134 | High | 7.3 |
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during ins…
|
— | Apr 15, 2026 |
| CVE-2026-6384 | High | 7.3 |
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` funct…
|
— | Apr 15, 2026 |
| CVE-2026-20205 | High | 7.2 |
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or p…
|
— | Apr 15, 2026 |
| CVE-2026-2834 | High | 7.2 |
The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site S…
|
— | Apr 15, 2026 |
| CVE-2026-5694 | High | 7.2 |
The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'loan-amount' and 'l…
|
— | Apr 15, 2026 |
| CVE-2026-3643 | High | 7.2 |
The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to,…
|
— | Apr 15, 2026 |
| CVE-2026-20204 | High | 7.1 |
In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.26…
|
— | Apr 15, 2026 |
| CVE-2026-0827 | High | 7.1 |
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareS…
|
— | Apr 15, 2026 |
| CVE-2026-40500 | Medium | 6.8 |
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add …
|
— | Apr 15, 2026 |