🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-4083 | Medium | 6.4 |
The Scoreboard for HTML5 Games Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'scoreboar…
|
— | Mar 21, 2026 |
| CVE-2026-1575 | Medium | 6.4 |
The Schema Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `itemscope` shor…
|
— | Mar 21, 2026 |
| CVE-2026-4067 | Medium | 6.4 |
The Ad Short plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ad' shortcode's 'client' attribu…
|
— | Mar 21, 2026 |
| CVE-2026-4077 | Medium | 6.4 |
The Ecover Builder For Dummies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter …
|
— | Mar 21, 2026 |
| CVE-2026-4022 | Medium | 6.4 |
The Show Posts list – Easy designs, filters and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | Mar 21, 2026 |
| CVE-2026-4072 | Medium | 6.4 |
The WordPress PayPal Donation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'donate' shortco…
|
— | Mar 21, 2026 |
| CVE-2026-3554 | Medium | 6.4 |
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' sh…
|
— | Mar 21, 2026 |
| CVE-2026-3619 | Medium | 6.4 |
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute …
|
— | Mar 21, 2026 |
| CVE-2026-1397 | Medium | 6.4 |
The PQ Addons – Creative Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget …
|
— | Mar 21, 2026 |
| CVE-2026-3350 | Medium | 6.4 |
The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all v…
|
— | Mar 21, 2026 |
| CVE-2026-1093 | Medium | 6.4 |
The WPFAQBlock– FAQ & Accordion Plugin For Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting v…
|
— | Mar 21, 2026 |
| CVE-2026-32052 | Medium | 6.4 |
OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allo…
|
— | Mar 21, 2026 |
| CVE-2026-2496 | Medium | 6.4 |
The Ed's Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `eds_font_aweso…
|
— | Mar 21, 2026 |
| CVE-2026-2501 | Medium | 6.4 |
The Ed's Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `social_share` …
|
— | Mar 21, 2026 |
| CVE-2026-2352 | Medium | 6.4 |
The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ao_post_preload' meta value i…
|
— | Mar 21, 2026 |
| CVE-2026-2430 | Medium | 6.4 |
The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing …
|
— | Mar 21, 2026 |
| CVE-2026-4084 | Medium | 6.4 |
The fyyd podcast shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fyyd-podcast', 'f…
|
— | Mar 21, 2026 |
| CVE-2026-4513 | Medium | 6.3 |
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the fi…
|
— | Mar 21, 2026 |
| CVE-2026-4514 | Medium | 6.3 |
A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/ad…
|
— | Mar 21, 2026 |
| CVE-2026-4509 | Medium | 6.3 |
A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function…
|
— | Mar 21, 2026 |