🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-3311	The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCom…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-3477	The PZ Frontend Manager plugin for WordPress is vulnerable to Missing Authorization in all versions …	MEDIUM	5.3	—	Apr 8, 2026
CVE-2026-3480	The WP Blockade plugin for WordPress is vulnerable to Missing Authorization in all versions up to an…	MEDIUM	6.5	AI	Apr 8, 2026
CVE-2026-3513	The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Si…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-3594	The Riaxe Product Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in…	MEDIUM	5.3	—	Apr 8, 2026
CVE-2026-3600	The Investi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'investi-annou…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-3618	The Columns by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-3646	The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authoriz…	MEDIUM	5.3	—	Apr 8, 2026
CVE-2026-3781	The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgr_off' para…	MEDIUM	5.4	—	Apr 8, 2026
CVE-2026-40028	Hayabusa versions prior to 3.8.0 contain a cross-site scripting (XSS) vulnerability in its HTML repo…	MEDIUM	5.4	—	Apr 8, 2026
CVE-2026-40037	OpenClaw before 2026.3.31 (patched in 2026.4.8) contains a request body replay vulnerability in fetc…	MEDIUM	6.5	—	Apr 8, 2026
CVE-2026-4025	The PrivateContent Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'a…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4073	The pdfl.io plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pdflio' short…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4299	The MainWP Child Reports plugin for WordPress is vulnerable to Missing Authorization in all versions…	MEDIUM	5.3	—	Apr 8, 2026
CVE-2026-4300	The Robo Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Loading …	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4303	The WP Visitor Statistics (Real Time Traffic) plugin for WordPress is vulnerable to Stored Cross-Sit…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4333	The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Script…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4341	The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scri…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4379	The LightPress Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `g…	MEDIUM	6.4	—	Apr 8, 2026
CVE-2026-4394	The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Credit C…	MEDIUM	6.1	—	Apr 8, 2026
CVE-2026-4401	The Download Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in the `action…	MEDIUM	5.4	—	Apr 8, 2026
CVE-2026-3177	The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin …	MEDIUM	5.3	—	Apr 7, 2026
CVE-2026-39346	OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open…	MEDIUM	5.4	—	Apr 7, 2026
CVE-2026-4065	The Smart Slider 3 plugin for WordPress is vulnerable to unauthorized access and modification of dat…	MEDIUM	5.4	—	Apr 7, 2026
CVE-2026-5719	A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown fu…	MEDIUM	6.3	—	Apr 7, 2026

← 1…13 14 15 16 17…44 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,771 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8