🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2026-6496	A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function …	MEDIUM	5.4	—	Apr 17, 2026
CVE-2026-6494	A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injecti…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-6492	A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc76197…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-6491	A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the func…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-6489	A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593.…	MEDIUM	6.3	—	Apr 17, 2026
CVE-2026-6488	A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This…	MEDIUM	6.3	—	Apr 17, 2026
CVE-2026-6080	The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.…	MEDIUM	6.5	—	Apr 17, 2026
CVE-2026-5797	The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in ve…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-5502	The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthori…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-5427	The Kubio plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to and includin…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-5234	The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions…	MEDIUM	5.3	—	Apr 17, 2026
CVE-2026-5162	The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via…	MEDIUM	6.4	—	Apr 17, 2026
CVE-2026-4817	The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulner…	MEDIUM	6.5	—	Apr 17, 2026
CVE-2026-4666	The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the …	MEDIUM	6.5	—	Apr 17, 2026
CVE-2026-3488	The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to,…	MEDIUM	6.5	—	Apr 17, 2026
CVE-2026-2434	The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard'…	MEDIUM	6.4	—	Apr 17, 2026
CVE-2026-5070	The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text …	MEDIUM	6.4	—	Apr 16, 2026
CVE-2026-4160	The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin fo…	MEDIUM	5.3	—	Apr 16, 2026
CVE-2026-40503	OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gatew…	MEDIUM	6.5	—	Apr 16, 2026
CVE-2026-4032	The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' pa…	MEDIUM	6.1	—	Apr 16, 2026
CVE-2026-3885	The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Si…	MEDIUM	6.4	—	Apr 16, 2026
CVE-2026-3878	The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_option…	MEDIUM	6.4	—	Apr 16, 2026
CVE-2026-3875	The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs…	MEDIUM	6.4	—	Apr 16, 2026
CVE-2026-3773	The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the …	MEDIUM	6.5	—	Apr 16, 2026
CVE-2026-3595	The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versi…	MEDIUM	5.3	—	Apr 16, 2026

← 1 2 3 4 5…43 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,693 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8