Common Vulnerabilities and Exposures (CVE)

CVE-2026-57766

Jul 2, 2026 11:25:30 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions.

CVE-2026-57765

Jul 2, 2026 11:16:06 UTC

Contributor SQL Injection in WP EasyCart <= 5.9.0 versions.

CVE-2026-57764

Jul 2, 2026 11:16:05 UTC

Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2 versions.

CVE-2026-57763

Jul 2, 2026 11:16:05 UTC

Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions.

CVE-2026-57762

Jul 2, 2026 11:16:04 UTC

Author Cross Site Scripting (XSS) in Simple URLs <= 151 versions.

CVE-2026-57761

Jul 2, 2026 11:16:02 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.

CVE-2026-57759

Jul 2, 2026 11:16:02 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.

CVE-2026-57758

Jul 2, 2026 11:16:00 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce <= 1.0.8.2 versions.

CVE-2026-57757

Jul 2, 2026 11:15:59 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions.

CVE-2026-57756

Jul 2, 2026 11:15:58 UTC

Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions.

CVE-2026-57755

Jul 2, 2026 11:15:57 UTC

Contributor Cross Site Scripting (XSS) in Mosaic Gallery &#8211; Advanced Gallery <= 1.2.0 versions.

CVE-2026-57754

Jul 2, 2026 11:15:57 UTC

Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder <= 3.9.4 versions.

CVE-2026-57753

Jul 2, 2026 11:15:56 UTC

Unauthenticated Sensitive Data Exposure in Kit (formerly ConvertKit) for WooCommerce <= 2.1.5 versions.

CVE-2026-57752

Jul 2, 2026 11:15:55 UTC

Contributor SQL Injection in iNET Webkit 1.2.4 versions.

CVE-2026-57751

Jul 2, 2026 11:15:54 UTC

Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions.