Common Vulnerabilities and Exposures (CVE)

CVE-2026-39510

Apr 29, 2026 09:52:01 UTC

Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image P...

CVE-2026-39483

Apr 29, 2026 09:52:01 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit vk-all-in-one-expansion-unit allows Stored XSS.This issue affects VK All in One Expansion U...

CVE-2026-39486

Apr 29, 2026 09:52:01 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through <= 5.1.8.

CVE-2026-39475

Apr 29, 2026 09:52:01 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.

CVE-2026-39473

Apr 29, 2026 09:52:01 UTC

Insertion of Sensitive Information Into Sent Data vulnerability in Pär Thernström Simple History simple-history allows Retrieve Embedded Sensitive Data.This issue affects Simple History: from n/a through <= 5.24.0.

CVE-2026-32587

Apr 29, 2026 09:52:01 UTC

Missing Authorization vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through <= 4.2.11.

CVE-2026-39466

Apr 29, 2026 09:52:01 UTC

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken...

CVE-2026-39464

Apr 29, 2026 09:52:01 UTC

Server-Side Request Forgery (SSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Server Side Request Forgery.This issue affects Coming Soon Page, Under Construction & Mainte...

CVE-2026-32586

Apr 29, 2026 09:52:01 UTC

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through < 7.11.3.

CVE-2026-32573

Apr 29, 2026 09:52:01 UTC

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.2.7.

CVE-2026-32565

Apr 29, 2026 09:52:01 UTC

Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through < 4.2.2.

CVE-2026-39469

Apr 29, 2026 09:52:01 UTC

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.

CVE-2026-32543

Apr 29, 2026 09:52:01 UTC

Missing Authorization vulnerability in CyberChimps Responsive Blocks responsive-block-editor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Blocks: from n/a through <= 2.2.0.

CVE-2026-32542

Apr 29, 2026 09:52:01 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.

CVE-2026-32562

Apr 29, 2026 09:52:01 UTC

Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPWP: from n/a through <= 1.9.15.