4.3
CVE-2026-32446 - WordPress Contact Form by WPForms plugin <= 1.9.9.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through <= 1.9.9.3.
2.7
CVE-2026-32445 - WordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through <= 3.35.5.
6.5
CVE-2026-32443 - WordPress Product Feed PRO for WooCommerce plugin <= 13.5.2 - Cross Site Request Forgery (CSRF) vulโฆ
Cross-Site Request Forgery (CSRF) vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through <= 13.5.2.
4.3
CVE-2026-32442 - WordPress e2pdf plugin <= 1.28.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15.
5.3
CVE-2026-32440 - WordPress WP Food plugin < 2.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Food: from n/a through < 2.7.1.
5.3
CVE-2026-32439 - WordPress BigHearts theme <= 3.1.14 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BigHearts: from n/a through <= 3.1.14.
5.3
CVE-2026-32438 - WordPress VW School Education theme <= 1.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW School Education vw-school-education allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW School Education: from n/a through <= 1.4.6.
5.3
CVE-2026-32437 - WordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Portfolio: from n/a through <= 1.3.3.
5.3
CVE-2026-32436 - WordPress VW Photography theme <= 1.3.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Photography: from n/a through <= 1.3.8.
5.3
CVE-2026-32435 - WordPress VW Pet Shop theme <= 1.4.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Pet Shop: from n/a through <= 1.4.7.