4.3
CVE-2026-24544 - WordPress HD Quiz plugin <= 2.0.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Harmonic Design HD Quiz hd-quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HD Quiz: from n/a through <= 2.0.9.
4.3
CVE-2026-24543 - WordPress Materialis Companion plugin <= 1.3.52 - Broken Access Control vulnerability
Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through <= 1.3.52.
4.3
CVE-2026-24542 - WordPress WP Term Order plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in John James Jacoby WP Term Order wp-term-order allows Cross Site Request Forgery.This issue affects WP Term Order: from n/a through <= 2.1.0.
5.3
CVE-2026-24541 - WordPress Download After Email plugin <= 2.1.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through <= 2.1.9.
5.4
CVE-2026-24540 - WordPress Integrate Google Drive plugin <= 1.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in princeahmed Integrate Google Drive integrate-google-drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through <= 1.5.6.
5.3
CVE-2026-24539 - WordPress Protecciรณn de datos โ RGPD plugin <= 0.68 - Broken Access Control vulnerability
Missing Authorization vulnerability in ABCdatos Protecciรณn de datos – RGPD proteccion-datos-rgpd allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protecciรณn de datos – RGPD: from n/a through <= 0.68.
7.5
CVE-2026-24538 - WordPress Omnipress plugin <= 1.6.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.7.
5.3
CVE-2026-24536 - WordPress Webpushr plugin <= 4.38.0 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through <= 4.38.0.
4.3
CVE-2026-24535 - WordPress Automatic Featured Images from Videos plugin <= 1.2.7 - Broken Access Control vulnerabiliโฆ
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7.
4.3
CVE-2026-24534 - WordPress Booter plugin <= 1.5.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7.