6.5
CVE-2026-22463 - WordPress Form to Chat App plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Micro.company Form to Chat App form-to-chat allows Stored XSS.This issue affects Form to Chat App: from n/a through <= 1.2.5.
4.3
CVE-2026-22462 - WordPress Add Polylang support for Customizer plugin <= 1.4.5 - Cross Site Request Forgery (CSRF) vโฆ
Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for Customizer add-polylang-support-for-customizer allows Cross Site Request Forgery.This issue affects Add Polylang support for Customizer: from n/a through <= 1.4.5.
5.3
CVE-2026-22461 - WordPress CTX Feed plugin <= 6.6.18 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CTX Feed: from n/a through <= 6.6.18.
4.3
CVE-2026-22458 - WordPress Wanderland theme <= 1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through <= 1.5.
4.3
CVE-2026-22450 - WordPress Don Peppe theme <= 1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Select-Themes Don Peppe donpeppe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Don Peppe: from n/a through <= 1.3.
4.3
CVE-2026-22447 - WordPress Prowess theme <= 1.8.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Select-Themes Prowess prowess allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prowess: from n/a through <= 1.8.1.
5.3
CVE-2026-22445 - WordPress Apimo Connector plugin <= 2.6.5.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Proptech Plugin Apimo Connector apimo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apimo Connector: from n/a through <= 2.6.5.2.
5.4
CVE-2026-22430 - WordPress Verdure theme <= 1.6 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verdure: from n/a through <= 1.6.
5.4
CVE-2026-22426 - WordPress Sweet Jane theme <= 1.2 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sweet Jane: from n/a through <= 1.2.
5.4
CVE-2026-22411 - WordPress Dolcino theme <= 1.6 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from n/a through <= 1.6.