8.8
CVE-2026-7641 - Import and export users and customers <= 2.0.8 - Authenticated (Subscriber+) Privilege Escalation v…
The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the `save_extra_user_profile_fields()` function. This is due to an incomplete blocklist that correctly restricts capability meta keys for the primary si…
9.8
CVE-2026-7458 - User Verification by PickPlugins <= 2.0.46 - Unauthenticated Authentication Bypass via OTP Verifica…
The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is due to the use of a loose PHP comparison operator to validate OTP codes in the "user_verification_form_wrap_process_otpLogin" function. This makes i…
5.3
CVE-2026-7603 - JeecgBoot LoadFile Endpoint FileDownloadUtils.jav checkPathTraversalBatch server-side request forge…
A vulnerability was determined in JeecgBoot up to 3.9.1. Affected by this issue is the function checkPathTraversalBatch of the file FileDownloadUtils.jav of the component LoadFile Endpoint. This manipulation of the argument files causes server-side request forgery. It is possible to initiate the at…
6.4
CVE-2026-7209 - Simple Link Directory <= 8.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Short…
The Simple Link Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `qcopd-directory` shortcode in all versions up to, and including, 8.9.2. This is due to insufficient input sanitization and output escaping on user supplied attributes such as `title_font_si…
5.3
CVE-2026-7638 - App Builder <= 5.5.10 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary U…
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the `upload_avatar()` function, which accepts an attacker-controlled…
6.4
CVE-2026-6378 - Maxi Blocks <= 2.1.9 - Authenticated (Author+) Stored Cross-Site Scripting via Style Card REST API
The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `/wp-json/maxi-blocks/v1.0/style-card` REST API endpoint in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping of the `sc_styles` parameter. This makes it possi…
5.3
CVE-2026-7602 - JeecgBoot FillRuleUtil edit improper authorization
A vulnerability was found in JeecgBoot up to 3.9.1. Affected by this vulnerability is an unknown functionality of the file /sys/fillRule/edit of the component FillRuleUtil Component. The manipulation of the argument ruleClass results in improper authorization. The attack may be performed from remot…
5.3
CVE-2026-7601 - Open5GS AMF gmm-handler.c denial of service
A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument reg_type leads to denial of service. The attack is possible to be carried out remotely. Upgrading to version 2.7.7 is able …
7.7
CVE-2026-43824 - Argo CD ServerSideDiff allows cleartext Kubernetes Secret exposure
In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.
5.3
CVE-2026-7600 - ArtMin96 yii2-mcp-server MCP index.ts yii_execute_command os command injection
A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii_command_help/yii_execute_command of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publi…