0.0
CVE-2026-39666 - WordPress Hello Bar Popup Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popup Builder: from n/a through <= 1.5.1.
0.0
CVE-2026-39665 - WordPress SEO Friendly Images plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Prelovac SEO Friendly Images seo-image allows DOM-Based XSS.This issue affects SEO Friendly Images: from n/a through <= 3.0.5.
5.3
CVE-2026-39664 - WordPress Leadrebel plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.
0.0
CVE-2026-39663 - WordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: from n/a through <= 1.1.5.
5.3
CVE-2026-39662 - WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through <= 2.5.6.
0.0
CVE-2026-39660 - WordPress WP Job Manager plugin <= 2.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1.
5.3
CVE-2026-39659 - WordPress Ultimate Member plugin <= 2.11.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
0.0
CVE-2026-39658 - WordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Coding Panda Panda Pods Repeater Field panda-pods-repeater-field allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panda Pods Repeater Field: from n/a through <= 1.5.12.
5.3
CVE-2026-39657 - WordPress leadlovers forms plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2.
0.0
CVE-2026-39656 - WordPress Razorpay for WooCommerce plugin <= 4.8.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through <= 4.8.2.