5.3
CVE-2026-39609 - WordPress Wava Payment plugin <= 0.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wava.co Wava Payment wava-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wava Payment: from n/a through <= 0.3.7.
0.0
CVE-2026-39608 - WordPress iPOSpays Gateways WC plugin <= 1.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through <= 1.3.7.
5.4
CVE-2026-39607 - WordPress Filter Plus plugin <= 1.1.17 - Broken Access Control vulnerability
Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through <= 1.1.17.
0.0
CVE-2026-39606 - WordPress BizReview plugin <= 1.5.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13.
5.3
CVE-2026-39605 - WordPress Super Custom Login plugin <= 1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from n/a through <= 1.1.
0.0
CVE-2026-39604 - WordPress MyBookTable Bookstore plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookTable Bookstore mybooktable allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through <= 3.6.0.
5.4
CVE-2026-39603 - WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Photography grandphotography allows Cross Site Request Forgery.This issue affects Grand Photography: from n/a through <= 5.7.8.
0.0
CVE-2026-39602 - WordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
4.3
CVE-2026-39592 - WordPress DEPART plugin <= 1.0.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n/a through <= 1.0.7.
0.0
CVE-2026-39588 - WordPress NM Gift Registry and Wishlist Lite plugin <= 5.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NM Gift Registry and Wishlist Lite: from n/a through <= 5.13.