5.3
CVE-2026-39662 - WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through <= 2.5.6.
0.0
CVE-2026-39660 - WordPress WP Job Manager plugin <= 2.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a through <= 2.4.1.
5.3
CVE-2026-39659 - WordPress Ultimate Member plugin <= 2.11.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ultimate Member Ultimate Member ultimate-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Member: from n/a through <= 2.11.3.
0.0
CVE-2026-39658 - WordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Coding Panda Panda Pods Repeater Field panda-pods-repeater-field allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Panda Pods Repeater Field: from n/a through <= 1.5.12.
5.3
CVE-2026-39657 - WordPress leadlovers forms plugin <= 1.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from n/a through <= 1.0.2.
0.0
CVE-2026-39656 - WordPress Razorpay for WooCommerce plugin <= 4.8.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Razorpay Razorpay for WooCommerce woo-razorpay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay for WooCommerce: from n/a through <= 4.8.2.
0.0
CVE-2026-39654 - WordPress WP Simple HTML Sitemap plugin <= 3.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows DOM-Based XSS.This issue affects WP Simple HTML Sitemap: from n/a through <= 3.8.
0.0
CVE-2026-39653 - WordPress Video Conferencing with Zoom plugin <= 4.6.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Conferencing with Zoom: from n/a through <= 4.6.6.
5.3
CVE-2026-39652 - WordPress iGMS Direct Booking plugin <= 1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iGMS Direct Booking: from n/a through <= 1.3.
0.0
CVE-2026-39651 - WordPress Total Poll Lite plugin <= 4.12.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through <= 4.12.0.