0.0
CVE-2026-25698 -
Not used
0.0
CVE-2026-25696 -
Not used
0.0
CVE-2026-25695 -
Not used
0.0
CVE-2026-25697 -
Not used
0.0
CVE-2026-25694 -
Not used
0.0
CVE-2026-25692 -
Not used
0.0
CVE-2026-25693 -
Not used
4.3
CVE-2025-13416 - ProfileGrid β User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticβ¦
The ProfileGrid β User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pm_deactivate_user_from_group() function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackβ¦
6.4
CVE-2026-1319 - Robin Image Optimizer <= 2.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Alteβ¦
The Robin Image Optimizer β Unlimited Image Optimization & WebP Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of a Media Library image in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escapinβ¦
5.1
CVE-2026-25198 - Open Redirect Vulnerability Enabling Phishing in web2py
web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.