7.5
CVE-2026-32400 - WordPress Boldman theme <= 7.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affects Boldman: from n/a through <= 7.7.
8.5
CVE-2026-32399 - WordPress Media LIbrary Assistant plugin <= 3.32 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issue affects Media LIbrary Assistant: from n/a through <= 3.32.
0.0
CVE-2026-32398 - WordPress TeraWallet β For WooCommerce plugin <= 1.5.15 - Race Condition vulnerability
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Subrata Mal TeraWallet β For WooCommerce woo-wallet allows Leveraging Race Conditions.This issue affects TeraWallet β For WooCommerce: from n/a through <= 1.5.15.
5.3
CVE-2026-32397 - WordPress Filter & Grids plugin <= 3.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1.
5.3
CVE-2026-32396 - WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.
5.3
CVE-2026-32395 - WordPress Xpro Addons For Beaver Builder β Lite plugin <= 1.5.6 - Broken Access Control vulnerabiliβ¦
Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder – Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xpro Addons For Beaver Builder – Lite: from n/a through <= 1.5.6.
0.0
CVE-2026-32394 - WordPress PublishPress Capabilities plugin <= 2.31.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-enhanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Capabilities: from n/a through <= 2.31.0.
0.0
CVE-2026-32393 - WordPress Greenly Theme Addons plugin < 8.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through < 8.2.
0.0
CVE-2026-32392 - WordPress Greenly theme <= 8.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through <= 8.1.
5.4
CVE-2026-32391 - WordPress SmartFix theme < 1.2.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4.