5.3
CVE-2026-32332 - WordPress Easy Form plugin <= 2.7.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through <= 2.7.9.
4.3
CVE-2026-32331 - WordPress Textmetrics plugin <= 3.6.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in Israpil Textmetrics webtexttool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Textmetrics: from n/a through <= 3.6.4.
4.3
CVE-2026-32330 - WordPress Photo Gallery by 10Web plugin <= 1.8.37 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.37.
5.3
CVE-2026-32329 - WordPress Advanced Related Posts plugin <= 1.9.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Advanced Related Posts advanced-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Related Posts: from n/a through <= 1.9.1.
5.4
CVE-2026-32328 - WordPress Lemmony theme < 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in shufflehound Lemmony lemmony allows Cross Site Request Forgery.This issue affects Lemmony: from n/a through < 1.7.1.
8.5
CVE-2026-31922 - WordPress Fox LMS plugin <= 1.0.6.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Fox LMS fox-lms allows Blind SQL Injection.This issue affects Fox LMS: from n/a through <= 1.0.6.3.
4.3
CVE-2026-31919 - WordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.7.1 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through <= 4.7.1.
6.5
CVE-2026-31918 - WordPress immonex Kickstart plugin <= 1.13.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in immonex immonex Kickstart immonex-kickstart allows Stored XSS.This issue affects immonex Kickstart: from n/a through <= 1.13.0.
8.5
CVE-2026-31917 - WordPress WP ERP plugin <= 1.16.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through <= 1.16.10.
5.3
CVE-2026-31916 - WordPress Latest Post Shortcode plugin <= 14.2.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through <= 14.2.1.