Total
60
Min CVSS Score
4.3
Max CVSS Score
9.8
  • CVE-2026-9851 The Booking Package plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in version...
    7.2 HIGH Details
  • CVE-2026-9011 The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization by...
    7.5 HIGH Details
  • CVE-2025-14033 The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data d...
    5.3 MEDIUM Details
  • CVE-2026-4650 The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up t...
    5.3 MEDIUM Details
  • CVE-2026-6810 The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in al...
    5.3 MEDIUM Details
  • CVE-2025-15565 The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authoriza...
    5.3 MEDIUM Details
  • CVE-2026-5167 The Masteriyo LMS – Online Course Builder for eLearning, LMS & Education plugin for WordPress is vulnerable to...
    5.3 MEDIUM Details
  • CVE-2026-25309 Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploitin...
    7.5 HIGH Details
  • CVE-2026-24999 Missing Authorization vulnerability in Alma Alma alma-gateway-for-woocommerce allows Exploiting Incorrectly Co...
    5.3 MEDIUM Details
  • CVE-2025-14444 The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordP...
    5.3 MEDIUM Details