Vulnerabilities
Recent vulnerabilities
Recent vulnerabilities from
🏠GNA-1 (CIRCL)
Select from 78 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-57827 |
10 (4.0)
|
Joomla Extension - rsjoomla.com - Unauthenticated file… |
rsjoomla.com |
rsjoomla.com RSFiles extension for Joomla |
2026-07-11T09:29:03.863Z | 2026-07-11T09:29:03.863Z |
| CVE-2026-57828 |
9 (4.0)
|
Joomla Extension - phoca.cz - Authenticated file uploa… |
phoca.cz |
phoca.cz Phoca Download extension for Joomla |
2026-07-11T09:27:16.840Z | 2026-07-11T09:27:16.840Z |
| CVE-2026-1359 |
8.8 (3.1)
|
Genolve – AI image AI video generation <= 5.0.5 - Auth… |
genolve |
Genolve – Genolve AI Business Graphics, AI Images |
2026-07-11T07:47:54.892Z | 2026-07-11T07:47:54.892Z |
| CVE-2026-15010 |
6.4 (3.1)
|
bbp style pack <= 6.4.5 - Authenticated (Subscriber+) … |
robin-w |
bbp style pack |
2026-07-11T06:50:33.433Z | 2026-07-11T06:50:33.433Z |
| CVE-2026-9282 |
7.5 (3.1)
|
W3 Total Cache <= 2.9.4 - Unauthenticated Arbitrary Fi… |
boldgrid |
W3 Total Cache |
2026-07-11T06:50:33.051Z | 2026-07-11T06:50:33.051Z |
| CVE-2026-9017 |
5.3 (3.1)
|
NEX-Forms <= 9.2.2 - Missing Authorization to Unauthen… |
webaways |
NEX-Forms – Ultimate Forms Plugin for WordPress |
2026-07-11T06:50:32.516Z | 2026-07-11T06:50:32.516Z |
| CVE-2026-10041 |
4.3 (3.1)
|
WCFM – Frontend Manager for WooCommerce <= 6.7.27 - Au… |
wclovers |
WCFM – Frontend Manager for WooCommerce |
2026-07-11T05:35:50.395Z | 2026-07-11T05:35:50.395Z |
| CVE-2026-6939 |
7.2 (3.1)
|
CorvusPay WooCommerce Payment Gateway <= 2.7.4 - Unaut… |
corvusinfo |
CorvusPay WooCommerce Payment Gateway |
2026-07-11T05:35:50.032Z | 2026-07-11T05:35:50.032Z |
| CVE-2026-15155 |
8.8 (3.1)
|
Essential Addons for Elementor <= 6.6.10 - Authenticat… |
wpdevteam |
Essential Addons for Elementor – Popular Elementor Templates & Widgets |
2026-07-11T05:35:49.683Z | 2026-07-11T05:35:49.683Z |
| CVE-2026-12103 |
4.3 (3.1)
|
Wallet for WooCommerce <= 1.6.4 - Missing Authorizatio… |
subratamal |
Wallet for WooCommerce |
2026-07-11T05:35:49.340Z | 2026-07-11T05:35:49.340Z |
| CVE-2026-12126 |
6.4 (3.1)
|
WCFM Marketplace <= 3.7.3 - Authenticated (Vendor+) St… |
wclovers |
WCFM Marketplace – Multivendor Marketplace for WooCommerce |
2026-07-11T05:35:48.980Z | 2026-07-11T05:35:48.980Z |
| CVE-2026-4661 |
7.5 (3.1)
|
WP CTA <= 2.2.2 - Unauthenticated Time-Based Blind SQL… |
blendmedia |
WP CTA – Call Now Button, Sticky Button & Call to Action Builder |
2026-07-11T05:35:48.631Z | 2026-07-11T05:35:48.631Z |
| CVE-2026-12994 |
5.3 (3.1)
|
WCFM – Frontend Manager for WooCommerce <= 6.7.27 - Mi… |
wclovers |
WCFM – Frontend Manager for WooCommerce |
2026-07-11T05:35:48.289Z | 2026-07-11T05:35:48.289Z |
| CVE-2026-11591 |
4.4 (3.1)
|
Widgets for Google Reviews <= 13.3 - Authenticated (Ed… |
trustindex |
Widgets for Google Reviews |
2026-07-11T05:35:47.927Z | 2026-07-11T05:35:47.927Z |
| CVE-2026-1382 |
6.4 (3.1)
|
fresh Podcaster <= 1.0.7 - Authenticated (Contributor+… |
freshlabs |
fresh Podcaster |
2026-07-11T05:35:47.586Z | 2026-07-11T05:35:47.586Z |
| CVE-2025-5017 |
4.9 (3.1)
|
Catalyst Connect Zoho CRM Client Portal <= 2.2.0 - Aut… |
catalyst2020 |
Catalyst Connect Zoho CRM Client Portal |
2026-07-11T05:35:47.239Z | 2026-07-11T05:35:47.239Z |
| CVE-2026-6801 |
5.3 (3.1)
|
Context Blog <= 1.3.5 - Unauthenticated Sensitive Info… |
postmagthemes |
Context Blog |
2026-07-11T05:35:46.896Z | 2026-07-11T05:35:46.896Z |
| CVE-2026-10865 |
5.3 (3.1)
|
Cost Calculator Builder <= 4.0.11 - Unauthenticated Se… |
stylemix |
Cost Calculator Builder |
2026-07-11T05:35:46.548Z | 2026-07-11T05:35:46.548Z |
| CVE-2026-12738 |
4.3 (3.1)
|
WP Easy Pay <= 4.5.0 - Missing Authorization to Authen… |
saadiqbal |
WP Easy Pay – Payment and Donation form Builder for Square |
2026-07-11T05:35:46.200Z | 2026-07-11T05:35:46.200Z |
| CVE-2026-11898 |
4.4 (3.1)
|
White Label CMS <= 2.7.12 - Authenticated (Administrat… |
videousermanuals |
White Label CMS |
2026-07-11T05:35:45.854Z | 2026-07-11T05:35:45.854Z |
| CVE-2025-6784 |
8.8 (3.1)
|
Code Engine <= 0.3.5 - Authenticated (Contributor+) Re… |
tigroumeow |
Code Engine – PHP Snippets, AI Functions & Automation for WordPress |
2026-07-11T05:35:44.591Z | 2026-07-11T05:35:44.591Z |
| CVE-2026-11901 |
5.3 (3.1)
|
WP Hotel Booking <= 2.3.1 - Unauthenticated Insufficie… |
thimpress |
WP Hotel Booking |
2026-07-11T05:35:44.057Z | 2026-07-11T05:35:44.057Z |
| CVE-2026-48939 |
10 (4.0)
|
Joomla Extension - icagenda.com - Remote Code Executio… |
icagenda.com |
iCagenda extension for Joomla |
2026-06-20T11:56:50.752Z | 2026-07-11T05:32:01.620Z |
| CVE-2026-56291 |
10 (4.0)
|
Joomla Extension - balbooa.com - Unauthenticated file … |
balbooa.com |
balbooa.com Balbooa Forms extension for Joomla |
2026-07-09T09:53:57.886Z | 2026-07-11T05:28:12.683Z |
| CVE-2026-34481 |
6.3 (4.0)
|
Apache Log4j JSON Template Layout: Improper serializat… |
Apache Software Foundation |
Apache Log4j JSON Template Layout |
2026-04-10T15:43:00.100Z | 2026-07-11T04:55:42.502Z |
| CVE-2026-7655 |
8.1 (3.1)
|
SureCart <= 4.2.3 - Unauthenticated Linked WordPress A… |
surecart |
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments |
2026-07-11T04:32:59.281Z | 2026-07-11T04:32:59.281Z |
| CVE-2026-13378 |
7.2 (3.1)
|
Form Vibes <= 1.5.2 - Unauthenticated Stored Cross-Sit… |
wpvibes |
Form Vibes – Save Contact Form 7 & Elementor Form Entries to Database |
2026-07-11T04:32:58.802Z | 2026-07-11T04:32:58.802Z |
| CVE-2026-21042 |
8.4 (4.0)
|
Out-of-bounds write in libsavsac.so prior to SMR … |
Samsung Mobile |
Samsung Mobile Devices |
2026-07-10T04:58:04.139Z | 2026-07-11T03:55:21.047Z |
| CVE-2026-21043 |
6.7 (4.0)
|
Path traversal in Wallpaper service prior to SMR … |
Samsung Mobile |
Samsung Mobile Devices |
2026-07-10T04:58:05.222Z | 2026-07-11T03:55:20.258Z |
| CVE-2026-21046 |
8.4 (4.0)
|
Time-of-check time-of-use race condition in fabri… |
Samsung Mobile |
Samsung Mobile Devices |
2026-07-10T04:58:09.129Z | 2026-07-11T03:55:19.537Z |