{"vulnerability": "cve-2026-4977", "sightings": [{"uuid": "f0f1e899-89db-4bc4-ba24-44a4de2873fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4977", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mj4bhpid6y24", "content": "", "creation_timestamp": "2026-04-10T02:26:13.989466Z"}, {"uuid": "5a06b552-bbd4-40eb-bed8-627461cd71a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4977", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mjueyd5pfe2c", "content": "", "creation_timestamp": "2026-04-19T16:33:06.778059Z"}, {"uuid": "164ac8e8-2c47-4f8c-af5b-124b1d7f2751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49771", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnhhsw4byz2g", "content": "\ud83d\udfe0 CVE-2026-49771 - High (7.6)\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerabilit...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49771/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-04T10:59:58.333758Z"}, {"uuid": "d1349d10-53a9-4021-b4e2-0c086704868e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49771", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnhjhig4ny25", "content": "CVE-2026-49771 - WordPress Photo Gallery by 10Web plugin\nCVE ID : CVE-2026-49771\n \n Published : June 4, 2026, 10:16 a.m. | 16\u00a0minutes ago\n \n Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery ...", "creation_timestamp": "2026-06-04T11:29:20.211990Z"}, {"uuid": "df78543a-7a8d-48ce-b118-430051c96a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjuxxgeko2l", "content": "\ud83d\udd34 CVE-2026-49777 - Critical (10)\n\nImproper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Sli...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49777/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T10:00:43.926971Z"}, {"uuid": "3bb668b4-b71e-4ed6-825e-ae9948531fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjuxxgeko2l", "content": "\ud83d\udd34 CVE-2026-49777 - Critical (10)\n\nImproper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Sli...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49777/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-05T10:00:43.928042Z"}, {"uuid": "2310d8c6-1b3d-4df9-80ed-eb0e77b93d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjzonr2fv2d", "content": "CVE-2026-49777 - WordPress Product Slider Pro for WooCommerce plugin\nCVE ID : CVE-2026-49777\n \n Published : June 5, 2026, 9:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pr...", "creation_timestamp": "2026-06-05T11:25:00.520270Z"}, {"uuid": "b276ae21-dda5-4813-a212-bf14f21d5053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnjzonr2fv2d", "content": "CVE-2026-49777 - WordPress Product Slider Pro for WooCommerce plugin\nCVE ID : CVE-2026-49777\n \n Published : June 5, 2026, 9:16 a.m. | 1\u00a0hour, 58\u00a0minutes ago\n \n Description : Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pr...", "creation_timestamp": "2026-06-05T11:25:00.509228Z"}, {"uuid": "3d010881-e471-4f85-bd65-7ebd37af25a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-49777.yaml", "content": "", "creation_timestamp": "2026-06-09T06:22:37.000000Z"}, {"uuid": "5aae8446-30c5-4501-af57-0e07fb1ab743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49776", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mod2iseygx2o", "content": "CVE-2026-49776 gptranslate (CVSS Score 7.5) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T10:16:11.078930Z"}, {"uuid": "4f49e732-a82e-4f71-945a-cd257c404f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49774", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modb7hjj4b2p", "content": "CVE-2026-49774 integracao-rd-station (CVSS Score 8.8) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T12:16:13.622180Z"}, {"uuid": "00e170a9-1cb1-48c0-a861-56bd0f55930c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49770", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modeknoxnr2b", "content": "CVE-2026-49770 wp-travel-engine (CVSS Score 8.1) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T13:16:10.804912Z"}, {"uuid": "a1d07c84-528e-471c-993e-086f4acba626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49771", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modlbabs5v26", "content": "CVE-2026-49771 photo-gallery (CVSS Score 6.5) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T15:16:11.089186Z"}, {"uuid": "ba2a60fd-5483-4930-8a47-0ecd7d010885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49775", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modomnbtv62o", "content": "CVE-2026-49775 usc-e-shop (CVSS Score 5.3) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T16:16:15.227820Z"}, {"uuid": "42e54d8f-bd18-442c-81d9-3c4d7f345dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49775", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3modon74ty22f", "content": "CVE-2026-49775 usc-e-shop (CVSS Score 5.3) \n\n#WordPress plugin #vulnerability #potatosecurity #wordpressfirewall #mashing #wpsecurity #atomicedge #potatosecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T16:16:33.042677Z"}, {"uuid": "c40b3ab2-4429-4dbd-b7e5-740dfe50c1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49773", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modrxqljzx2y", "content": "CVE-2026-49773 fv-wordpress-flowplayer (CVSS Score 6.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T17:16:08.483194Z"}, {"uuid": "602272de-ce9e-4ae3-8362-3a7c6ddade64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49778", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3modyoehafq2d", "content": "CVE-2026-49778 wpfunnels-pro (CVSS Score 7.2) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T19:16:10.696429Z"}, {"uuid": "3e61c7d3-c8f3-424d-8f25-3e263a5b3ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49778", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3modzcxu4oj2p", "content": "CVE-2026-49778 wpfunnels-pro (CVSS Score 7.2) \n\n#WordPress plugin #vulnerability #potatosecurity #wordpressfirewall #mashing #wpsecurity #atomicedge #potatosecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-15T19:27:41.344951Z"}, {"uuid": "b1f4353e-cfa6-4b13-a5ff-6c0a2143569e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49770", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moea74g52u2m", "content": "CVE-2026-49770 - WordPress WP Travel Engine plugin\nCVE ID : CVE-2026-49770\n \n Published : June 15, 2026, 8:19 p.m. | 49\u00a0minutes ago\n \n Description : Unauthenticated PHP Object Injection in WP Travel Engine &lt;= 6.7.12 versions.\n \n Severity: 9.8 | CRITICAL\n \n Visit the link fo...", "creation_timestamp": "2026-06-15T21:30:47.803822Z"}, {"uuid": "6b7b29cb-b980-4164-8b79-bd31f50de8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49776", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moeajewr3o2h", "content": "CVE-2026-49776 - WordPress GPTranslate \u2013 Multilingual AI Translation for WordPress: Automatically Translate Websites plugin\nCVE ID : CVE-2026-49776\n \n Published : June 15, 2026, 8:19 p.m. | 49\u00a0minutes ago\n \n Description : Unauthenticated SQL Injection in GPTranslate \u2013 Multilin...", "creation_timestamp": "2026-06-15T21:36:46.175087Z"}, {"uuid": "8bdbd073-e8d2-430f-aaa3-e1f0dfe4b0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49770", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moelwyhvb224", "content": "\ud83d\udd34 CVE-2026-49770 - Critical (9.8)\n\nUnauthenticated PHP Object Injection in WP Travel Engine &lt;= 6.7.12 versions.\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49770/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T01:01:01.627754Z"}, {"uuid": "f4701f13-cabd-4412-b2dc-ec4fdc9208ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49776", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3moelx7tflz2o", "content": "\ud83d\udd34 CVE-2026-49776 - Critical (9.3)\n\nUnauthenticated SQL Injection in GPTranslate \u2013 Multilingual AI Translation for WordPress: Autom...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49776/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T01:01:09.022662Z"}, {"uuid": "eda3282e-1d9c-40bb-8056-9f879faf7e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49772", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mofu6j6ze72f", "content": "\ud83d\udd34 CVE-2026-49772 - Critical (9.3)\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerabilit...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49772/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T13:01:19.567952Z"}, {"uuid": "83e039b9-afc1-4298-8b9e-7196b31ec2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49774", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mofvcmldvk2g", "content": "CVE-2026-49774 - WordPress RD Station plugin\nCVE ID : CVE-2026-49774\n \n Published : June 16, 2026, 10:16 a.m. | 2\u00a0hours, 52\u00a0minutes ago\n \n Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusi...", "creation_timestamp": "2026-06-16T13:21:13.633416Z"}, {"uuid": "17e840fc-6c3c-4f34-916d-646be8ccf79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49772", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mofw7xjz7z2v", "content": "CVE-2026-49772 - WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability\nCVE ID : CVE-2026-49772\n \n Published : June 16, 2026, 10:16 a.m. | 2\u00a0hours, 52\u00a0minutes ago\n \n Description : Improper Neutralization of Special Elements used in an SQL Command ('S...", "creation_timestamp": "2026-06-16T13:37:38.647123Z"}, {"uuid": "d1c0b124-02ad-49e8-bfb1-c770a0daae24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49774", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mofxjdokqq24", "content": "\ud83d\udd34 CVE-2026-49774 - Critical (9.9)\n\nImproper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-49774/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T14:00:47.523766Z"}, {"uuid": "3daefcaa-9bee-45dd-907e-15aa92b3cf70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "published-proof-of-concept", "source": "Telegram/ycLXaxSGB-_ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y", "content": "", "creation_timestamp": "2026-06-12T15:00:07.000000Z"}, {"uuid": "fa821d72-becd-48ca-9735-295a84293343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "published-proof-of-concept", "source": "Telegram/YXCyRYfB5puG4zVuSsqFt0CqpucG34vnwOdsG1DKfw8sOUE", "content": "", "creation_timestamp": "2026-06-12T11:00:12.000000Z"}, {"uuid": "7777e37f-d400-42b0-9528-7248b0175bd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49777", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mozt5rdk5i2u", "content": "\ud83d\udea8 BREAKING\n\nThe free WordPress plugin was clean.\n\nThe paid update is what backdoored the site.\n\nShapedPlugin Pro updates stole admin logins and your 2FA seeds. A password reset will not clear it. (CVE-2026-49777)", "creation_timestamp": "2026-06-24T11:35:58.739505Z"}]}