CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-56138
Medium

The AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. This allows an authenticated AIL user to craft malicious item identifiers that may lead to unauthorized disclosure of local files.

CVE-2026-6798
Medium

The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to and including 0.1.5. This is due to the plugin not properly verifying that a user is authorized to perform an action, allowing unauthenticated attackers to view customers' subscription data.

CVE-2026-3640
Medium

The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint that allows all incoming requests without any authentication checks.

CVE-2026-9822
Medium

The WP Hotel Booking WordPress plugin before 2.3.1 does not enforce capability checks in several of its AJAX handlers, allowing authenticated users with Subscriber-level access to read other users' booking line items, enumerate active coupons, and read pricing data.

CVE-2026-9013
Medium

The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and including 3.9.1. This allows authenticated attackers with subscriber-level access and above to extract the raw title, content, excerpt, and password of any private, draft, or password-protected post.

CVE-2026-8118
Medium

The Royal Addons for Elementor plugin for WordPress is vulnerable to arbitrary file read in versions 1.7.1058 through 1.7.1059. The issue arises from the wpr_get_csv_handle() function, which does not validate the URL and allows attackers to read the contents of any file accessible to the PHP process.

CVE-2026-7547
Medium

The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the render_logs_ui() function, which accepts a base64-encoded file name and concatenates it directly with the plugin's log directory path.

CVE-2026-56132
Medium

In libexpat before version 2.8.2, there is a heap-based buffer overflow in the doProlog function in xmlparse.c. This issue arises from mishandling of scaffold backing array reallocation when there is data-structure sharing across parsers.

CVE-2026-56131
Medium

libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. This can lead to a use-after-free situation.

CVE-2026-4328
Medium

The Advanced Import plugin for WordPress is vulnerable to Server-Side Request Forgery (SSRF) in all versions up to and including 1.4.6. The issue arises from the lack of validation of the user-supplied URL in the demo_download_and_unzip() function, allowing requests to be sent to internal network resources.

CVE-2026-1856
Medium

The Appointment Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via custom booking field labels in all versions up to and including 1.4.4 due to insufficient input sanitization and output escaping.

CVE-2026-12644
Medium

Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods (such as toString, valueOf). When user-controlled input contains these keys with non-function values, the resulting merged object becomes broken, leading to TypeError crashes.

CVE-2026-12430
Medium

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 2.1.45 due to insufficient input sanitization and output escaping.

CVE-2026-12157
Medium

The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId attribute of the Gutenberg block in versions up to 4.5.3. This is due to insufficient input sanitization and output escaping in the CategorySlateLayout::render() method.

CVE-2026-11989
Medium

The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 2.8.7. This allows unauthenticated attackers to make web requests to arbitrary locations, enabling access to internal services.

CVE-2026-11752
Medium

A vulnerability has been identified in armeria-xds versions 1.38.0 through 1.39.0, where DataSourceStream in the xDS module can resolve control-plane-supplied filenames and environment variables without restriction.

CVE-2026-10779
Medium

The Classified Listing – Classified ads & Business Directory plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 5.4.2. This is due to a missing capability/ownership check on the gallery_image_update_as_feature AJAX handler, allowing authenticated attackers to change the featured image of arbitrary listings they do not own.

CVE-2026-10720
Medium

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate or join token can manipulate files in an imported remote cluster.

CVE-2026-10034
Medium

The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 3.1.39. This is due to the plugin not properly verifying that a user is authorized to perform an action, allowing unauthenticated attackers to process SAR requests using any victim email address.

CVE-2026-11775
Medium

The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function, allowing unauthenticated attackers to reset and permanently delete users' menu and admin-bar configurations.

PreviousPage 82 of 511Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS