Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-32405 — WordPress WoodMart theme <= 8.3.9 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a thro…

| Information Disclosure
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.3 MEDIUM
CVE-2026-32404 — WordPress Studio99 WP Monitor plugin <= 1.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Studio99 Studio99 WP Monitor studio99-wp-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Studio99 WP Monitor:…

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
6.5 MEDIUM
CVE-2026-32403 — WordPress Toocheke Companion plugin <= 1.194 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke C…

Remote | Cross-Site Scripting
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.3 MEDIUM
CVE-2026-32402 — WordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a …

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32401 — WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.9 - Local File Inclusion vul…

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local …

| Path Traversal
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
7.5 HIGH
CVE-2026-32400 — WordPress Boldman theme <= 7.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemetechMount Boldman boldman allows PHP Local File Inclusion.This issue affe…

Remote | Path Traversal
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
8.5 HIGH
CVE-2026-32399 — WordPress Media LIbrary Assistant plugin <= 3.32 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This iss…

Remote | Injection
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32398 — WordPress TeraWallet – For WooCommerce plugin <= 1.5.15 - Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Subrata Mal TeraWallet – For WooCommerce woo-wallet allows Leveraging Race Conditions.This…

| Race Condition
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.3 MEDIUM
CVE-2026-32397 — WordPress Filter & Grids plugin <= 3.5.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through …

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32396 — WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13.

| Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.3 MEDIUM
CVE-2026-32395 — WordPress Xpro Addons For Beaver Builder – Lite plugin <= 1.5.6 - Broken Access Control v…

Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder &#8211; Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.Th…

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32394 — WordPress PublishPress Capabilities plugin <= 2.31.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-enhanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pu…

| Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32393 — WordPress Greenly Theme Addons plugin < 8.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly Theme Addons greenly-addons allows PHP Local File Inc…

| Path Traversal
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32392 — WordPress Greenly theme <= 8.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Greenly greenly allows PHP Local File Inclusion.This issue af…

| Path Traversal
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.4 MEDIUM
CVE-2026-32391 — WordPress SmartFix theme < 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through < 1.2.4.

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32390 — WordPress Nanosoft theme < 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nanosoft: from n/a through < 1.3.2.

| Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.4 MEDIUM
CVE-2026-32388 — WordPress GLB theme <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through <= 1.2.2.

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32387 — WordPress Checkout for PayPal plugin <= 1.0.46 - Broken Access Control vulnerability

Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal…

| Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
5.4 MEDIUM
CVE-2026-32386 — WordPress Envo Extra plugin <= 1.9.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in EnvoThemes Envo Extra envo-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envo Extra: from n/a through <= 1.9.…

Remote | Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
0.0 NA
CVE-2026-32385 — WordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Exploiting Incorrectly Configured Access Control Security Levels.Thi…

| Authorization
Mar 13, 2026 Mar 13, 2026
Mar 13, 2026
Mar 13, 2026
Showing 20 of 5494 Results