Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
7.5
HIGH
CVE-2026-44409
— Information disclosure vulnerability in ZTE MU5250
There is an an information disclosure vulnerability in ZTE MU5250. Due to improper configuration of the access control mechanism, attackers can obtain information without authorization, causing the r…
May 22, 2026
Jun 03, 2026
May 22, 2026
Jun 03, 2026
6.1
MEDIUM
CVE-2026-3481
— WP Blockade <= 0.9.14 - Reflected Cross-Site Scripting via 'shortcode' Parameter
The WP Blockade plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode' parameter in all versions up to and including 0.9.14. This is due to insufficient input saniti…
Remote
|
Cross-Site Scripting
May 22, 2026
May 22, 2026
May 22, 2026
May 22, 2026
4.3
MEDIUM
CVE-2026-2518
— FastX <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Inst…
The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultp_install_callback' and 'ultp_activate_callback' fun…
Remote
|
Authorization
May 22, 2026
May 22, 2026
May 22, 2026
May 22, 2026