Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
7.5
HIGH
CVE-2026-2471
— WP Mail Logging <= 1.15.0 - Unauthenticated PHP Object Injection via Email Log Message Fi…
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. Th…
Feb 28, 2026
Mar 02, 2026
Feb 28, 2026
Mar 02, 2026
6.5
MEDIUM
CVE-2026-1542
— Super Stage WP <= 1.0.1 - Unauthenticated PHP Object Injection
The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the…
Remote
|
Injection
Feb 28, 2026
Mar 02, 2026
Feb 28, 2026
Mar 02, 2026