|
3011
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Automattic WP Job Manager wp-job-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager: from n/a thr…
|
CWE-862
Missing Authorization
|
CVE-2026-39660
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3012
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security …
|
CWE-862
Missing Authorization
|
CVE-2026-39662
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3013
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in themetechmount TrueBooker truebooker-appointment-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TrueBooker: …
|
CWE-862
Missing Authorization
|
CVE-2026-39663
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3014
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.
|
CWE-862
Missing Authorization
|
CVE-2026-39664
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3015
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Prelovac SEO Friendly Images seo-image allows DOM-Based XSS.This issue affects SEO Frien…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39665
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3016
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in telepathy Hello Bar Popup Builder hellobar allows DOM-Based XSS.This issue affects Hello Bar Popu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39666
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3017
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2026-39667
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3018
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in g5theme Book Previewer for Woocommerce book-previewer-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects…
|
CWE-862
Missing Authorization
|
CVE-2026-39668
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3019
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in NitroPack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NitroPack: from n/a through 1.19.3.
|
CWE-862
Missing Authorization
|
CVE-2026-39669
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3020
|
6.0 |
MEDIUM
Network
|
-
|
-
|
Server-Side Request Forgery (SSRF) vulnerability in Brecht Visual Link Preview visual-link-preview allows Server Side Request Forgery.This issue affects Visual Link Preview: from n/a through <= 2.3.0.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-39670
|
2026-04-25 03:06 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
