Skip to main content
Main navigation
Home
About Us
News and Updates
Advisories
Report an Incident
Publications
Search
WP-BusinessDirectory WordPress Plugin Unauthenticated Arbitrary File Deletion (CVE-2026-6070)
Advisories
2 July 2026
Adobe ColdFusion Multiple Critical Unauthenticated RCE Vulnerabilities (CVE-2026-48277 / CVE-2026-48281 / CVE-2026-48282 / CVE-2026-48283 / CVE-2026-48313)
Advisories
2 July 2026
NEX-Forms WordPress Plugin Unauthenticated Stored XSS via Form Field Name (CVE-2026-12142)
Advisories
2 July 2026
EventON WordPress Plugin SQL Injection Exposes Database Contents (CVE-2026-9711)
Advisories
2 July 2026
Download Manager WordPress Plugin Authenticated Stored XSS via Shortcode Attribute (CVE-2026-13733)
Advisories
2 July 2026
Alerts
Have you thought about using a Password Manager?
Alerts
Beyond relying on a password alone
Alerts
Are you securely changing Phones?
Alerts
NITA-U issues 7 security tips
Alerts
Protect your social media account
Subscribe to Alerts
Recent Advisories
01
EventON WordPress Plugin SQL Injection Exposes Database Contents (CVE-2026-9711)
02
Open VSX Registry Stored XSS Enables Supply Chain Attack Against VS Code, Cursor, and Windsurf (CVE-2026-13323)
03
RegistrationMagic WordPress Plugin CSRF to Privilege Escalation Granting Admin Access (CVE-2026-12158)
04
nginx-proxy-manager Prototype Pollution via JSON Parser Enables Unauthenticated RCE (CVE-2026-13228)
05
Download Manager WordPress Plugin Authenticated Stored XSS via Shortcode Attribute (CVE-2026-13733)
06
Custom Payment Gateways for WooCommerce Unauthenticated Stored XSS in Checkout Fields (CVE-2026-7517)