Skip to main content
Main navigation
Home
About Us
News and Updates
Advisories
Report an Incident
Publications
Search
WP-BusinessDirectory WordPress Plugin Unauthenticated Arbitrary File Deletion (CVE-2026-6070)
Advisories
2 July 2026
Adobe ColdFusion Multiple Critical Unauthenticated RCE Vulnerabilities (CVE-2026-48277 / CVE-2026-48281 / CVE-2026-48282 / CVE-2026-48283 / CVE-2026-48313)
Advisories
2 July 2026
NEX-Forms WordPress Plugin Unauthenticated Stored XSS via Form Field Name (CVE-2026-12142)
Advisories
2 July 2026
EventON WordPress Plugin SQL Injection Exposes Database Contents (CVE-2026-9711)
Advisories
2 July 2026
Download Manager WordPress Plugin Authenticated Stored XSS via Shortcode Attribute (CVE-2026-13733)
Advisories
2 July 2026
AVOID ZOOMBOMBING
AVOID ZOOMBOMBING - ( pdf ::402.54 KB )
Recent Advisories
01
EventON WordPress Plugin SQL Injection Exposes Database Contents (CVE-2026-9711)
02
Open VSX Registry Stored XSS Enables Supply Chain Attack Against VS Code, Cursor, and Windsurf (CVE-2026-13323)
03
RegistrationMagic WordPress Plugin CSRF to Privilege Escalation Granting Admin Access (CVE-2026-12158)
04
nginx-proxy-manager Prototype Pollution via JSON Parser Enables Unauthenticated RCE (CVE-2026-13228)
05
Download Manager WordPress Plugin Authenticated Stored XSS via Shortcode Attribute (CVE-2026-13733)
06
Custom Payment Gateways for WooCommerce Unauthenticated Stored XSS in Checkout Fields (CVE-2026-7517)