Vulnerability List - Page 71

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2026-5767	SlideShowPro SC <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'album' Shortcode Attribute	luetkemj	SlideShowPro SC	Medium	6.4	2026-04-22 07:45:35	Deep Dive
CVE-2026-6396	Fast & Fancy Filter – 3F <= 1.2.2 - Cross-Site Request Forgery to Settings Modification via fff_save_settins AJAX Action	webarea	Fast & Fancy Filter – 3F	Medium	4.3	2026-04-22 07:45:34	Deep Dive
CVE-2026-4280	Breaking News WP <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Local File Inclusion/Read	doctorwp	Breaking News WP	Medium	6.5	2026-04-22 07:45:34	Deep Dive
CVE-2026-4140	Ni WooCommerce Order Export <= 3.1.6 - Cross-Site Request Forgery to Settings Update via ni_order_export_action AJAX Action	anzia	Ni WooCommerce Order Export	Medium	4.3	2026-04-22 07:45:34	Deep Dive
CVE-2026-4076	Slider Bootstrap Carousel <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes	felipermendes	Slider Bootstrap Carousel	Medium	6.4	2026-04-22 07:45:33	Deep Dive
CVE-2026-4126	Table Manager <= 1.0.0 - Authenticated (Contributor+) Sensitive Information Exposure via 'table' Shortcode Attribute	primisdigital	Table Manager	Medium	4.3	2026-04-22 07:45:33	Deep Dive
CVE-2026-4133	TextP2P Texting Widget <= 1.7 - Cross-Site Request Forgery to Settings Update	textp2p	TextP2P Texting Widget	Medium	4.3	2026-04-22 07:45:33	Deep Dive
CVE-2026-2714	Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting	weblizar	Institute Management – Learning Management System	Medium	4.4	2026-04-22 07:45:32	Deep Dive
CVE-2026-4088	Switch CTA Box <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	wpshouter	Switch CTA Box	Medium	6.4	2026-04-22 07:45:32	Deep Dive
CVE-2026-6041	Buzz Comments <= 0.9.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Custom Buzz Avatar' Setting	mixer2	Buzz Comments	Medium	4.4	2026-04-22 07:45:31	Deep Dive
CVE-2026-1845	Real Estate Pro <= 1.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting via Settings	bhubbard	Real Estate Pro	Medium	5.5	2026-04-22 07:45:31	Deep Dive
CVE-2026-4131	WP Responsive Popup + Optin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'wpo_image_url' Parameter	sphex1987	WP Responsive Popup + Optin	Medium	6.1	2026-04-22 07:45:31	Deep Dive
CVE-2026-1379	HTTP Headers <= 1.19.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Custom Headers' Plugin Setting	zinoui	HTTP Headers	Medium	4.4	2026-04-22 07:45:30	Deep Dive
CVE-2026-4279	Bread & Butter: Content Gating for Verified Leads <= 8.2.0.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes	breadbutter	Bread & Butter: AI-Powered Lead Intelligence	Medium	6.4	2026-04-22 07:45:30	Deep Dive
CVE-2026-4082	ER Swiffy Insert <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes	erithq	ER Swiffy Insert	Medium	6.4	2026-04-22 07:45:30	Deep Dive
CVE-2026-5820	Zypento Blocks <= 1.0.6 - Authenticated (Author+) Stored Cross-Site Scripting via Table of Contents Block	sproutient	Zypento Blocks	Medium	6.4	2026-04-22 07:45:29	Deep Dive
CVE-2026-6842	Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions	Red Hat	Red Hat Enterprise Linux 10	Low	2.5	2026-04-22 07:34:26	Deep Dive
CVE-2026-6023	Deserialization of Untrusted Data Vulnerability in Telerik UI for ASP.NET AJAX	Progress Software	Telerik UI for ASP.NET AJAX	High	8.1	2026-04-22 07:13:08	Deep Dive
CVE-2026-6022	Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX	Progress Software	Telerik UI for ASP.NET AJAX	High	7.5	2026-04-22 07:07:31	Deep Dive
CVE-2026-40542	Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification	Apache Software Foundation	Apache HttpClient	-	-	2026-04-22 07:07:21	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List - Page 71