CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11545 articles  ·  updated every 4 hours · grows forever

11545Total
4296Full Text
Jul 10, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9851 | masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress AJAX Endpoint Schedule::updateUser administrator authorization

A vulnerability has been found in masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress and classified as problematic . This issue affects the function Schedule::updateUser of the component A…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9197 | nextendweb Smart Slider 3 Plugin up to 3.5.1.36 on WordPress replaceHTMLImage path traversal

A vulnerability was found in nextendweb Smart Slider 3 Plugin up to 3.5.1.36 on WordPress and classified as critical . Impacted is the function replaceHTMLImage . Such manipulation leads to path trave…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-34123 | TP-Link Tapo C520WS v2 Configuration improper authentication

A vulnerability was found in TP-Link Tapo C520WS v2 . It has been classified as critical . The affected element is an unknown function of the component Configuration Handler . Performing a manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7047 | absikandar Frontend User Notes Plugin up to 2.1.1 on WordPress wp_update_post cross-site request forgery

A vulnerability was found in absikandar Frontend User Notes Plugin up to 2.1.1 on WordPress. It has been declared as problematic . The impacted element is the function wp_update_post . Executing a man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9594 | flippercode WP Maps Plugin up to 4.9.4 on WordPress location_messages cross site scripting

A vulnerability was found in flippercode WP Maps Plugin up to 4.9.4 on WordPress. It has been rated as problematic . This affects an unknown function. The manipulation of the argument location_message…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6241 | TP-Link Tapo C520WS v2 ONVIF AddScopes format string

A vulnerability categorized as critical has been discovered in TP-Link Tapo C520WS v2 . This impacts an unknown function of the component ONVIF AddScopes . The manipulation results in format string. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9016 | qriouslad Debug Log Manager Plugin up to 2.5.0 on WordPress AJAX log_js_errors pageUrl neutralization for logs

A vulnerability identified as critical has been detected in qriouslad Debug Log Manager Plugin up to 2.5.0 on WordPress. Affected is the function log_js_errors of the component AJAX Handler . This man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8901 | plugcrux Integration for Freshsales Plugin up to 1.0.15 on WordPress CRM API cross site scripting

A vulnerability labeled as problematic has been found in plugcrux Integration for Freshsales Plugin up to 1.0.15 on WordPress. Affected by this vulnerability is an unknown functionality of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8976 | ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress authorization

A vulnerability marked as critical has been reported in ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress. Affected by this issue is some unknown functionality. Performing a manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7523 | alejo30 Alba Board Plugin up to 2.1.3 on WordPress authorization

A vulnerability described as problematic has been identified in alejo30 Alba Board Plugin up to 2.1.3 on WordPress. This affects an unknown part. Executing a manipulation can lead to missing authoriza…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6239 | TP-Link Tapo C520WS v2 ONVIF CreateUsers Service stack-based overflow

A vulnerability classified as critical has been found in TP-Link Tapo C520WS v2 . This vulnerability affects unknown code of the component ONVIF CreateUsers Service . The manipulation leads to stack-b…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6240 | TP-Link Tapo C520WS v2 ONVIF DeleteUsers Service stack-based overflow

A vulnerability classified as critical was found in TP-Link Tapo C520WS v2 . This issue affects some unknown processing of the component ONVIF DeleteUsers Service . The manipulation results in stack-b…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6242 | TP-Link Tapo C520WS v2 ONVIF Subscribe Service format string

A vulnerability, which was classified as critical , has been found in TP-Link Tapo C520WS v2 . Impacted is an unknown function of the component ONVIF Subscribe Service . This manipulation causes forma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7796 | wpdevteam EmbedPress Plugin up to 4.5.3 on WordPress cross site scripting

A vulnerability, which was classified as problematic , was found in wpdevteam EmbedPress Plugin up to 4.5.3 on WordPress. The affected element is an unknown function. Such manipulation leads to cross …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8991 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin Setting cross site scripting

A vulnerability has been found in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.9.7 on WordPress and classified as problematic . The impacted element is an unknown…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9280 | spacetime Ad Inserter Plugin up to 2.8.15 on WordPress Iframe Mode cross site scripting

A vulnerability was found in spacetime Ad Inserter Plugin up to 2.8.15 on WordPress and classified as problematic . This affects an unknown function of the component Iframe Mode . Executing a manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8438 | davidanderson All-In-One Security Plugin up to 5.4.7 on WordPress AIOS Dashboard get_rest_route REQUEST_URI cross site scripting

A vulnerability was found in davidanderson All-In-One Security Plugin up to 5.4.7 on WordPress. It has been classified as problematic . This impacts the function get_rest_route of the component AIOS D…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8893 | payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress Shortcode register_shortcode Type cross site scripting

A vulnerability was found in payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress. It has been declared as problematic . Affected is the function register_shortcode of the component S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8900 | spyrosvl Simple SEO Slideshow Plugin up to 1.2.8 on WordPress Shortcode cross site scripting (fdff-4525-9272)

A vulnerability was found in spyrosvl Simple SEO Slideshow Plugin up to 1.2.8 on WordPress. It has been rated as problematic . Affected by this vulnerability is an unknown functionality of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9719 | LatePoint Plugin up to 5.6.0 on WordPress Appointment change_status cross-site request forgery

A vulnerability categorized as problematic has been discovered in LatePoint Plugin up to 5.6.0 on WordPress. Affected by this issue is the function change_status of the component Appointment Handler .…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available - The Hacker News

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available The Hacker News

The Hacker News Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Cisco warns zero-day flaw in SD-WAN is being exploited - Cybersecurity Dive

Cisco warns zero-day flaw in SD-WAN is being exploited Cybersecurity Dive

Cybersecurity Dive Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46390 | haxtheweb haxcms-php up to 25.x authorization (GHSA-6434-8rch-w65c)

A vulnerability was found in haxtheweb haxcms-php up to 25.x . It has been rated as problematic . The impacted element is an unknown function. Performing a manipulation results in authorization bypass…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46397 | haxtheweb haxcms-php/haxcms-nodejs up to 25.x saveOutline Endpoint site.json location path traversal (GHSA-7fr7-h4p3-jjr8)

A vulnerability categorized as critical has been discovered in haxtheweb haxcms-php and haxcms-nodejs up to 25.x . This affects an unknown function of the file site.json of the component saveOutline E…

VulDB Read →
← Prev 151 / 482 Next →