CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11576 articles  ·  updated every 4 hours · grows forever

11576Total
4297Full Text
Jul 11, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-10038 | smub Charitable Plugin up to 1.8.11.1 on WordPress save_avatar authorization

A vulnerability labeled as critical has been found in smub Charitable Plugin up to 1.8.11.1 on WordPress. This affects the function save_avatar . The manipulation results in authorization bypass. This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8608 | awordpresslife Event Monster Plugin up to 2.1.0 on WordPress PayPal API capture_payment data authenticity

A vulnerability marked as critical has been reported in awordpresslife Event Monster Plugin up to 2.1.0 on WordPress. This impacts the function capture_payment of the component PayPal API . This manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7565 | ThimPress LearnPress Plugin up to 4.1.4 on WordPress import-user-file path traversal

A vulnerability described as critical has been identified in ThimPress LearnPress Plugin up to 4.1.4 on WordPress. Affected is an unknown function. Such manipulation of the argument import-user-file l…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7665 | wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress Elementor Template ajax_load_more authorization

A vulnerability classified as problematic has been found in wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress. Affected by this vulnerability is the function ajax_load_more of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8502 | ThimPress LearnPress Plugin up to 4.3.6 on WordPress archive-course return_type authorization

A vulnerability classified as problematic was found in ThimPress LearnPress Plugin up to 4.3.6 on WordPress. Affected by this issue is some unknown functionality of the file /wp-json/lp/v1/courses/arc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8978 | crafium OptinCraft Plugin up to 1.2.0 on WordPress order_by sql injection

A vulnerability, which was classified as critical , has been found in crafium OptinCraft Plugin up to 1.2.0 on WordPress. This affects an unknown part. The manipulation of the argument order_by leads …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8611 | klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on WordPress invoice_id authorization

A vulnerability, which was classified as problematic , was found in klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on WordPress. This vulnerability affects unknown code. The manipulation of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9851 | masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress AJAX Endpoint Schedule::updateUser administrator authorization

A vulnerability has been found in masaakitanaka Booking Package Plugin up to 1.7.16 on WordPress and classified as problematic . This issue affects the function Schedule::updateUser of the component A…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9197 | nextendweb Smart Slider 3 Plugin up to 3.5.1.36 on WordPress replaceHTMLImage path traversal

A vulnerability was found in nextendweb Smart Slider 3 Plugin up to 3.5.1.36 on WordPress and classified as critical . Impacted is the function replaceHTMLImage . Such manipulation leads to path trave…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-34123 | TP-Link Tapo C520WS v2 Configuration improper authentication

A vulnerability was found in TP-Link Tapo C520WS v2 . It has been classified as critical . The affected element is an unknown function of the component Configuration Handler . Performing a manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7047 | absikandar Frontend User Notes Plugin up to 2.1.1 on WordPress wp_update_post cross-site request forgery

A vulnerability was found in absikandar Frontend User Notes Plugin up to 2.1.1 on WordPress. It has been declared as problematic . The impacted element is the function wp_update_post . Executing a man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9594 | flippercode WP Maps Plugin up to 4.9.4 on WordPress location_messages cross site scripting

A vulnerability was found in flippercode WP Maps Plugin up to 4.9.4 on WordPress. It has been rated as problematic . This affects an unknown function. The manipulation of the argument location_message…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6241 | TP-Link Tapo C520WS v2 ONVIF AddScopes format string

A vulnerability categorized as critical has been discovered in TP-Link Tapo C520WS v2 . This impacts an unknown function of the component ONVIF AddScopes . The manipulation results in format string. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9016 | qriouslad Debug Log Manager Plugin up to 2.5.0 on WordPress AJAX log_js_errors pageUrl neutralization for logs

A vulnerability identified as critical has been detected in qriouslad Debug Log Manager Plugin up to 2.5.0 on WordPress. Affected is the function log_js_errors of the component AJAX Handler . This man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8901 | plugcrux Integration for Freshsales Plugin up to 1.0.15 on WordPress CRM API cross site scripting

A vulnerability labeled as problematic has been found in plugcrux Integration for Freshsales Plugin up to 1.0.15 on WordPress. Affected by this vulnerability is an unknown functionality of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8976 | ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress authorization

A vulnerability marked as critical has been reported in ThemeIsle RSS Aggregator by Feedzy Plugin up to 5.1.7 on WordPress. Affected by this issue is some unknown functionality. Performing a manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7523 | alejo30 Alba Board Plugin up to 2.1.3 on WordPress authorization

A vulnerability described as problematic has been identified in alejo30 Alba Board Plugin up to 2.1.3 on WordPress. This affects an unknown part. Executing a manipulation can lead to missing authoriza…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6239 | TP-Link Tapo C520WS v2 ONVIF CreateUsers Service stack-based overflow

A vulnerability classified as critical has been found in TP-Link Tapo C520WS v2 . This vulnerability affects unknown code of the component ONVIF CreateUsers Service . The manipulation leads to stack-b…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6240 | TP-Link Tapo C520WS v2 ONVIF DeleteUsers Service stack-based overflow

A vulnerability classified as critical was found in TP-Link Tapo C520WS v2 . This issue affects some unknown processing of the component ONVIF DeleteUsers Service . The manipulation results in stack-b…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-6242 | TP-Link Tapo C520WS v2 ONVIF Subscribe Service format string

A vulnerability, which was classified as critical , has been found in TP-Link Tapo C520WS v2 . Impacted is an unknown function of the component ONVIF Subscribe Service . This manipulation causes forma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7796 | wpdevteam EmbedPress Plugin up to 4.5.3 on WordPress cross site scripting

A vulnerability, which was classified as problematic , was found in wpdevteam EmbedPress Plugin up to 4.5.3 on WordPress. The affected element is an unknown function. Such manipulation leads to cross …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8991 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin Setting cross site scripting

A vulnerability has been found in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin up to 1.3.9.7 on WordPress and classified as problematic . The impacted element is an unknown…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9280 | spacetime Ad Inserter Plugin up to 2.8.15 on WordPress Iframe Mode cross site scripting

A vulnerability was found in spacetime Ad Inserter Plugin up to 2.8.15 on WordPress and classified as problematic . This affects an unknown function of the component Iframe Mode . Executing a manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8438 | davidanderson All-In-One Security Plugin up to 5.4.7 on WordPress AIOS Dashboard get_rest_route REQUEST_URI cross site scripting

A vulnerability was found in davidanderson All-In-One Security Plugin up to 5.4.7 on WordPress. It has been classified as problematic . This impacts the function get_rest_route of the component AIOS D…

VulDB Read →
← Prev 152 / 483 Next →