Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 27403+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Amubis Captcha Bypass Vulnerability Analysis (v1.22.4)
git.kernel.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays a CAPTCHA system named “Amubis,” used to verify whether the user is a bot. The page contains the following key information: - **Vulnerability…

Read more
WP Maps Pro Unauthenticated Admin Account Creation Vulnerability (CVE-2026-8732)
www.wordfence.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: Unauthorized Administrator Account Creation Vulnerability - **Vulnerability Type**: Privilege Escalation - **Vulnerability Description**: The WP Ma…

Read more
Ubuntu Vim Arbitrary Command Execution Vulnerability Advisory (USN-8342-1)
ubuntu.com · 2026-05-28

### Vulnerability Overview - **Vulnerability ID**: USN-8342-1 - **Publication Date**: May 28, 2026 - **Vulnerability Description**: Vim contains a vulnerability when processing filenames containing ba…

Read more
CVSS 6.5
WordPress Photo Gallery Plugin File Inclusion Vulnerability with POC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves a file inclusion flaw in the WordPress plugin "Photo Gallery." Attackers can exploit this by crafting specific requests, causing the server to ex…

Read more
CVSS 4.3
WordPress pdf-embedder Plugin XSS Vulnerability Analysis and Patching Guide
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the `Plugin.php` source code file for the `pdf-embedder` plugin in the WordPress plugin directory. The file contains a potential sec…

Read more
CVSS 4.3
WordPress pdf-embedder XSS Vulnerability Fix Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The vulnerability involves the `Plugin.php` file within the `pdf-embedder` plugin. The specific issue is that the plugin fails to properly filter and sanitize user input whe…

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Plugin: Special Permissions and Price Field Error Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves a file `class-role.php` in the WordPress plugin directory, located at the path `acf-frontend-form-element/tags/3.28.33/main/frontend/fields/user/…

Read more
CVSS 6.5
WordPress photo-gallery Plugin SQL Injection Fix in ORDER BY
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves a security issue in the WordPress plugin `photo-gallery`. Specifically, it addresses security flaws in the files `photo-gallery/trunk/framework/W…

Read more
Premium intel
CVSS 8.8
ACF Frontend Element Privesc Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays a file named `acf-frontend-form-element/trunk/main/frontend/fields/user/class-role.php`, which contains a potential security vulnerability. T…

Read more
Premium intel
CVSS 8.8
WordPress Plugin ACF Frontend Form Element User Form Loading Logic Flaw
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability relates to a user form loading configuration issue in the WordPress plugin "ACF Frontend Form Element." Specifically, it manifests as fixed administrator …

Read more
Premium intel
CVSS 8.8
WordPress Plugin ACF Frontend Form Element File Upload Vulnerability (RCE) with POC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves the file upload functionality in the WordPress plugin "ACF Frontend Form Element." Attackers can craft malicious requests to bypass file type che…

Read more
CVSS 5.3
WordPress Simply Schedule Appointments Unauthorized Access via REST API
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code file `class-td-api-model.php` for the WordPress plugin `simply-schedule-appointments`. A potential security vulnerab…

Read more
Premium intel
CVSS 8.8
WordPress ACF Frontend Form Element Unauthenticated Access & Injection Risk
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `submit.php` for the WordPress plugin `acf-frontend-form-element`. A potential security vulnerability exists within the…

Read more
CVSS 5.3
WordPress Simply Schedule Appointments Plugin Unauthorized Access via API Permission Bypass
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the API model class (`class-td-api-model.php`) within the WordPress plugin “Simply Schedule Appointments.” Specifically, the issue lies in the plu…

Read more
Premium intel
CVSS 8.8
ACF Frontend Form Element Plugin Vulnerability Analysis and Remediation
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This web screenshot displays a file named `acf-frontend-form-element/trunk/main/frontend/forms/classes/display.php`, which contains a potential vulnerability. The issue prim…

Read more
CVSS 5.3
WordPress simply-schedule-appointments Plugin REST API Unauthorized Access Vulnerability
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the API model class (`class-t-api-model.php`) of the `simply-schedule-appointments` plugin. The flaw exists within the plugin's REST API endpoints…

Read more
CVSS 5.3
WordPress Simply Schedule Appointments URL Query Parameter Handling Flaw Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code file `class-bootstrap.php` of the WordPress plugin "Simply Schedule Appointments." A potential security vulnerabilit…

Read more
CVSS 5.3
Simply Schedule Appointments WordPress Plugin URL Protocol Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This webpage screenshot displays the source code file `class-bootstrap.php` of the "Simply Schedule Appointments" WordPress plugin. A potential security vulnerability exists…

Read more
CVSS 4.3
File Inclusion Vulnerability in WordPress Accessibility Checker Plugin (Pre-Auth)
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves a file inclusion flaw in the WordPress plugin "Accessibility Checker." Specifically, the vulnerability is located in the `class-enqueue-admin.php…

Read more
CVSS 7.7
KubeVirt virt-exportserver Path Traversal Vulnerability (CVE-2026-9804)
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview - **Vulnerability ID**: CVE-2026-9804 - **Vulnerability Description**: A path traversal vulnerability was discovered in KubeVirt's `virt-exportserver` component. This vulner…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.