Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 27403+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 9.0
CVE-2026-4408: Samba SAMR Remote Code Execution via Username Injection
bugzilla.redhat.com · 2026-05-28

### Vulnerability Overview - **CVE ID**: CVE-2026-4408 - **Vulnerability Name**: Samba: Remote Code Execution in SAMR - **Report Date**: 2026-05-19 09:27 UTC - **Last Modified**: 2026-05-28 07:10 UTC …

Read more
CVSS 6.4
WordPress Shariff Plugin Attribute Injection Vulnerability Fix Details
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability pertains to a security fix in the WordPress "Shariff" plugin. The specific issue involves preventing attribute context injection, where `%total%` within H…

Read more
CVSS 4.3
WordPress SMTP2GO Plugin Missing Authorization Log Read/Truncate (CVE-2026-7621)
www.wordfence.com · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate - **CVE ID**: CVE-2026-7621 - **CVSS Score…

Read more
CVSS 7.5
Simply Schedule Appointments 1.6.740 REST API BFLA Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays the source code of a file named `class-td-api-model.php`, which belongs to the `simply-schedule-appointments` plugin. A potential vulnerabili…

Read more
CVSS 7.5
Analysis of Potential Permission Bypass in Simply Schedule Appointments WordPress Plugin
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot of the web page displays source code files for the WordPress plugin "Simply Schedule Appointments." A potential security vulnerability exists within the code,…

Read more
CVSS 7.5
Unauth Access in WordPress simply-schedule-appointments Plugin with POC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays a class named `TD_API_Model`, which belongs to the API model component of the `simply-schedule-appointments` plugin. This plugin contains a …

Read more
CVSS 7.5
WordPress simply-schedule-appointments Plugin REST API Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays a PHP class named `TD_API_Model`, which is part of the WordPress plugin `simply-schedule-appointments`. This class is responsible for handlin…

Read more
CVSS 4.3
WordPress Plugin smtpp2go SQL Injection Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code of the `WordpressPluginAdmin.php` file from a WordPress plugin named `smtpp2go`. A potential security vulnerability …

Read more
CVSS 4.3
smtpp2go WordPress Plugin SQL Injection Vulnerability Analysis and Patch
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `WordpressPluginAdmin.php` for the WordPress plugin `smtpp2go`. The file contains a potential security vulnerability, s…

Read more
CVSS 4.3
SQL Injection in WordPress Plugin smtpp2o
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `WordpressPluginAdmin.php` for a WordPress plugin named `smtpp2o`. A potential security vulnerability exists within thi…

Read more
CVSS 4.3
smtP2go WordPress Plugin SQL Injection Vulnerability Analysis and Patch
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided web screenshot displays the source code file `WordpressPluginAdmin.php` of the WordPress plugin `smtP2go`. The file contains a potential security vulnerability …

Read more
CVSS 4.3
WordPress Plugin smtp2go XSS Vulnerability Analysis and Fix Recommendation
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code of a WordPress plugin file, `WordpressPlugin.php`, belonging to the `smtp2go` plugin. A potential security vulnerability is …

Read more
CVSS 7.2
WordPress WP Statistics Plugin Vulnerability Advisory
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability involves the `Tracker/Processor.php` file in the WordPress plugin WP Statistics. The vulnerability allows attackers to bypass the plugin's security checks…

Read more
CVSS 7.2
WordPress wp-slimstat SQL Injection Vulnerability Analysis (CVE-2024-7636)
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot of the webpage displays a code file `Storage.php` within a WordPress plugin directory, located in the `wp-slimstat/trunk/src/Tracker/` directory. The code inv…

Read more
CVSS 7.2
WordPress wp-slimstat Plugin SQL Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The attached screenshot displays the source code file `Storage.php` for the `wp-slimstat` plugin in the WordPress plugin directory. A potential vulnerability exists within t…

Read more
CVSS 7.2
Potential SQL Injection Risk in wp-slimstat Plugin Storage Class
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot shows the source code for a file named `Storage.php` of a WordPress plugin called `wp-slimstat` from the WordPress plugin directory. The file contains…

Read more
CVSS 7.2
SQL Injection Vulnerability in WordPress ht-contactform Plugin (Pre-Auth)
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `Entries.php` for the WordPress plugin `ht-contactform`. A potential SQL injection vulnerability exists within the file…

Read more
CVSS 7.2
ht-contactform SQL Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot above displays the `Entries.php` file, located in the `admin/includes/Models` directory of the `ht-contactform` plugin. A potential SQL injection vulnerabilit…

Read more
CVSS 7.2
WordPress Slimstat Plugin Vulnerability Advisory: Browscap.php Risk and Mitigation
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays a file named `Browscap.php`, which is part of the Slimstat WordPress plugin. A potential security vulnerability exists within this file, spe…

Read more
CVSS 7.2
WordPress Plugin Simple Live Stats Authenticated SQLi & Stored XSS Vulnerability Analysis
github.com · 2026-05-28

### Vulnerability Overview #### 1. SQL Injection (CVSS 8.5, High) - **Description**: An authenticated SQL injection vulnerability exists in the chart AJAX endpoint `wp_ajax_slmstat_fetch_chart_data`. …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.