Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Security Intel Hub 27403+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 7.2
WordPress ht-contactform File Upload Vulnerability Advisory
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: ht-contactform plugin - **Vulnerability Type**: File Upload Vulnerability - **Description**: This plugin allows users to upload files but does not …

Read more
CVSS 5.3
GeoMashup Plugin SQL Injection and XSS Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects multiple files within the `geo-mashup` plugin, primarily due to improper handling of input data, which can lead to security issues. Specifically: …

Read more
CVSS 6.1
WordPress Plugin stops-core-theme-and-plugin-updates Info Disclosure Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the `MPSUM_Plugins_List_Table.php` file in the WordPress plugin "stops-core-theme-and-plugin-updates". The flaw lies in the display logic of the p…

Read more
CVSS 6.1
WordPress MPUM Plugin Reflected XSS Vulnerability in MPUM_Plugins_List_Table.php with POC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the `MPUM_Plugins_List_Table.php` file within the WordPress plugin directory. The specific flaw resides in the `prepare_items()` function, which i…

Read more
CVSS 6.1
WordPress MPSUM_List_Table.php XSS Vulnerability Fix Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays a changeset (Changeset 3531188) for a WordPress plugin, affecting the file `stops-core-theme-and-plugin-updates/trunk/includes/MPSUM_List_Tab…

Read more
Eupago Gateway WooCommerce < 4.7.2 Unauthenticated Arbitrary Refund Initiation (CVE-2026-7862)
wpscan.com · 2026-05-28

### Vulnerability Overview **Vulnerability Name**: Eupago Gateway For Woocommerce < 4.7.2 - Unauthenticated Arbitrary Refund Initiation **Description**: The plugin fails to properly restrict access to…

Read more
CVSS 5.3
WordPress User Registration Plugin Arbitrary File Upload Vulnerability and POC
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the file upload functionality of the WordPress plugin "User Registration." Attackers can bypass file type validation by crafting malicious request…

Read more
CVSS 5.3
WordPress User Registration Plugin 5.2.0 Input Validation Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot shows the source code file `class-ur-frontend.php` for the WordPress plugin "User Registration." A potential security vulnerability exists within thi…

Read more
CVSS 5.3
WordPress User Registration Plugin RCE Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview This vulnerability affects the `class-up-front-end.php` file within the WordPress plugin “User Registration.” Specifically, there is a code injection risk when processing me…

Read more
Premium intel
CVSS 8.1
WP Contact Form 7 DB Handler plugin updated to v3.1 with security fixes
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview - **Vulnerability Name**: wp-contact-form-7-db-handler plugin update - **Timestamp**: May 1, 2026 09:39:23 AM - **Author**: yudiz - **Message**: Updated plugin to version 3.…

Read more
Premium intel
CVSS 8.8
WordPress Plugin gutenbee Stored XSS Vulnerability Analysis and Remediation
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The attached webpage screenshot displays the source code file `gutenbee.php` for a WordPress plugin named `gutenbee`. A potential security vulnerability exists within this f…

Read more
Premium intel
CVSS 8.8
WordPress gutenbee Plugin XSS Vulnerability Analysis (Reflected XSS via insufficient input validation)
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `gutenbee.php` for the WordPress plugin named `gutenbee`. A potential security vulnerability exists within this file, s…

Read more
Premium intel
CVSS 8.8
WordPress gutenbee Plugin Reflected XSS Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot of the web page displays the source code file `gutenbee.php` of a WordPress plugin named `gutenbee`. A potential security vulnerability exists within the file…

Read more
Premium intel
CVSS 8.8
WordPress gutenbee Plugin Unauth XSS Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided screenshot displays the source code file `gutenbee.php` for the WordPress plugin named `gutenbee`. The file contains a potential security vulnerability, specifi…

Read more
Premium intel
CVSS 8.8
WordPress Plugin gutenbee Input Validation Failure Leading to XSS
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The attached screenshot displays the source code file `gutenbee.php` for the WordPress plugin named `gutenbee`. A potential security vulnerability exists within this file, s…

Read more
Premium intel
CVSS 8.8
WordPress Gutenberg CVE-2026-9227 Fix: JSON Upload Whitelist Removal
github.com · 2026-05-28

### Vulnerability Overview This vulnerability involves the whitelist mechanism for JSON file uploads, specifically legacy code related to the removal of experimental Lottie support. This fix addresses…

Read more
Premium intel
CVSS 8.8
WordPress Plugin gutenbee JSON Upload Whitelist Bypass Fix
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the changelog for the WordPress plugin "gutenbee." The update includes the remediation of a security issue related to the JSON uploa…

Read more
CVSS 4.3
peachpay-for-woocommerce WordPress Plugin Stripe Payment Injection Vulnerability
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The webpage screenshot displays the source code file for a WordPress plugin named “peachpay-for-woocommerce.” A potential security vulnerability exists within the file, spec…

Read more
CVSS 4.3
XSS Vulnerability Analysis in peachpay-for-woocommerce WordPress Plugin
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The provided webpage screenshot displays the source code file `settings.php` of a WordPress plugin named “peachpay-for-woocommerce”. The file contains a potential security v…

Read more
CVSS 4.3
peachpay-for-woocommerce Plugin Potential SQLi/XSS Vulnerability Analysis
plugins.trac.wordpress.org · 2026-05-28

### Vulnerability Overview The screenshot of this webpage displays the source code of the `functions.php` file from the plugin named `peachpay-for-woocommerce`. The file contains a potential security …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.