Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Security Intel Hub 29715+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.4
presto-player Shortcode Arbitrary Code Execution Vulnerability
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability affects the `Shortcodes.php` file within the `presto-player` plugin, specifically located at `4.1.1/inc/Services/Shortcodes.php`. The flaw may impact the …

Read more
CVSS 6.4
WordPress Presto Player Plugin Null Handling Vulnerability Analysis
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability involves the `Shortcodes.php` file in the WordPress plugin Presto Player. Specifically, the issue resides in the `parseAttributes` function, which is resp…

Read more
CVSS 6.4
presto-player Plugin Shortcodes.php Vulnerability Analysis
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability involves the `Shortcodes.php` file within the `presto-player` plugin, specifically located at `4.1.4/inc/Services/Shortcodes.php`. The flaw potentially ex…

Read more
CVSS 6.4
WordPress Presto Player Video Template Vulnerability Advisory
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability affects the `video.php` template file of the WordPress plugin Presto Player. The specific vulnerability is located in the file `/tags/4.1.4/templates/vide…

Read more
CVSS 4.9
WordPress plugin quiz-master-next REST API Unauthorized Access Vulnerability
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The provided screenshot displays the source code file `class-qsm-quiz-api.php` of the WordPress plugin "quiz-master-next". A potential security vulnerability exists within t…

Read more
CVSS 4.9
WordPress Quiz Master Next Plugin Unauthenticated API Access Vulnerability
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability involves the API endpoints of the WordPress plugin "Quiz Master Next," specifically `/wp-json/qmn/v1/quiz-results/{id}` and `/wp-json/qmn/v1/quiz-question…

Read more
CVSS 4.9
Quiz Master Next Pre-Auth Privilege Escalation via REST API
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability concerns the `class-qsm-quiz-api.php` file within the `quiz-master-next` plugin. The vulnerability exists in the `register_rest_route` function, specifica…

Read more
CVSS 4.9
Quiz Master Next WordPress Plugin REST API Privilege Escalation Vulnerability
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The provided webpage screenshot displays the source code file for a WordPress plugin named "Quiz Master Next." The file contains a potential security vulnerability specifica…

Read more
CVSS 4.9
WordPress Quiz Master Next Plugin API Unauthorized Access Vulnerability Analysis
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The provided webpage screenshot displays a file named `class-qsm-quiz-api.php`, which contains a potential vulnerability. The issue primarily relates to parameter validation…

Read more
CVSS 6.1
Unauthenticated Access via AJAX Handler in Eszf WordPress Plugin
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The web screenshot displays a file named `Eszf_Ajax_Handler.php`, which contains a potential vulnerability. The issue primarily involves the handling of AJAX requests, speci…

Read more
CVSS 4.4
WordPress quick-playground Plugin Unauthenticated Arbitrary File Upload and Unauthorized Option Modification
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The web page screenshot displays a file `client-qckply_data.php` from a WordPress plugin directory, which is suspected of containing a potential security vulnerability. Whil…

Read more
CVSS 4.4
WordPress quick-playground Plugin XSS and SSRF Vulnerability Analysis
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability involves a file named `client-qckply_data.php` located in the `quick-playground/trunk/` directory within the WordPress plugin directory. The vulnerability…

Read more
CVSS 4.9
WordPress Quiz Master Next Plugin SQL Injection Vulnerability Analysis
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The attached webpage screenshot displays a file named `class-qsm-quiz-api.php`, which contains a potential vulnerability. The issue primarily concerns parameter validation a…

Read more
CVSS 7.5
WordPress sp-client-document-manager Plugin: Directory Traversal, Unauthenticated Access, and Input Validation Vulnerabi
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The provided screenshot displays the source code of the `ajax.php` file from the WordPress plugin `sp-client-document-manager`. The file contains several security vulnerabil…

Read more
CVSS 6.4
WordPress Simple SEO Slideshow Reflected XSS Vulnerability in Widget Form
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The vulnerability exists in the `simple-seo-slideshow/trunk/simplesideshow.php` file, specifically involving the `form` method of the `SimpleSEOslideshowWidget` class. The i…

Read more
CVSS 4.3
Squirrly-SEO Post.php Stored XSS Vulnerability Analysis and POC
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This webpage screenshot displays a PHP file named `Post.php`, which is part of the `squirrly-seo` plugin. The file contains a potential security vulnerability characterized …

Read more
CVSS 4.3
Squirrly SEO Plugin: Fixes for API Token Exposure, Stored XSS, and Access Control
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability pertains to the `Post.php` file within the `squirrly-seo` plugin, specifically in version `12.4.17`. The issues are primarily security-related, including:…

Read more
CVSS 4.3
Squirrly SEO Plugin Security Patch: Stored XSS and API Token Exposure Fixes
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview This vulnerability concerns the `Post.php` file within the `squirrly-seo` plugin, specifically in version `12.4.17`. The issues primarily relate to security enhancements, in…

Read more
CVSS 6.4
XSS Vulnerability in unlimited-elementor-inner-sections-by-boomdevs Plugin (PostGridRenderer.php)
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The web screenshot displays a file named `PostGridRenderer.php`, which belongs to the `unlimited-elementor-inner-sections-by-boomdevs` plugin. A potential security vulnerabi…

Read more
CVSS 6.4
WordPress Plugin unlimited-elementor-inner-sections-by-boomdevs XSS Vulnerability Advisory
plugins.trac.wordpress.org · 2026-06-13

### Vulnerability Overview The provided webpage screenshot displays the source code file `PostGridRenderer.php` of the WordPress plugin named “unlimited-elementor-inner-sections-by-boomdevs”. A potent…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.