Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 231+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
SureTriggers <1.1.23 Unauthenticated SQL Injection (CVE-2026-4935)
CVE-2026-4935 · wpscan.com · 2026-05-08
SureTriggers < 1.1.23
Read more
High
Check & Log Email <2.0.13 Unauthenticated Stored XSS
CVE-79 · wpscan.com · 2026-04-28
Check & Log Email < 2.0.13
Read more
Low
WP reCaptcha < 2.0 Admin+ Stored XSS Vulnerability
CVE-2026-4512 · wpscan.com · 2026-04-23
WP reCaptcha < 2.0
Read more
Low
WordPress Email Encoder Plugin Stored XSS Vulnerability (CVE-79)
CVE-2024-7083 · wpscan.com · 2026-04-20
Email Encoder < 2.3.4
Read more
High
Unauthenticated SQLi in WooCommerce Product Filter < 31.3 (CVE-2026-3830)
CVE-2026-3830 · wpscan.com · 2026-04-18
Product Filter for WooCommerce < 3.1.3
Read more
Medium
WordPress Form Maker SQL Injection Vulnerability (CVE-2025-15441) with POC
CVE-2025-15441 · wpscan.com · 2026-04-18
Form Maker < 1.15.38
Read more
High
WordPress SQL Chart Builder < 2.3.8 Unauthenticated SQL Injection (CVE-2026-4079)
CVE-2026-4079 · wpscan.com · 2026-04-07
SQL Chart Builder < 2.3.8
Read more
Medium
WordPress AYS Popup Box <5.5.0 CSRF-Induced Stored XSS Vulnerability
CVE-2025-15611 · wpscan.com · 2026-04-07
AYS Popup Box AYS Pro < 5.5.0
Read more
Critical
RCE in WordPress Plugin Spam Project for Contact Form 7 < 1.2.10 (CVE-2026-1640)
CVE-2026-1640 · wpscan.com · 2026-04-02
Spam Protect for Contact Form 7 < 1.2.10
Read more
Critical
Order Notification for WooCommerce Unauthenticated Access Vulnerability with POC
CVE-2025-15484 · wpscan.com · 2026-04-02
Order Notification for WooCommerce < 3.6.3
Read more
Medium
CVE-2026-2696: Export All URLs Plugin Unauthenticated Sensitive Data Exposure
CVE-2026-2696 · wpscan.com · 2026-04-02
Export All URLs < 5.1
Read more
Medium
Frontend File Manager Plugin Unauthenticated Arbitrary Email Sending (CVE-2026-0829)
CVE-2026-0829 · wpscan.com · 2026-02-21
Frontend File Manager <= 23.5
Read more
Medium
wp-e-commerce Unauthenticated PHP Object Injection via Insecure Deserialization (CVE-2026-1235)
CVE-2026-1235 · wpscan.com · 2026-02-11
wp-e-commerce <= 3.15.1
Read more
Medium
OpenPix <= 2.13.3 Broken Access Control: Authenticated Users Can Reset Payment Gateway Settings (CVE-2025-15400)
CVE-2025-15400 · wpscan.com · 2026-02-11
OpenPix <= 2.13.3
Read more
Medium
Bookingor WordPress Plugin Unauthenticated Data Deletion (CWE-862)
CVE-2025-12573 · wpscan.com · 2026-01-27
Bookingor <= 1.0.12
Read more
High
Dreamer Blog <= 1.2 Arbitrary Plugin Installation via Missing Authorization
CVE-2025-10915 · wpscan.com · 2026-01-20
Dreamer Blog <= 1.2
Read more
Medium
YaMaps WordPress Plugin <0.6.40 Stored XSS Vulnerability
wpscan.com · 2026-01-03
YaMaps < 0.6.40
Read more
High
Shopbuilder < 3.2.2 Reflected XSS Vulnerability Advisory
CVE-2025-13456 · wpscan.com · 2026-01-03
Shopbuilder < 3.2.2
Read more
Medium
Ultimate Post Kit < 4.0.16 Unauthenticated Arbitrary Post Content Disclosure (CVE-2025-14434)
CVE-2025-14434 · wpscan.com · 2026-01-03
Ultimate Post Kit < 4.0.16
Read more
Medium
Stored XSS in WordPress Plugin wordprezi via Shortcode Attributes
wpscan.com · 2025-12-29
wordprezi < 0.9
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.