Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Security Intel Hub 359+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
CVE-2026-11961: User Registration < 5.2.3 Unauthenticated Privilege Escalation
CVE-2026-11961 · wpscan.com · 2026-07-17
User Registration & Membership < 5.2.3
Read more
Medium
WordPress User Registration Plugin IDOR: Unauth Member Deletion via Stripe Handler
CVE-2026-11966 · wpscan.com · 2026-07-17
User Registration & Membership < 5.2.3
Read more
High
CVE-2026-11575: PhonePe Payment Solutions Unauthenticated Payment Bypass via Forged Callback
CVE-2026-11575 · wpscan.com · 2026-07-17
phonepe-payment-solutions < 3.1.0
Read more
Critical
WordPress AI Chatbot Plugin Unauthenticated Privilege Escalation (CVE-2026-9810)
CVE-2026-9810 · wpscan.com · 2026-07-17
AI Chatbot & Workflow Automation by AIWU < 1.5.4 · ai-copilot-content-generator < 1.5.4
Read more
High
NEX-Forms < 9.2.3 Unauthenticated Stored XSS Vulnerability (CVE-2026-10525)
CVE-2026-10525 · wpscan.com · 2026-07-17
NEX-Forms < 9.2.3 · nex-forms-express-wp-form-builder < 9.2.3
Read more
Medium
Royal Elementor Addons Unauthenticated Private Template Disclosure (CVE-2026-13402)
CVE-2026-13402 · wpscan.com · 2026-07-17
royal-elementor-addons < 1.7.1063
Read more
Medium
WPS Bookings for WooCommerce < 3.11.7 IDOR Arbitrary Order Cancellation
CVE-2026-12393 · wpscan.com · 2026-07-17
WPS Bookings for WooCommerce < 3.11.7
Read more
High
LatePoint < 5.6.3 Multiple Privileged Actions via CSRF Vulnerability with POC
CVE-2026-11866 · wpscan.com · 2026-07-16
LatePoint < 5.6.3
Read more
High
Redux Framework < 4.5.13 Privilege Escalation to Administrator (CVE-2026-12525)
CVE-2026-12525 · wpscan.com · 2026-07-16
Redux Framework < 4.5.13
Read more
Medium
Stored XSS in Header Footer Builder for Elementor < 1.2.1 via Template Import (CVE-2026-12869)
CVE-2026-12869 · wpscan.com · 2026-07-16
Header Footer Builder for Elementor < 1.2.1
Read more
Low
IDOR Vulnerability in RTMKit Addons for Elementor Leading to Private Post Title Disclosure
CVE-2026-12906 · wpscan.com · 2026-07-16
RTMKit Addons for Elementor < 2.0.9
Read more
High
RTMKit Addons for Elementor WordPress Privilege Escalation to Admin
CVE-2026-12907 · wpscan.com · 2026-07-16
RTMKit Addons for Elementor < 2.0.9
Read more
Critical
Happy Coders OTP Login for WooCommerce < 2.8 Unauthenticated Account Takeover (CVE-2026-12492)
CVE-2026-12492 · wpscan.com · 2026-07-16
Happy Coders OTP Login for WooCommerce < 2.8
Read more
High
FunnelKit < 3.15.0.6 Reflected XSS via Divi Optin Form (CVE-2026-12978) with PoC
CVE-2026-12978 · wpscan.com · 2026-07-16
FunnelKit < 3.15.0.6
Read more
Medium
FunnelKit < 3.15.0.6 Path Traversal Arbitrary File Deletion via Template Importer (CVE-2026-12979)
CVE-2026-12979 · wpscan.com · 2026-07-16
FunnelKit < 3.15.0.6 · funnel-builder < 3.15.0.6
Read more
High
Unauthenticated Arbitrary Media Upload in Customer Reviews for WooCommerce (CVE-2026-12684) with POC
CVE-2026-12684 · wpscan.com · 2026-07-16
Customer Reviews for WooCommerce < 5.113.0
Read more
High
WP Job Portal <2.5.5 Subscriber SQL Injection via 'ta' Parameter (CVE-2026-12395)
CVE-2026-12395 · wpscan.com · 2026-07-16
WP Job Portal < 2.5.5
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.