In Splash – Sport Club WordPress Theme for Basketball, Football, Hockey component for WordPress versions 4.4.3 and earlier a high severity vulnerability CVE-2025-68063 was detected. This vulnerability allows an attacker to include and execute arbitrary files on the server. To address this issue, users should upgrade Splash – Sport Club WordPress Theme for Basketball, Football, Hockey to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-68063.
Read more CMSIn Mattermost versions 10.11.18 and earlier, 11.6.3 and earlier, and 11.5.6 and earlier a low severity vulnerability CVE-2026-3472 was detected. This vulnerability allows an authenticated attacker to exfiltrate data. To address this issue, users should upgrade Mattermost to version 10.11.19 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-3472.
Read more CommunicationIn Mattermost Agents component for Mattermost versions 10.11.18, 11.6.3, 11.5.6 and earlier a medium severity vulnerability CVE-2026-4339 was detected. This vulnerability allows an attacker to perform server-side request forgery (SSRF) and exfiltrate data from internal network services. To address this issue, users should upgrade Mattermost to version 10.11.19 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-4339.
Read more CommunicationIn Abandoned Cart Pro for WooCommerce component for WooCommerce versions 10.4.0 and earlier a high severity vulnerability CVE-2026-56010 was detected. This vulnerability allows attackers to escalate their privileges. To address this issue, users should upgrade Abandoned Cart Pro for WooCommerce to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-56010.
Read more E-commerceIn MapPress Maps for WordPress component for WordPress versions 2.97.3 and earlier a high severity vulnerability CVE-2026-56011 was detected. This vulnerability allows attackers to inject malicious scripts. To address this issue, users should upgrade MapPress Maps for WordPress to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-56011.
Read more CMSIn Script Security Plugin component for Jenkins versions 1402.v94c9ce464861 and earlier a high severity vulnerability CVE-2026-57280 was detected. This vulnerability allows attackers to bypass sandbox protection. To address this issue, users should upgrade Script Security Plugin to version 1402.1405.vc96e74964250 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57280.
Read more Developer ToolsIn Script Security Plugin component for Jenkins versions 1402.v94c9ce464861 and earlier a high severity vulnerability CVE-2026-57281 was detected. This vulnerability allows attackers to execute code outside the sandbox. To address this issue, users should upgrade Script Security Plugin to version 1402.1405.vc96e74964250 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57281.
Read more Developer ToolsIn Git client Plugin component for Jenkins versions 6.6.0 and earlier a medium severity vulnerability CVE-2026-57282 was detected. This vulnerability allows attackers who can control the name of a build’s working directory to execute arbitrary operating system commands on the agent. To address this issue, users should upgrade Git client Plugin to version 6.6.1 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57282.
Read more Developer ToolsIn Pipeline: Groovy Plugin component for Jenkins versions 4331.v9d06ed4658ff and earlier a medium severity vulnerability CVE-2026-57283 was detected. This vulnerability allows attackers to instantiate unauthorized types through the Pipeline Snippet Generator. To address this issue, users should upgrade Pipeline: Groovy Plugin to version 4331.4333.v50a_b_076c5199 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57283.
Read more Developer Tools