In APCu Manager component for WordPress versions before 4.5.0 a high severity vulnerability CVE-2026-10083 was detected. This vulnerability allows attackers to execute arbitrary web scripts. To address this issue, users should upgrade APCu Manager to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-10083.
Read more CMSIn WooCommerce Designer Pro component for WooCommerce versions 1.9.34 and earlier a medium severity vulnerability CVE-2026-57329 was detected. This vulnerability allows attackers to execute arbitrary web scripts. To address this issue, users should upgrade WooCommerce Designer Pro to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57329.
Read more E-commerceIn F4 Post Tree component for WordPress versions before 2.0.5 a medium severity vulnerability CVE-2026-9676 was detected. This vulnerability allows authenticated users with Subscriber-level access and above to modify the parent and menu order of arbitrary posts. To address this issue, users should upgrade F4 Post Tree to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-9676.
Read more CMSIn Helix3 plugin component for Joomla in unpatched versions a high severity vulnerability CVE-2026-49049 was detected. This vulnerability allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters. To address this issue, users should upgrade Helix3 plugin to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-49049.
Read more CMSIn Page Builder CK component for Joomla versions before 3.6.0 a critical severity vulnerability CVE-2026-56290 was detected. This vulnerability allows attackers to upload arbitrary files and achieve remote code execution. To address this issue, users should upgrade Page Builder CK to version 3.6.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-56290.
Read more CMSIn Splash – Sport Club WordPress Theme for Basketball, Football, Hockey component for WordPress versions 4.4.3 and earlier a high severity vulnerability CVE-2025-68063 was detected. This vulnerability allows an attacker to include and execute arbitrary files on the server. To address this issue, users should upgrade Splash – Sport Club WordPress Theme for Basketball, Football, Hockey to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-68063.
Read more CMS