NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-39541	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Hydra Booking hydra-booking allows Stor...	2026-04-08	5.9	NETWORK	MEDIUM	NVD
CVE-2026-39538	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Mikado Core mik...	2026-04-08	7.5	NETWORK	HIGH	NVD
CVE-2026-39536	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Em...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39535	Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access C...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39528	Missing Authorization vulnerability in WP Delicious WP Delicious delicious-recipes allows Exploiting Incorrectly Configured Access Control Security Le...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39526	Authorization Bypass Through User-Controlled Key vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control S...	2026-04-08	5.4	NETWORK	MEDIUM	NVD
CVE-2026-39521	Server-Side Request Forgery (SSRF) vulnerability in Nelio Software Nelio Content nelio-content allows Server Side Request Forgery.This issue affects N...	2026-04-08	4.9	NETWORK	MEDIUM	NVD
CVE-2026-39520	Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39517	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Blog Filter blog-filter allows DOM-Bas...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39516	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor al...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39510	Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows E...	2026-04-08	2.7	NETWORK	LOW	NVD
CVE-2026-39509	Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issu...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39508	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce C...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39506	Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Level...	2026-04-08	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39505	Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured A...	2026-04-08	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.