NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-39504	Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect allows Exploiting Incorrectly Configured Access Control Security Levels...	2026-04-08	5.4	NETWORK	MEDIUM	NVD
CVE-2026-39501	Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security L...	2026-04-08	5.3	NETWORK	MEDIUM	NVD
CVE-2026-39500	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat themesflat-addons-for-elementor theme...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39497	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 FOX woocommerce-currency-switcher all...	2026-04-08	7.6	NETWORK	HIGH	NVD
CVE-2026-39496	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YayMail yaymail allows Blind SQL Inj...	2026-04-08	7.6	NETWORK	HIGH	NVD
CVE-2026-39495	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NSquared Simply Schedule Appointments simply-sch...	2026-04-08	8.5	NETWORK	HIGH	NVD
CVE-2026-39488	Missing Authorization vulnerability in SureCart SureCart surecart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue a...	2026-04-08	6.3	NETWORK	MEDIUM	NVD
CVE-2026-39487	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ameliabooking Amelia ameliabooking allows Blind ...	2026-04-08	7.6	NETWORK	HIGH	NVD
CVE-2026-39486	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allow...	2026-04-08	N/A	None	None	NVD
CVE-2026-39485	Missing Authorization vulnerability in embedplus Youtube Embed Plus youtube-embed-plus allows Exploiting Incorrectly Configured Access Control Securit...	2026-04-08	4.3	NETWORK	MEDIUM	NVD
CVE-2026-39484	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide M...	2026-04-08	4.7	NETWORK	MEDIUM	NVD
CVE-2026-39483	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit v...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39482	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Post Expirator post-expirator allow...	2026-04-08	6.5	NETWORK	MEDIUM	NVD
CVE-2026-39479	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brainstorm Force OttoKit suretriggers allows Bli...	2026-04-08	7.6	NETWORK	HIGH	NVD
CVE-2026-39477	Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.Th...	2026-04-08	4.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.