CVE Vulnerabilities - 19 February 2026

The UpsellWP plugin's checkout feature has a security issue that allows unauthorized access to certain areas. This could potentially allow an attacker to make changes to orders or access sensitive inf...

A security issue in News Kit Elementor Addons could allow unauthorized users to access content they shouldn't. This affects versions of the software up to 1.4.2. Users should update to a fixed version...

A security weakness in Revision Manager TMC allows hackers to trick users into making unintended changes to the system. This can happen when a user clicks on a malicious link or submits a form on a we...

The WP-CORS plugin has a security bug that could allow unauthorized access to sensitive data. This affects WP-CORS plugin versions up to 0.2.2. To protect your site, update your plugin to the latest v...

A security issue in JAMstack deployments for WordPress, including crgeary's wp-jamstack-deployments, allows attackers to access data they shouldn't. This affects sites using this plugin. To fix, updat...

Cookiebot Cookiebot has a security issue that allows unauthorized access to sensitive data. This affects Cookiebot versions 4.6.4 and earlier. To fix this, update to the latest version of Cookiebot.

The echo-knowledge-base software has a security issue that allows unauthorized users to access sensitive information. This affects the Knowledge Base for Documentation, FAQs with AI Assistance. If not...

The Serious Slider plugin has a security problem that allows unauthorized users to access and change settings. This means that someone might be able to make changes without permission, potentially cau...

A configuration mistake in Business Roy allows unauthorized users to access areas they shouldn't. This is a serious issue because it lets people who shouldn't have permission do things they shouldn't ...

The Fitness FSE plugin has a security flaw that could allow unauthorized users to access sensitive pages. This means that users who shouldn't have access might be able to view or edit information they...

A security issue in Hello FSE themes allows unauthorized access to certain features. This affects versions of Hello FSE up to 1.0.6. To stay secure, update to the latest version of Hello FSE.

A security weakness in Elementor's Image Optimizer plugin for WordPress allows unauthorized users to access and potentially exploit it if access controls are not properly set. This affects versions of...

An issue in WP Chill Image Photo Gallery Final Tiles Grid allows attackers to access parts of the website they shouldn't. This affects the way access is controlled, potentially letting unauthorized us...

A security weakness in FooGallery allows attackers to access features they shouldn't, potentially leading to data exposure or unauthorized actions. This affects all versions of FooGallery up to 3.1.11...

Ays Pro Secure Copy Content Protection and Content Locking has a serious security weakness. If not set up correctly, attackers can access and alter protected content. Update to the latest version to f...

A security flaw in PublishPress Authors allows users to access restricted content without permission. This affects PublishPress Authors versions up to 4.10.1. To fix this, update to the latest version...

A configuration error in Quiz And Survey Master's security settings allows unauthorized access to quiz data. This affects versions 1 through 10.3.4. To fix, update to a patched version of the software...

A security weakness in MiKa OSM osm allows attackers to access sensitive information or perform unauthorized actions if access control settings are not properly configured. This affects versions of Mi...

A security issue affects Zita Elementor Site Library, a popular plugin for WordPress websites. If exploited, an attacker could trick a website owner into performing unintended actions, such as deletin...

An issue with WiserReview for WooCommerce allows attackers to view or edit product reviews they shouldn't be able to access. This is a security risk because it means that unauthorized people can see o...

A security issue in WP Messiah TOP Table Of Contents allows attackers to access restricted content. If not configured correctly, users with normal access levels can view content meant for admins or ot...

FluentForm has a security issue that allows an attacker to access content that should be restricted. If not configured properly, an attacker can gain access to sensitive information. Update to the lat...

A security flaw in Simple Membership software can allow users to access levels of the site they shouldn't be able to. This affects versions of Simple Membership up to 4.6.9. To protect your site, upda...

A security issue in Ninja Tables allows attackers to retrieve sensitive data that was embedded in user input. This means that if a user enters malicious data, it can be extracted and potentially used ...

The Client Portal software may allow unauthorized users to access sensitive data or perform actions they shouldn't be able to. This is because the access control settings are not properly configured. ...