CVE Vulnerabilities - 20 February 2026

The SOHO - Photography WordPress Theme has a security issue that allows hackers to inject malicious code into your website. This could lead to unauthorized actions being performed on your site. Update...

The Oyster Photography Theme has a security flaw that allows hackers to inject malicious content into websites built with this theme. This could potentially let attackers steal sensitive information o...

An attacker can inject malicious code into Prestige websites, potentially stealing user data or taking control of the site. This happens when a user clicks on a specially crafted link. To protect agai...

A security issue in the NEX-Forms WordPress plugin allows attackers to inject malicious code into web pages, potentially stealing sensitive information or taking control of user sessions. This issue a...

A security flaw in NEX-Forms can allow hackers to inject malicious code into your website, potentially stealing user data or taking control of your site. This issue affects all versions of NEX-Forms u...

A security flaw in Slimstat Analytics allows hackers to inject malicious code into your website, potentially stealing user data or taking control of your site. This issue affects all versions of Slims...

An attacker can inject malicious code into your website, potentially stealing user data or taking control of your site. This issue affects DesignThemes Core Features from an unknown version up to 2.3....

The Aardvark software does not properly filter user input, which allows an attacker to inject malicious code into web pages. This can happen when a user clicks on a link or visits a webpage with malic...

Simple Archive Generator software has a security flaw that allows hackers to steal user data or take control of a website. This flaw can happen when a user clicks on a malicious link or visits a compr...

A security weakness in iContact for Gravity Forms allows hackers to inject malicious code into a website by tricking users into clicking on a specially crafted link. This could lead to unauthorized ac...

The Mopinion Feedback Form plugin may allow attackers to inject malicious code into your website, potentially stealing user data or taking control of your site. This affects versions up to 1.1.1. Upda...

ID Arrays, a software used to generate IDs, contains a security flaw that allows hackers to inject malicious code into web pages. This could potentially steal user data or take control of a user's bro...

The Court Reservation software has a security flaw that allows hackers to trick users into revealing sensitive information or taking unwanted actions when they click on a malicious email link. This co...

A security issue in amr-cron-manager allows hackers to inject malicious code into the web interface if a user clicks on a specially crafted link. This could potentially allow an attacker to steal sens...

A security issue in iSape, a web application, allows hackers to inject malicious code into websites. This could lead to unauthorized access to sensitive information or disruption of service. Update to...

A security flaw in Asynchronous Javascript versions 1.3.5 and earlier allows hackers to inject malicious code into a web page through user input, potentially stealing sensitive information or taking c...

The eDS Responsive Menu plugin, used in some websites, has a security flaw that allows attackers to inject malicious code into web pages. This could happen if a user clicks on a specially crafted link...

A security issue in the Membee Login Widget allows hackers to inject malicious code into web pages, potentially stealing sensitive information or taking control of user sessions. This affects Membee L...

A security issue in FeedWordPress Advanced Filters could allow hackers to inject malicious code into websites, potentially stealing sensitive information or taking control of user accounts. This issue...

A security flaw in the TotalBounty Widget Logic Visual allows an attacker to inject malicious code into web pages, potentially stealing user data or taking control of user sessions. This issue affects...

A weakness in Mollie Payments for WooCommerce makes it possible for attackers to inject malicious code into web pages, potentially allowing them to steal sensitive information or take control of users...

If you're using Crocoblock JetEngine, a malicious person can inject code into your website through a vulnerable feature. This allows them to potentially steal user data or take control of your site. U...

A security issue in Directorist allows unauthorized access to certain features, which could lead to sensitive information disclosure or unintended changes. Directorist versions 8.5.10 and below are af...

A security issue in Export Media URLs in Atlas Gondal's Export Media URLs (versions 2.2 and earlier) allows attackers to inject malicious code into web pages. This can lead to unauthorized actions on ...

A security issue in Faraz SMS Plugin allows attackers to inject malicious code into your website, potentially allowing them to steal user data or take control of your site. This affects the Faraz SMS ...