CVE Vulnerabilities - 20 February 2026

A security weakness in Capella versions up to 2.5.5 makes it possible for attackers to inject malicious code into your system. This could potentially lead to unauthorized access or data corruption. We...

The Prestige software is vulnerable to a security threat that could allow an attacker to inject malicious code into the system. This could lead to unauthorized actions being taken on the system. To st...

PhotoMe users are at risk of data tampering if an attacker sends specially crafted data. This affects PhotoMe versions up to 5.6.11. Update to version 5.6.12 or later to fix the issue.

The BoldThemes Ippsum ippsum software does not properly handle untrusted input, which can lead to malicious code being executed. This can potentially allow an attacker to take control of the affected ...

The Travelicious website has a weakness that could allow an attacker to inject malicious data, potentially leading to unauthorized changes to the website's behavior. This issue affects all versions of...

Nestin, a plugin for BoldThemes, contains a security flaw that lets attackers inject malicious code into the application. This can happen when the plugin is not properly configured or when user input ...

The PatioTime software fails to properly validate user input, allowing attackers to inject malicious objects. This means a hacker could potentially take control of your system or steal sensitive infor...

A security issue in Talentics software allows an attacker to inject malicious code into the database, potentially stealing sensitive information or disrupting the system. This could happen if an attac...

If not updated, Acronis Cyber Protect Cloud Agent, Acronis Cyber Protect 16, and Acronis Cyber Protect 15 may allow unauthorized access to sensitive information and potentially allow attackers to mani...

The Tassos Framework plugin for Joomla has a security issue that could let attackers access internal functions without permission. This could potentially allow them to do things they shouldn't be able...

A security issue in Key Systems Global Facilities Management Software could let an attacker access sensitive areas of a building's management system by exploiting a weakness in the way users log in. T...

An attacker can reset any user's password, including the administrator's, without needing a password. This could allow them to take full control of the affected account. Update Smanga to a fixed versi...

An attacker can use a specially crafted XML file to bypass security checks and inject malicious code into the parsed output, potentially leading to cross-site scripting attacks. This issue affects the...

A security flaw in Download Manager Addons for Elementor allows hackers to access sensitive data. This affects the plugin if you're using version 1.3.0 or earlier. Update to the latest version to prot...

A security issue in Emerce Core allows attackers to access sensitive data without permission, potentially leading to unauthorized access to customer information. This affects versions 1.0 to 1.8 of Em...

The Uroan Core software has a security flaw that allows hackers to inject malicious SQL commands. This could allow an attacker to access sensitive data or disrupt the website. Update to version 1.4.5 ...

A fault in Wolmart Core's database handling allows attackers to extract sensitive information by manipulating user input. This could, for example, allow hackers to access user passwords or other sensi...

A security flaw in Woodly Core software allows hackers to potentially access sensitive user data by manipulating the way the software interacts with its database. This could lead to unauthorized acces...

An issue in Saasplate Core allows attackers to inject malicious SQL code, potentially exposing sensitive data. This affects users of Saasplate Core versions up to 1.2.8. To protect your data, update t...

The Nestbyte Core software has a security flaw that could allow an attacker to access sensitive data in the database without being detected. This means that unauthorized access to confidential informa...

The Medinik Core software has a security flaw that makes it vulnerable to a type of attack that can extract sensitive information from a database. This could allow an attacker to access confidential d...

A security flaw in Electio Core theme allows attackers to access your website's database without you knowing. This means they can potentially steal sensitive information or disrupt your site. Update t...

A security issue in Crete Core's database system allows an attacker to inject malicious SQL code, potentially allowing them to access or modify sensitive information. This affects Crete Core versions ...

A security issue in Allmart's TeconceTheme allmart-core software allows attackers to access sensitive data by manipulating SQL commands. This could lead to unauthorized access to sensitive information...

Coven Core plugins may allow unauthorized access to sensitive data. This is a serious issue because attackers can extract confidential information from your website. Update to Coven Core version 1.4 o...