CVE Vulnerabilities - 20 February 2026

The OpenClaw npm package's cron webhook feature allows unauthorized access to internal server data. This could happen if an attacker sends a malicious request to the webhook. Update OpenClaw to versio...

A security flaw in Product Filter for WooCommerce allows a hacker to access sensitive data they shouldn't be able to see. This affects all versions of the plugin up to 9.1.2. To stay secure, update to...

A security issue in LottieFiles allows unauthorized users to access certain files. This is a concern because it could lead to sensitive information being accessed by people who shouldn't have access t...

A security weakness in the Fujian Smart Integrated Management Platform System version 7.5 allows hackers to inject malicious SQL code, potentially giving them access to sensitive data. This could happ...

The Fujian Smart Integrated Management Platform System versions up to 7.5 have a security flaw that allows hackers to inject malicious code into the system. This could potentially allow attackers to a...

A security flaw in the Web Management Interface of UTT HiPER 520 allows a hacker to execute unauthorized commands on the device from anywhere. This could allow an attacker to access sensitive data or ...

A security issue in UTT HiPER 520's web interface allows an attacker to execute unauthorized code on the device remotely. This can occur when a specially crafted input is sent to the device. To stay s...

The Oxygen server software has a security weakness that allows hackers to trick it into visiting unauthorized websites. This can happen if an attacker sends the server a specially crafted request. To ...

A vulnerability in the Wren compiler can allow an attacker with local access to read sensitive data from the system. This affects versions of Wren up to 0.4.0. To protect your system, update to the la...

ADB Explorer on Windows versions 0.9.26020 and below can be tricked into deleting any directory on the user's computer, including important files and folders. This can happen if a user clicks on a mal...

The Key Systems Inc Global Facilities Management Software may leak sensitive information to attackers if they know the format of the query parameter 'sid'. This could compromise the security of your d...

The PixelYourSite website manager has a security flaw that allows hackers to inject malicious code into websites using the service, potentially allowing them to steal sensitive information or take con...

A security issue in Whizz Plugins allows hackers to inject malicious code into web pages. This could lead to unauthorized access to user data or fake login prompts. Update to the latest version of Whi...

A vulnerability in PhotoMe's theme allows hackers to inject malicious code into your website, potentially allowing them to steal sensitive information or take control of your site. This issue affects ...

The Reflector plugin for Fox-Themes has a security issue that could allow hackers to inject malicious code into a website, potentially stealing user data or spreading malware. If you're using the Refl...

The Grand Conference website has a security weakness that allows hackers to inject malicious code into the website. This could be used to steal user information or take control of users' accounts. Upd...

A security flaw in Link Whisper Free allows hackers to inject malicious code into web pages, potentially stealing user data or taking control of the page. This affects users of Link Whisper Free versi...

A security issue exists in Persian Woocommerce SMS, a plugin used by online stores. If not addressed, attackers could inject malicious code into web pages, potentially stealing user data or taking con...

A security issue in iMoney allows attackers to steal sensitive information from users by tricking them into clicking on malicious links. This affects iMoney versions 0.37 and earlier. Update to the la...

The GT3themes Diamond software does not properly filter user input, allowing hackers to inject malicious code into your website. This could let them steal sensitive data or display fake websites that ...

A security flaw in Themebon Business Template Blocks for WPBakery (Visual Composer) allows hackers to inject malicious code into pages. This could lead to unauthorized access to sensitive data or even...

A security issue in the Visitor Maps plugin can allow an attacker to inject malicious code into your website, potentially stealing user data or taking control of your site. This affects versions 1.2.6...

An attacker can inject malicious code into your website, potentially stealing sensitive information or taking control of your site. This affects RVCFDI Para Woocommerce plugins installed on your WordP...

A security issue in WordPress's wpdiscover Timeline Event History plugin allows an attacker to inject malicious code into a website, potentially stealing user data or taking control of the site. This ...

A security issue in WooCommerce Bulk Product Editor could allow unauthorized users to access and edit products, even if they shouldn't have permission. This affects versions up to 3.0 of the plugin. T...