CVE Vulnerabilities - 8 April 2026

AnyTrack Affiliate Link Manager versions up to 1.5.5 have a security flaw that allows unauthorized access to configuration settings. This means that an attacker could potentially make changes to the s...

An issue in Mailercloud's webform integration feature allows unauthorized access to sensitive data. This is a concern for businesses that use Mailercloud to collect and manage contact information from...

The RT-Theme 18 extension for certain platforms allows attackers to access sensitive information that was meant to be kept private. This puts sensitive data at risk of being stolen. Update the RT-Them...

The Tribal's messaging system contains a flaw that can expose sensitive information sent through it. This means that private or confidential data, such as passwords or personal details, could be accid...

A security issue in Accept PayPal Payments using Contact Form 7 allows unauthorized access to certain features. This affects versions 4.0.4 and earlier. If not addressed, an attacker could potentially...

The Mulika Team MIPL WC Multisite Sync software has a security issue that allows an attacker to access parts of the system they shouldn't be able to. This is because access controls are not properly s...

WPBITS Addons For Elementor, a plugin for Elementor page builder, has a security issue that allows hackers to inject malicious code into a website. This can lead to unauthorized actions, such as steal...

If not properly configured, the ShopWP plugin for WordPress may allow an attacker to access certain areas of the site without permission, potentially leading to data theft or other security breaches. ...

A security flaw in AI Workflow Automation Lite allows unauthorized users to access areas they shouldn't. This affects versions 1.0 through 1.4.2. To stay secure, update to a patched version or consult...

If not properly set up, the HBSS Technologies MAIO tool can let unauthorized users access its settings. This is a concern because it could allow someone to make changes that they shouldn't be able to ...

Podigee's server can be tricked into sending requests to incorrect or malicious servers, potentially allowing attackers to access sensitive information or disrupt services. This issue affects Podigee ...

The fsm-custom-featured-image-caption plugin for WordPress allows an attacker to inject malicious code into image captions, potentially allowing them to take control of a website. This issue affects a...

The AdAstraCrypto Cryptocurrency Donation Box did not properly control access to its features, allowing unauthorized individuals to potentially exploit this security weakness. This affects the securit...

A security issue in eShipper Commerce versions 2.16.12 and earlier allows unauthorized access to sensitive data. This means that if not properly configured, attackers could access information they sho...

A security flaw in Rapid Car Check Vehicle Data allows unauthorized users to access sensitive vehicle information. This affects the free-vehicle-data-uk service, which provides vehicle data to users. ...

A security issue in BSK PDF Manager, versions 3.7.2 and earlier, allows unauthorized access to sensitive system information. This could potentially allow attackers to obtain confidential data. Update ...

A security issue affects The Moneytizer software. If not properly set up, it may allow unauthorized users to access sensitive information. Update to the latest version to fix this issue.

The Garden Gnome Package software has a security flaw that allows hackers to inject malicious code into the software's web interface. This means that if a user visits a website using this software, th...

A security issue in ApusTheme Homeo could allow an attacker to access and view files on your server. This is a serious issue because it could allow hackers to steal sensitive information or disrupt yo...

A vulnerability in Freeio, a website template, allows attackers to access sensitive local files. This means that if an attacker can trick the website into including a malicious file, they can access a...

A security weakness in Emphires allows hackers to access sensitive files on your local system. This means a malicious user could potentially view or modify your sensitive data. You should update to th...

A security issue in Shahjada Download Manager allows unauthorized users to access features they should not have access to. This could lead to sensitive data being accessed or modified. Update to the l...

A security issue in Court Reservation software allows unauthorized access to sensitive features when access control is misconfigured. This means that users with incorrect security settings can potenti...

The Google Distance Calculator, a tool used to calculate distances between locations, has a security issue that allows hackers to inject malicious code into users' browsers. This can potentially allow...

The iZooto web push feature has a security issue that allows unauthorized access to user data. This affects all versions of iZooto from 3.7.20 and earlier. To fix this, update to a newer version of iZ...