News & Sicurezza

CVE ID :CVE-2026-39707 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Missing Authorization vulnerability in ZealousWeb Accept PayPal Payments using Contact Form 7 contact-form-7-paypal-extension allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept PayPal Payments using Contact Form 7: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39704 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing – Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals Automated Product Pricing – Pro: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39706 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Missing Authorization vulnerability in Netro Systems Make My Trivia trivialy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Make My Trivia: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39709 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39710 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Cross-Site Request Forgery (CSRF) vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Cross Site Request Forgery.This issue affects RT-Theme 18 | Extensions: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39708 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39705 Published : April 8, 2026, 9:16 a.m. | 2 hours, 39 minutes ago Description :Missing Authorization vulnerability in Mulika Team MIPL WC Multisite Sync mipl-wc-multisite-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MIPL WC Multisite Sync: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39696 Published : April 8, 2026, 9:16 a.m. | 39 minutes ago Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elfsight Elfsight WhatsApp Chat CC elfsight-whatsapp-chat allows DOM-Based XSS.This issue affects Elfsight WhatsApp Chat CC: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39701 Published : April 8, 2026, 9:16 a.m. | 39 minutes ago Description :Missing Authorization vulnerability in Andrew ShopWP wpshopify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShopWP: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39700 Published : April 8, 2026, 9:16 a.m. | 39 minutes ago Description :Missing Authorization vulnerability in WPXPO WowOptin optin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WowOptin: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39702 Published : April 8, 2026, 9:16 a.m. | 39 minutes ago Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows DOM-Based XSS.This issue affects Animation Addons for Elementor: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-39703 Published : April 8, 2026, 9:16 a.m. | 39 minutes ago Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...