CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
A vulnerability was detected in Mage AI up to version 0.9.79, affecting the function useMutation in the file mage_ai/frontend/components/Sessions/SignForm/index.tsx. Manipulating the argument query.redirect_url leads to a cross-site scripting attack.
A weakness has been identified in Jinher OA C6, affecting an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Manipulating the queryID argument can lead to SQL injection.
A security flaw has been discovered in iAI Lab PDF AI App version 4.21.0 on Android in the function getExternalCacheDir of the component chatpdf.pro. Manipulating the argument _display_name results in path traversal.
A vulnerability was identified in vertex-app vertex up to version 2026.02.12, affecting some unknown processing of the file app/model/LogMod.js of the Log Viewer Endpoint component. Manipulation of the argument req.query leads to OS command injection.
A vulnerability was identified in GL.iNet MT3000 up to version 4.4.5, affecting unknown code in the ovpnclient.sh file of the OpenVPN Client Import Workflow component. This vulnerability leads to command injection.
The Photo Gallery by 10Web plugin for WordPress is vulnerable to time-based SQL Injection via the 'compact_album_order_by' Shortcode Parameter. This affects all versions up to and including 1.8.41 due to insufficient escaping of user-supplied parameters.
The WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'location_messages' parameter in all versions up to and including 4.9.4 due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level access to inject arbitrary web scripts into pages.
The Debug Log Manager plugin for WordPress is vulnerable to improper output neutralization for logs in all versions up to 2.5.0. The issue arises from the registration of the `log_js_errors()` AJAX handler for unauthenticated users, allowing for the injection of forged entries into the debug log.
The MapPress Maps for WordPress plugin is vulnerable to Authorization Bypass Through User-Controlled Key in versions up to and including 2.96.6. The lack of ownership verification in REST API routes allows unauthorized attackers to access sensitive map data.
The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 1.1.4 via the 'invoice_id' parameter due to missing validation on a user controlled key. This allows authenticated attackers with subscriber-level access and above to download arbitrary customer invoices.
The SEO Plugin by Squirrly SEO for WordPress is vulnerable to authorization bypass in all versions up to and including 12.4.16. The issue arises from improper verification of user permissions to perform certain actions.
The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to and including 2.8.15 due to insufficient input sanitization and output escaping.
The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to and including 3.5.1.36 via the replaceHTMLImage function. This allows authenticated attackers with administrator-level access and above to read the contents of arbitrary files on the server.
The Drag and Drop Multiple File Upload plugin for Contact Form 7 in WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via 'drag_n_drop_text' and 'drag_n_drop_browse_text' settings in all versions up to and including 1.3.9.7 due to insufficient input sanitization and output escaping.
The OptinCraft – Drag & Drop Optins & Popup Builder for WordPress plugin is vulnerable to generic SQL Injection via the 'order_by' parameter in all versions up to and including 1.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses is vulnerable to Sensitive Information Exposure in all versions up to and including 4.3.6 via the 'return_type' parameter. This allows unauthenticated attackers to extract sensitive data, including plaintext post_passwords of password-protected courses and full post_content, post_author, and post_name of unpublished drafts.
The EmbedPress – PDF Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'url' attribute in blocks in all versions up to and including 4.5.3 due to insufficient input sanitization and output escaping.
The Click to Chat – WA Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the 'num' parameter in the [chat] shortcode in all versions up to and including 4.38. This is due to insufficient escaping when embedding user-supplied shortcode attribute values inside JavaScript string literals.
The WPForms – Easy Form Builder plugin for WordPress is vulnerable to insufficient verification of data authenticity in versions up to and including 1.10.0.1. This issue arises from the PayPal Commerce webhook endpoint processing unauthenticated JSON webhook payloads without verifying that the request originated from PayPal.
The Essential Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.6.4 due to insufficient restrictions in the ajax_load_more function. This allows unauthenticated attackers to extract data from password protected, private, or draft posts.

