Vulnerability Search

8.8

Plugin

02.02.2026

<= 1.8.3

OS DataHub Maps

Authenticated (Author+) Arbitrary File Upload

5.3

Plugin

02.02.2026

<= 3.9.5

Tutor LMS

Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX Action

8.1

Plugin

02.02.2026

<= 3.9.5

Tutor LMS

Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Course Modification and Deletion

7.2

Plugin

02.02.2026

<= 5.2.5

LatePoint – Calendar Booking Plugin for Appointments and Events

Unauthenticated Stored Cross-Site Scripting

7.1

Plugin

02.02.2026

<= 1.15.35

Form Maker by 10Web

Unauthenticated Stored Cross-Site Scripting via Hidden Field