CVE-2026-39451

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

25 plugins/themes with vulnerabilities disclosed today and no patch available. Uninstall and remove them immediately if they haven’t been updated. Deactivating is not enough. Those who have the free Wordfence plugin will only receive protection in 30 days. You are on your own.

Plugin Name | CVE-ID

SP Project & Document Manager | CVE-2026-10737

Product Filter Widget for Elementor | CVE-2026-45437

WP Google Review Slider | CVE-2026-39451

DeMomentSomTres Shortcodes | CVE-2026-8885

Easy Cart | CVE-2026-4080

FPW Category Thumbnails | CVE-2026-2382

ZeM STL | CVE-2026-4081

hiWeb Migration Simple | CVE-2026-2425

rognone | CVE-2026-1451

rognone | CVE-2026-1450

WP Nano AD | CVE-2025-5085

Tiled Gallery Carousel Without JetPack | CVE-2026-5191

Booknetic | CVE-2026-25439

Wp EMember | CVE-2026-49077

Passeum Ticketing | CVE-2026-7421

Word Replacer | CVE-2026-3620

BirdSeed | CVE-2026-4071

EmergencyWP | CVE-2026-9732

Google Plus One Bottom | CVE-2026-9723

JTL-Connector for WooCommerce | CVE-2026-9234

Laiser Tag | CVE-2026-9722

Remove meta boxes per user role | CVE-2026-8422

Remove NoFollow Commenter URL | CVE-2026-9730

Tectite Forms | CVE-2026-9599

Recently, attacks started within 50 minutes of disclosure.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-39451

Affected Products

Undefined

CVE-2026-39451

Related Identifiers

Affected Products

References · 1