216.73.217.98

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Friday 10 July 2026 (8)

Vulnerabilities today (147)

Sorted by CVSS severity (highest first)

6.4 Medium

The Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The All-in-One Video Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.8.5 via …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The BuddyHolis TableSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Animation Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'weather_style' and 'move_direction' parameters of the …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The affiliate-toolkit – WP Affiliate Plugin with Amazon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'atkp_product' shortcode …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Sudoku Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'background' parameter in the 'sudoku-sc' shortcode in all …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The Plus Addons for Elementor plugin for WordPress was vulnerable to Authenticated (Contributor+) Stored Cross-Site Scripting via the Button widget's `custom_attributes` setting …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.4 Medium

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_page_id' parameter in versions up to, …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Affected by this issue is some unknown functionality of the file …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.3 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable …

Published
10/07/2026
6.3 Medium

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads could be exposed by pull_hotlinked_images when an …

Published
10/07/2026
6.1 Medium

The ICS Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'htmltagtitle' parameter in all versions up to, and …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026
6.1 Medium

The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via …

Attack vector
NETWORK
Complexity
LOW
Published
10/07/2026