216.73.216.133

Threat intelligence dashboard

Today's CVEs, attack reports, and CISA KEV — CVSS, EPSS, and MITRE context at a glance.

Attack reports – last 7 days · through Friday 3 July 2026 (18)

Vulnerabilities today (61)

Sorted by CVSS severity (highest first)

6.9 Medium

An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the …

Published
03/07/2026
6.7 Medium

Puppet resource_api (shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x) does not preserve the sensitive flag on parameters defined …

Published
03/07/2026
6.4 Medium

The GenerateBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Headline Block 'linkMetaFieldType' Dynamic Link Attribute in all versions up …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The Zakra theme for WordPress is vulnerable to Stored Cross-Site Scripting via post meta values in all versions up to, and including, …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The RTMKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading widget's 'Background Text' parameter in versions up …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The JSON API User plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'content' parameter of the post_comment API endpoint …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The CM Business Directory – Optimise and showcase local business plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Business Address …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.4 Medium

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
6.0 Medium

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send …

Published
03/07/2026
5.9 Medium

In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal …

Published
03/07/2026
5.5 Medium

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
5.4 Medium

The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution …

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026
5.4 Medium

The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.

Attack vector
NETWORK
Complexity
LOW
Published
03/07/2026