Live vulnerability tracking

WordPress security
alerts that matter

Get notified the moment a vulnerability is found in WordPress core, your plugins, or your theme. Free newsletter + personalised alerts for your sites.

I agree to receive the WP Alerts newsletter and accept the Privacy Policy.

Double opt-in · GDPR compliant · Unsubscribe anytime

Security overview Last 7 days

Critical

High

165

Medium

Subscribers

246 total vulnerabilities tracked

Everything you need to stay secure

One platform for all WordPress security intelligence.

🔍

Site Scanner

Scan any WordPress site to detect installed plugins, themes and core version — then instantly check for known vulnerabilities.

📬

Daily Newsletter

Receive a curated daily digest of new WordPress vulnerabilities. Critical issues get their own immediate alert.

🎯

Personalized Alerts

Monitor your specific sites. Get an email only when a vulnerability affects plugins or themes you actually use.

🚫

Closed Plugin Tracker

Track plugins removed from the WordPress.org repository — often a sign of a serious security issue.

🔗

WP Plugin Integration

Install our free WordPress plugin on your site for automatic detection of all installed components — no manual URL entry.

🛡️

GDPR Compliant

Double opt-in, transparent data use, easy one-click unsubscribe. Your data stays in the EU. No tracking.

Latest vulnerabilities

Most recent WordPress security issues from all sources.

Scan your site →

6.4

EUVD-2026-30261 (CVE-2026-6504) — The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to …

MEDIUM Plugin CVE-2026-6504 May 14, 2026

5.3

EUVD-2026-30257 (CVE-2026-6145) — The User Registration & Membership plugin for WordPress is vulnerable to Missin…

MEDIUM Plugin CVE-2026-6145 May 14, 2026

5.3

EUVD-2026-30260 (CVE-2026-6206) — The MW WP Form plugin for WordPress is vulnerable to Information Exposure in al…

MEDIUM Plugin CVE-2026-6206 May 14, 2026

6.4

EUVD-2026-30259 (CVE-2026-6174) — The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scri…

MEDIUM Plugin CVE-2026-6174 May 14, 2026

6.5

EUVD-2026-30256 (CVE-2026-6670) — The Media Sync plugin for WordPress is vulnerable to Path Traversal in all vers…

MEDIUM Plugin CVE-2026-6670 May 14, 2026

6.4

EUVD-2026-30252 (CVE-2026-6252) — The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Sc…

MEDIUM Plugin CVE-2026-6252 May 14, 2026

6.4

EUVD-2026-30244 (CVE-2026-3694) — The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site S…

MEDIUM Plugin CVE-2026-3694 May 14, 2026

4.3

EUVD-2026-30249 (CVE-2026-5365) — The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery …

MEDIUM Plugin CVE-2026-5365 May 14, 2026

6.5

EUVD-2026-30251 (CVE-2026-6225) — The Taskbuilder – Project Management & Task Management Tool With Kanban Board p…

MEDIUM Plugin CVE-2026-6225 May 14, 2026

6.5

EUVD-2026-30248 (CVE-2026-5193) — The Essential Addons for Elementor – Popular Elementor Templates & Widgets plug…

MEDIUM Plugin CVE-2026-5193 May 14, 2026

Recently removed from WordPress.org

These plugins were closed/removed from the repository.

🚫

epic-gallery

epic-gallery