Auto-Update: 2026-02-26T11:00:11.850186+00:00

Author: cad-safe-bot

CVE-2026/CVE-2026-280xx/CVE-2026-28083.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2026-28083",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2026-02-26T09:16:14.857",
+  "lastModified": "2026-02-26T09:16:14.857",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UX-themes Flatsome flatsome allows Stored XSS.This issue affects Flatsome: from n/a through <= 3.20.1."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/Wordpress/Theme/flatsome/vulnerability/wordpress-flatsome-theme-3-20-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2026/CVE-2026-281xx/CVE-2026-28131.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2026-28131",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2026-02-26T09:16:15.050",
+  "lastModified": "2026-02-26T09:16:15.050",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Retrieve Embedded Sensitive Data.This issue affects Elementor Addon Elements: from n/a through <= 1.14.4."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-201"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/Wordpress/Plugin/addon-elements-for-elementor-page-builder/vulnerability/wordpress-elementor-addon-elements-plugin-1-14-4-sensitive-data-exposure-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2026/CVE-2026-281xx/CVE-2026-28132.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2026-28132",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2026-02-26T09:16:15.217",
+  "lastModified": "2026-02-26T09:16:15.217",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-80"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/Wordpress/Plugin/woocommerce-photo-reviews/vulnerability/wordpress-woocommerce-photo-reviews-plugin-1-4-4-content-injection-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2026/CVE-2026-281xx/CVE-2026-28136.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2026-28136",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2026-02-26T09:16:15.363",
+  "lastModified": "2026-02-26T09:16:15.363",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/Wordpress/Plugin/wp-sms/vulnerability/wordpress-wp-sms-plugin-6-9-12-sql-injection-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2026/CVE-2026-281xx/CVE-2026-28138.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2026-28138",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2026-02-26T09:16:15.510",
+  "lastModified": "2026-02-26T09:16:15.510",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-502"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/Wordpress/Plugin/ulisting/vulnerability/wordpress-ulisting-plugin-2-2-0-php-object-injection-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2026-02-26T09:00:11.687090+00:00
+2026-02-26T11:00:11.850186+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2026-02-26T08:16:19.897000+00:00
+2026-02-26T09:16:15.510000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,29 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-334906
+334911
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `7`
+Recently added CVEs: `5`
 
-- [CVE-2026-1692](CVE-2026/CVE-2026-16xx/CVE-2026-1692.json) (`2026-02-26T08:16:18.160`)
-- [CVE-2026-1693](CVE-2026/CVE-2026-16xx/CVE-2026-1693.json) (`2026-02-26T08:16:18.490`)
-- [CVE-2026-1694](CVE-2026/CVE-2026-16xx/CVE-2026-1694.json) (`2026-02-26T08:16:18.763`)
-- [CVE-2026-1695](CVE-2026/CVE-2026-16xx/CVE-2026-1695.json) (`2026-02-26T08:16:19.063`)
-- [CVE-2026-1696](CVE-2026/CVE-2026-16xx/CVE-2026-1696.json) (`2026-02-26T08:16:19.323`)
-- [CVE-2026-1697](CVE-2026/CVE-2026-16xx/CVE-2026-1697.json) (`2026-02-26T08:16:19.620`)
-- [CVE-2026-1698](CVE-2026/CVE-2026-16xx/CVE-2026-1698.json) (`2026-02-26T08:16:19.897`)
+- [CVE-2026-28083](CVE-2026/CVE-2026-280xx/CVE-2026-28083.json) (`2026-02-26T09:16:14.857`)
+- [CVE-2026-28131](CVE-2026/CVE-2026-281xx/CVE-2026-28131.json) (`2026-02-26T09:16:15.050`)
+- [CVE-2026-28132](CVE-2026/CVE-2026-281xx/CVE-2026-28132.json) (`2026-02-26T09:16:15.217`)
+- [CVE-2026-28136](CVE-2026/CVE-2026-281xx/CVE-2026-28136.json) (`2026-02-26T09:16:15.363`)
+- [CVE-2026-28138](CVE-2026/CVE-2026-281xx/CVE-2026-28138.json) (`2026-02-26T09:16:15.510`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `3`
+Recently modified CVEs: `0`
 
-- [CVE-2025-14104](CVE-2025/CVE-2025-141xx/CVE-2025-14104.json) (`2026-02-26T08:16:15.540`)
-- [CVE-2025-14963](CVE-2025/CVE-2025-149xx/CVE-2025-14963.json) (`2026-02-26T08:16:15.703`)
-- [CVE-2026-27900](CVE-2026/CVE-2026-279xx/CVE-2026-27900.json) (`2026-02-26T07:16:18.990`)
 
 
 ## Download and Usage

_state.csv

@@ -291666,7 +291666,7 @@ CVE-2025-14097,0,0,01eec471e7a5b63e12550c41221d4555b682aeeec48dac0a8af31fe276be9
 CVE-2025-1410,0,0,378612357971d4b696c408ec520cafd31ff9f1e3874e42bd65ea24e4bb90dfff,2025-02-25T03:35:42.633000
 CVE-2025-14101,0,0,c63857e19b9eb0efb61352916568ab0622ea55f7663d9125124093677e82d41f,2025-12-18T15:08:06.237000
 CVE-2025-14103,0,0,13f4172e3ee04ed082bd7ec496e96b64d96eed9874e86aab100853ae44f28bc2,2026-02-25T20:20:07.867000
-CVE-2025-14104,0,1,52fbf0cc2fc022402e688d7b214eecca5d68b1f44c0b03eb19037f93e5b7a99e,2026-02-26T08:16:15.540000
+CVE-2025-14104,0,0,52fbf0cc2fc022402e688d7b214eecca5d68b1f44c0b03eb19037f93e5b7a99e,2026-02-26T08:16:15.540000
 CVE-2025-14105,0,0,1ae26a6547cc1bc642548fd27e12817ecec8e15ce1077c8f867f9fc6b485ffb2,2025-12-08T18:26:49.133000
 CVE-2025-14106,0,0,8f6a6879224727b1bdacc75a0c6f8c18b6a14bf315387643bfefc8406d1521a8,2025-12-16T08:15:51.927000
 CVE-2025-14107,0,0,c9c933595d71c4b391531e213d12f6bc9f4fb11bec75ede7539c80898e1b23f4,2025-12-16T08:15:52.147000
@@ -292429,7 +292429,7 @@ CVE-2025-1496,0,0,a4aedc05463464b0b0db9ecdbf496d2ffeb22a8101971cbcb59743f976aa3f
 CVE-2025-14960,0,0,4c079edb5a0baad760ba448a9ca0cb41be2659d7299a237a7f836f23c33a4ce0,2025-12-30T17:55:51.423000
 CVE-2025-14961,0,0,4da817bbd7d132067739512225350c628fa5fbe5f40b2518b43fc164a24ca12b,2025-12-30T18:14:40.710000
 CVE-2025-14962,0,0,0a584a717806756d71183a52dd1730dee5be395b25d4dfe1b5d63964cf9c7152,2026-02-24T06:16:30.737000
-CVE-2025-14963,0,1,591f18d4437fc133b11b0e2510cda7cba5d43ec3b90e7a95a5b2e6a1e7e6cdc0,2026-02-26T08:16:15.703000
+CVE-2025-14963,0,0,591f18d4437fc133b11b0e2510cda7cba5d43ec3b90e7a95a5b2e6a1e7e6cdc0,2026-02-26T08:16:15.703000
 CVE-2025-14964,0,0,9cedbc5a4e70380318d4cf5e970feba8589c19167fa40f6a27db4ad74d32b9eb,2025-12-30T18:16:07.343000
 CVE-2025-14965,0,0,70eff005f03d826b988adab309f8a59469bc41b4446062acca89b82e949d088f,2025-12-27T20:15:40.863000
 CVE-2025-14966,0,0,d09d5c22845cfd3b2f1a77ae231eb55fc876fc0c6b711a16f60f3b65cbd56dfe,2026-02-24T06:16:31.150000
@@ -330880,13 +330880,13 @@ CVE-2026-1688,0,0,b77a7859bf10a924e0b5e4bef9b6da8e59a018ddd774fbba6ada19b319b366
 CVE-2026-1689,0,0,5629ca07ed6263d7ec68a2737982ca005e5323c471bd240aece1e6a2ff34399d,2026-02-10T14:18:11.040000
 CVE-2026-1690,0,0,a7b85d40e87086b801bda5b1322852cb5d49c66747c670e3e8d878ad275df2d9,2026-02-10T14:34:50.513000
 CVE-2026-1691,0,0,e191e50175f940ff0f4566f4e97df5c304d9013f97bb58c3e411b0364fc116e7,2026-02-04T16:34:21.763000
-CVE-2026-1692,1,1,e1a9b748a634659027991ffbb161b9e7821749974bf26264ea209256bef3ca96,2026-02-26T08:16:18.160000
-CVE-2026-1693,1,1,42b50f24137bb132095b71e46a5563b0f24eb718db2983abb223ce93940ff5e4,2026-02-26T08:16:18.490000
-CVE-2026-1694,1,1,98cf85408cbed27d516d95a37bd3daee8cd441f7982a807468898d1352c1cc42,2026-02-26T08:16:18.763000
-CVE-2026-1695,1,1,0425962862309556dbd28b872ff5117c274acfac24c9396652145b91f8da7e14,2026-02-26T08:16:19.063000
-CVE-2026-1696,1,1,c19276e754ed402520ffb652ebd7610dbd46fd8a6c30028649218e1b164b22d9,2026-02-26T08:16:19.323000
-CVE-2026-1697,1,1,5e795e443cc13670c0db9fac481789053a9d990539c390c9e54938f1aef4b373,2026-02-26T08:16:19.620000
-CVE-2026-1698,1,1,2adcf2e2962904a713a120d7660d2d6c92b4d890e3238eb2e36383b46c603746,2026-02-26T08:16:19.897000
+CVE-2026-1692,0,0,e1a9b748a634659027991ffbb161b9e7821749974bf26264ea209256bef3ca96,2026-02-26T08:16:18.160000
+CVE-2026-1693,0,0,42b50f24137bb132095b71e46a5563b0f24eb718db2983abb223ce93940ff5e4,2026-02-26T08:16:18.490000
+CVE-2026-1694,0,0,98cf85408cbed27d516d95a37bd3daee8cd441f7982a807468898d1352c1cc42,2026-02-26T08:16:18.763000
+CVE-2026-1695,0,0,0425962862309556dbd28b872ff5117c274acfac24c9396652145b91f8da7e14,2026-02-26T08:16:19.063000
+CVE-2026-1696,0,0,c19276e754ed402520ffb652ebd7610dbd46fd8a6c30028649218e1b164b22d9,2026-02-26T08:16:19.323000
+CVE-2026-1697,0,0,5e795e443cc13670c0db9fac481789053a9d990539c390c9e54938f1aef4b373,2026-02-26T08:16:19.620000
+CVE-2026-1698,0,0,2adcf2e2962904a713a120d7660d2d6c92b4d890e3238eb2e36383b46c603746,2026-02-26T08:16:19.897000
 CVE-2026-1699,0,0,4582cad873d004845eb670205bf422a0d73d0d97bde34297eaaf73b21df6c9c7,2026-02-04T16:34:21.763000
 CVE-2026-1700,0,0,bd72ea8a18e6146a92bdd241bbe4d60a876b0f8e3ce9bd0ba566ff6a99593579,2026-02-13T18:06:05.110000
 CVE-2026-1701,0,0,265b6b4de1136bb1d5914a5c17cf287212cffe6a8cdcb3f30be9179eb64ff688,2026-02-18T06:16:34.687000
@@ -334662,7 +334662,7 @@ CVE-2026-2789,0,0,54782ce8155f4cf2d3eb970e551071e38ac036cf6f32fb9d9fa084f5044e0c
 CVE-2026-27896,0,0,1a6549eafeecd361a71cdff587b7c5a574eb0b49d8ae6965d7fb3111be88f3f0,2026-02-26T01:16:25.630000
 CVE-2026-27899,0,0,3126d61d9d129582337987f04706bb42bec7da63952198fd560e9fca01645487,2026-02-26T02:16:20.557000
 CVE-2026-2790,0,0,b25cb383ef236e76c3cea3d1e0331cb255c3f81135f1d97c6d7631e8c4ada5f3,2026-02-25T14:39:44.393000
-CVE-2026-27900,0,1,51fac8125c8d677e7bdf644df51d32aa3a65bd5ae95ef231d8e1a5088215c7c2,2026-02-26T07:16:18.990000
+CVE-2026-27900,0,0,51fac8125c8d677e7bdf644df51d32aa3a65bd5ae95ef231d8e1a5088215c7c2,2026-02-26T07:16:18.990000
 CVE-2026-27901,0,0,9c40b386a085b94788f5522cf6ecf02eb1af3ed54e81ae015c445d7b5b9d9e85,2026-02-26T02:16:20.967000
 CVE-2026-27902,0,0,3526c4b3c411789f4a9b5979a39e4ba53308acf557ca60136e5edab68cd3ff43,2026-02-26T02:16:21.170000
 CVE-2026-27903,0,0,f6504f8ef201445d429cac7926183ee2ed13889e9147cafb7bcd9b0c78c71150,2026-02-26T02:16:21.353000
@@ -334709,6 +334709,11 @@ CVE-2026-2804,0,0,ff0946aac68765f2064088b9ddf31a1896bc9370339381babd0dc454b58174
 CVE-2026-2805,0,0,6efef59f6850c20800591ee5507c8231fba27611c50b33109f26e18b8ddf82bc,2026-02-25T22:16:28.247000
 CVE-2026-2806,0,0,c9255c229c50758bbebb40e3ce852130d2972d1760c10139bca481726799174e,2026-02-25T22:16:28.437000
 CVE-2026-2807,0,0,a55213e3aed861c8638b894b969088394221306a71610bab70e6aabc05e46abd,2026-02-25T19:43:24.757000
+CVE-2026-28083,1,1,00429bfb2e45c5d1a5bc9d3d766ba968b1f921ff1134e382cc2bbc43ff93afad,2026-02-26T09:16:14.857000
+CVE-2026-28131,1,1,80f9d1d4e102de234a2e2246c1a0bc609c23017385ff921907aaadc07b11c773,2026-02-26T09:16:15.050000
+CVE-2026-28132,1,1,5eb9c2452a45b95bacd3624444460073fcb28f298d774c1e99e50fc4e5987409,2026-02-26T09:16:15.217000
+CVE-2026-28136,1,1,fa019f1908a326297f9d03cf1373e1069e3cb2f7ce1a441cda83fe61298f6267,2026-02-26T09:16:15.363000
+CVE-2026-28138,1,1,ae5304ca7abc0ad7402506562246fb5e17d2f8dc020b1ff88dc3647159b47709,2026-02-26T09:16:15.510000
 CVE-2026-2817,0,0,4fe2301c75ba0d1a541656044a69e243413adce0693b13aa068fb7d1a84f6831,2026-02-20T13:49:47.623000
 CVE-2026-2818,0,0,184247530971592cb3c6ae458fa5550515e95e0dae32f1391cbab3934df79c20,2026-02-20T18:57:15.973000
 CVE-2026-2819,0,0,2fa943bea09f1b16ff116c0c38ec42799e8a2ef8c5cfdcdff67b6657529ad12c,2026-02-20T13:49:47.623000