Threat Intelligence Database

The HD Quiz WordPress plugin version 2.2.0 is vulnerable to a Cross-Site Request Forgery (CSRF) attack due to missing or incorrect nonce validation in the hdq_validate_nonce function. This vulnerability allows unauthenticated attackers to trick site administrators into performing unwanted actions such as deleting or modifying quizzes and questions, creating new quizzes, and changing plugin settings via forged requests. The vulnerability has a medium severity rating with a CVSS score of 4.3.

The CodePeople Post Map for Google Maps WordPress plugin is affected by a stored cross-site scripting (XSS) vulnerability in the 'cpm_point' post meta. This vulnerability exists in all versions up to and including 1.2.6. Authenticated users with Contributor-level access or higher can inject malicious scripts that execute when other users view the affected pages. The vulnerability arises from insufficient input sanitization and output escaping.

Groundhogg — CRM, Newsletters, and Marketing Automation WordPress plugin versions up to and including 4.5.5 are vulnerable to SQL Injection via the 'query[select]' parameter. Authenticated users with Sales Representative-level access or higher can exploit this vulnerability by injecting additional SQL queries due to insufficient input escaping and fallback to an unsanitized legacy query path when an invalid filter type is supplied. This vulnerability allows extraction of sensitive database information without impacting data integrity or availability.

Groundhogg — CRM, Newsletters, and Marketing Automation WordPress plugin versions up to and including 4.5.5 contain an SQL Injection vulnerability via the 'search' parameter. This vulnerability allows authenticated users with marketer-level access or higher to inject additional SQL commands due to insufficient input escaping and query preparation. The vulnerability can lead to unauthorized disclosure of sensitive database information. No official patch or remediation guidance is currently confirmed.

The Ivory Search – WordPress Search Plugin is affected by a stored cross-site scripting (XSS) vulnerability in the 'menu_title' and 'menu_magnifier_color' settings. This vulnerability exists in all versions up to and including 5.5.15 due to insufficient input sanitization and output escaping. It allows authenticated users with administrator-level privileges or higher to inject malicious scripts that execute when other users access the affected pages. The vulnerability has a medium severity rating with a CVSS score of 4.4.

HCL Traveler for Microsoft Outlook versions prior to 3.0.15 contains a vulnerability where sensitive information is inserted into log files. This exposure could allow an attacker with local access to gather sensitive application data, potentially facilitating further attacks. The vulnerability does not impact integrity or availability but results in high confidentiality impact. No official patch or remediation guidance is currently confirmed.

ThreatFox IOCs for 2026-06-26

CVE-2026-56414 is a high-severity vulnerability in the H.VIEW HV-500S6 IP Camera. Authenticated users can upload arbitrary files via certificate-related upload interfaces without validation of file type, structure, or size. This allows placing unexpected or malformed data in filesystem locations intended for trusted certificate material, potentially impacting system integrity or behavior even after reboot.

CVE-2026-55975 is a high-severity vulnerability in the H.VIEW HV-500S6 IP Camera. An authenticated user can supply unsanitized XML input to the device's certificate generation interface. This input is used in a backend command without proper validation, potentially allowing command execution with elevated privileges during certificate creation.

CVE-2026-33560 is a high-severity vulnerability in the Daktronics VFC-DMP-5000 file service. Authenticated users can upload arbitrary files without any validation or filtering, including executable binaries and scripts. This lack of file extension or content inspection allows potentially malicious files to be written directly to the server, posing a risk of code execution or system compromise.