Patch WebinarIgnition CVE-2026-40797 by updating to 4.09.86 or newer, reviewing webinar registrations and users, clearing cache, and verifying webinar flows.
JoomSport versions through 5.7.7 are affected by recent unauthenticated SQL injection CVEs. Update WordPress sites to 5.7.8 or newer.
Patch Ghost CMS CVE-2026-26980, rotate API keys, and clean injected ClickFix scripts after active Ghost site poisoning.
CISA now lists Drupal CVE-2026-9082 in KEV. Patch PostgreSQL-backed Drupal sites first, then update Symfony and Twig dependencies across supported Drupal 10 and 11 sites.
CVE-2026-2993 affects AIWU / AI Copilot – Content Generator through 1.4.17. Disable or remove it, review data, and rotate connected keys.
Update BetterDocs Pro to 3.7.1 or newer for CVE-2026-4348, then review public documentation sites and hosted WordPress accounts safely.
