May 5, 2026CVE-2025-13618 reveals a critical privilege escalation vulnerability in the Mentoring plugin for WordPress (up to 1.2.8). Unauthenticated attackers can gain…- May 4, 2026The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type…
- May 4, 2026The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is…
- May 4, 2026The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation…
- May 4, 2026The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including,…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026The Datalogics Ecommerce Delivery – Datalogics plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
- April 28, 2026The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.2.14. This…
- April 28, 2026The Private Content plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 8.11.5. This…
- April 28, 2026The Masteriyo LMS PRO plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.20.0.…
- April 27, 2026All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the…
