- April 19, 2026The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to Privilege Escalation in all versions…
- April 18, 2026The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due…
- April 18, 2026The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1.…
- April 1, 2026The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions…
- April 1, 2026The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution…
- March 30, 2026The RewardsWP – Loyalty Points & Referral Program for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation in all…
- March 30, 2026The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation…
- March 29, 2026The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.4.9…
- March 24, 2026The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,…
- March 24, 2026The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and…
- March 23, 2026The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is…
- March 23, 2026The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all…
- March 23, 2026The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Privilege Escalation in version 2.5.2.…
- March 23, 2026The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Remote Code Execution in all versions up to,…
- March 23, 2026The g-FFL Checkout plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- March 23, 2026The Workreap Core plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 3.4.0. This…
- March 23, 2026The Modular DS: Monitor, update, and backup multiple websites plugin for WordPress is vulnerable to Privilege Escalation in all versions…
- March 23, 2026The Aimogen Pro plugin for WordPress is vulnerable to Arbitrary Function Call that can lead to privilege escalation due to…
- March 23, 2026The Datalogics Ecommerce Delivery – Datalogics plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.6.60…
- March 23, 2026The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass…
