- April 24, 2026The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manage_admin_requests' function in all versions up…
- April 23, 2026The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the…
- April 23, 2026The Create DB Tables plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.2.1.…
- April 21, 2026The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.3…
- April 19, 2026The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in…
- April 19, 2026The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to Privilege Escalation in all versions…
- April 18, 2026The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due…
- April 18, 2026The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1.…
- April 1, 2026The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions…
- April 1, 2026The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution…
