- March 18, 2026The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including,…
- March 18, 2026The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up…
- March 18, 2026The LottieFiles plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…
- March 18, 2026The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation…
- March 18, 2026The Booked - Appointment Booking for WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to,…
- March 18, 2026The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in…
- March 18, 2026The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in…
- March 18, 2026The FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More plugin for WordPress is vulnerable…
- March 18, 2026The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass…
- March 18, 2026The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin…
- March 18, 2026The LMS Elementor Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4.…
- March 18, 2026The WeDesignTech Ultimate Booking Addon plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including,…
- March 18, 2026The W3 Total Cache plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including,…
- March 18, 2026The Wholesale Lead Capture Plugin for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file…
- March 18, 2026The Wholesale Lead Capture Plugin for WooCommerce plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,…
- March 18, 2026The s2Member plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,…
- March 18, 2026The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the…
- March 18, 2026The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3.…
- March 18, 2026The Prodigy Commerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0…
- March 18, 2026The Clasifico Listing plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0. This is…
