- April 6, 2026The Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting plugin for WordPress is vulnerable to SQL…
- April 6, 2026The Widget Wrangler plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.3.9.…
- April 6, 2026The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in…
- April 6, 2026The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3.…
- April 6, 2026The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and…
- April 6, 2026The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via…
- April 6, 2026The SMTP Mailer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.24.…
- April 6, 2026The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 6.1.7…
- April 6, 2026The Creator LMS – Online Courses and eLearning Plugin plugin for WordPress is vulnerable to Privilege Escalation in all versions…
- April 6, 2026The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and…
- April 6, 2026The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to SQL Injection in…
- April 6, 2026The Product Rearrange for WooCommerce plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.2.2…
- April 6, 2026The WowOptin: Next-Gen Popup Maker plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and…
- April 6, 2026The weForms – Easy Drag & Drop Contact Form Builder For WordPress plugin for WordPress is vulnerable to PHP Object…
- April 6, 2026The Addon Jobsearch Chat plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.0 due…
- April 6, 2026The Text to Speech for WP (AI Voices by Mementor) plugin for WordPress is vulnerable to sensitive information exposure in…
- April 1, 2026The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via…
- April 1, 2026The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2.…
- April 1, 2026The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4.…
- April 1, 2026The Lumise Product Designer plugin for WordPress is vulnerable to SQL Injection in versions up to 2.0.9 due to insufficient…
