- March 18, 2026The VidShop – Shoppable Videos for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'fields' parameter…
- March 18, 2026The Crete Core plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.3 due to…
- March 18, 2026The ModelTheme Addons for WPBakery and Elementor plugin for WordPress is vulnerable to PHP Object Injection in versions up to…
- March 18, 2026The Kentha Elementor Widgets plugin for WordPress is vulnerable to Local File Inclusion in versions up to 3.1. This makes…
- March 18, 2026The Omnipress plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.6.7. This makes…
- March 18, 2026The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to…
- March 18, 2026The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to…
- March 18, 2026The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6.…
- March 18, 2026The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4…
- March 18, 2026The amr cron manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3…
