- March 18, 2026The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site…
- March 18, 2026The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and 'name_directory_description' parameters in all…
- March 18, 2026The DASHBOARD BUILDER – WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in…
- March 18, 2026The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup_display_effect_in' parameters in all…
- March 18, 2026The Tutor LMS Pro plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.8.3 due…
- March 18, 2026The JNews - Pay Writer plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including,…
- March 18, 2026The Laurent Core plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.4.1. This…
- March 18, 2026The JupiterX Core plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.10.1 via…
- March 18, 2026The TheGem Theme Elements (for Elementor) plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and…
- March 18, 2026The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'acff' parameter in the…
