- March 18, 2026The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via…
- March 18, 2026The WP Enable WebP plugin for WordPress is vulnerable to arbitrary file uploads due to improper file type validation in…
- March 18, 2026The User Activity Log plugin is vulnerable to a limited options update in versions up to, and including, 2.2. The…
- March 18, 2026The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in all versions up to, and…
- March 18, 2026The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.9. This…
- March 18, 2026The iPaymu Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authentication in all versions up to, and…
- March 18, 2026The WP Photo Album Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘shortcode’ parameter in all…
- March 18, 2026The EduBlink Core plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7. This…
- March 18, 2026The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…
- March 18, 2026The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…
