- March 18, 2026The Creator LMS – The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of…
- March 18, 2026The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up…
- March 18, 2026The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin…
- March 18, 2026The Listivo Core plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.3.77. This…
- March 18, 2026The Dinatur plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.18 due to…
- March 18, 2026The RealHomes CRM plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- March 18, 2026The Directorist Booking plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.4.1 due to…
- March 18, 2026The AdForest Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.0.11 due…
- March 18, 2026The MailerLite – WooCommerce integration plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.2…
- March 18, 2026The Nelio A/B Testing – AB Tests and Heatmaps for Better Conversion Optimization plugin for WordPress is vulnerable to Remote…
- March 18, 2026The Koko Analytics plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.1.2 due to…
- March 18, 2026The My auctions allegro plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.6.32…
- March 18, 2026The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to arbitrary file uploads due to missing…
- March 18, 2026The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable…
- March 18, 2026The Coven Core plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.3 due to…
- March 18, 2026The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3.…
- March 18, 2026The Melapress Role Editor plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.1.…
- March 18, 2026The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including,…
- March 18, 2026The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to Local File Inclusion in versions up…
- March 18, 2026The Portfolio Builder plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.2.5. This…
