- April 26, 2026The WooCommerce Product Filters plugin for WordPress is vulnerable to PHP Object Injection in versions up to 2.0.6 via deserialization…
- April 26, 2026The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.5.0 due…
- April 26, 2026The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to SQL Injection in versions up to 3.1.3…
- April 26, 2026The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to SQL Injection in versions up to, and…
- April 26, 2026The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all…
- April 26, 2026The WP Photo Album Plus plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 9.1.08.001…
- April 26, 2026The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to SQL…
- April 26, 2026The Post Duplicator plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.10 via…
- April 25, 2026The Service Finder SMS System plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including,…
- April 23, 2026The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code…
