- March 18, 2026The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL…
- March 18, 2026The All In One Image Viewer Block plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up…
- March 18, 2026The TopperPack – Complete Elementor Addons, Theme & CPT Builder plugin for WordPress is vulnerable to Local File Inclusion in…
- March 18, 2026The Contact Manager plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 9.1 via…
- March 18, 2026The GSheetConnector For WPForms – WPForms Google Sheets Integration (Real-Time Sync) plugin for WordPress is vulnerable to Remote Code Execution…
- March 18, 2026The NPS computy plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.8.2 due…
- March 18, 2026The NEX-Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 9.1.7 due to…
- March 18, 2026The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via…
- March 18, 2026The Infility Global plugin for WordPress is vulnerable to unauthenticated SQL Injection via the 'infility_get_data' API action in all versions…
- March 18, 2026The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References (IDOR)…
