- March 18, 2026The Product Addons for Woocommerce – Product Options with Custom Fields plugin for WordPress is vulnerable to Code Injection in…
- March 18, 2026The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is…
- March 18, 2026The Rent Fetch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'keyword' parameter in all versions up…
- March 18, 2026The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via…
- March 18, 2026The Woocommerce Category Banner Management plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including,…
- March 18, 2026The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check in the 'Notice::install_activate_plugin'…
- March 18, 2026The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Local File Inclusion in all…
- March 18, 2026The Wolmart Core plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.9.6 due to…
- March 18, 2026The Advanced AJAX Product Filters plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and…
- March 18, 2026The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control to Payment Status Update in all…
- March 18, 2026The RSS Aggregator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'template' parameter in all versions up…
- March 18, 2026The Applay - Shortcodes plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.7…
- March 18, 2026The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions…
- March 18, 2026The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,…
- March 18, 2026The Jetpack CRM plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 6.7.0. This…
- March 18, 2026The User Language Switch plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,…
- March 18, 2026The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions…
- March 18, 2026The Super Simple Contact Form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sscf_name' parameter in all…
- March 18, 2026The Starfish Review Generation & Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data that can…
- March 18, 2026The BlueSnap Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and…
