- March 18, 2026The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,…
- March 18, 2026The PhotoStack Gallery plugin for WordPress is vulnerable to SQL Injection via the 'postid' parameter in all versions up to,…
- March 18, 2026The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'media[].href' parameter in all…
- March 18, 2026The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For'…
- March 18, 2026The PixelYourSite – Your smart PIXEL (TAG) & API Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via…
- March 18, 2026The PixelYourSite PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pysTrafficSource' parameter and the 'pys_landing_page' parameter…
- March 18, 2026The Modal Popup Box plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.6.1…
- March 18, 2026The Bravis Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- March 18, 2026The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due…
- March 18, 2026The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in versions…
- March 18, 2026The Download Manager Addons for Elementor plugin for WordPress is vulnerable to SQL Injection in versions up to, and including,…
- March 18, 2026The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions…
- March 18, 2026The Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin for WordPress is vulnerable to PHP Object Injection…
- March 18, 2026The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to,…
- March 18, 2026The Worry Proof Backup plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.2.4…
- March 18, 2026The WooCommerce License Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in…
- March 18, 2026The wpForo Forum plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.13…
- March 18, 2026The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0…
- March 18, 2026The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2.…
- March 18, 2026The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to…
