- March 18, 2026The Themesflat Elementor plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.0.1 via…
- March 18, 2026The Simple Retail Menus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.2.1.…
- March 18, 2026The User Extra Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 16.8…
- March 18, 2026The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to Privilege Escalation due to missing…
- March 18, 2026The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in…
- March 18, 2026The Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin…
- March 18, 2026The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom radio…
- March 18, 2026The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in…
- March 18, 2026The My Sticky Bar plugin for WordPress is vulnerable to SQL injection via the `stickymenu_contact_lead_form` AJAX action in all versions…
- March 18, 2026The Appointment Booking Calendar — Simply Schedule Appointments plugin for WordPress is vulnerable to unauthorized access of sensitive data in…
