- March 18, 2026The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including,…
- March 18, 2026The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all…
- March 18, 2026The DukaPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.2.4 due to…
- March 18, 2026The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Improper Privilege Management in versions 7.1.0 through 9.0.2.…
- March 18, 2026The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in…
- March 18, 2026The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all…
- March 18, 2026The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' parameter in all versions up…
- March 18, 2026The Royal Addons for Elementor plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and…
- March 18, 2026The ProfilePress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.16.11.…
- March 18, 2026The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via the URL path in…
