- March 18, 2026The DukaPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.2.4 due to…
- March 18, 2026The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Improper Privilege Management in versions 7.1.0 through 9.0.2.…
- March 18, 2026The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in…
- March 18, 2026The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar-features' parameter in all versions…
- March 18, 2026The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the…
- March 18, 2026The The Events Calendar plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.15.17…
- March 18, 2026The MetForm Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Quiz feature in all versions up…
- March 18, 2026The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including,…
- March 18, 2026The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and…
- March 18, 2026The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all…
