- March 18, 2026The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via double HTML-entity encoding in all versions up…
- March 18, 2026The Custom Block Builder – Lazy Blocks plugin for WordPress is vulnerable to Remote Code Execution in all versions up…
- March 18, 2026The Miraculous Elementor plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.7.This makes…
- March 18, 2026The WooCommerce Coming Soon Product with Countdown plugin for WordPress is vulnerable to Local File Inclusion in versions up to,…
- March 18, 2026The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including,…
- March 18, 2026The WordPress Upload Files Anywhere plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including,…
- March 18, 2026The shop plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.6.1. This makes…
- March 18, 2026The Themesflat Elementor plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.0.1 via…
- March 18, 2026The Simple Retail Menus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.2.1.…
- March 18, 2026The User Extra Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 16.8…
