- March 18, 2026The EduBlink Core plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7. This…
- March 18, 2026The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…
- March 18, 2026The JetEngine plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.7.7 due to…
- March 18, 2026The Download Manager plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and…
- March 18, 2026The My auctions allegro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.6.33.…
- March 18, 2026The Automotive Listings plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 18.6 due to…
- March 18, 2026The Newsletters plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.11 via deserialization…
- March 18, 2026The WP Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.4. This…
- March 18, 2026The Eventin plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.1.3 via deserialization…
- March 18, 2026The Final User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.5. This…
