- April 17, 2026The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the Repeater JSON/CSV URL parameter…
- April 16, 2026The JetSearch plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.5.10 due to insufficient…
- April 6, 2026The Visitor Traffic Real Time Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page_title' parameter in…
- April 6, 2026The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16.…
- April 6, 2026The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys…
- April 6, 2026The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress…
- April 6, 2026The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure…
- April 6, 2026The Nelio A/B Testing – AB Tests and Heatmaps for Better Conversion Optimization plugin for WordPress is vulnerable to Remote…
- April 6, 2026The Product File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path…
- April 6, 2026The Fraud Prevention For WooCommerce and EDD plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
