- April 6, 2026The NaturaLife Extensions plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.1. This…
- April 6, 2026The Wishlist Member plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.29.0 via…
- April 6, 2026The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and…
- April 6, 2026The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to PHP…
- April 6, 2026The SUMO Affiliates Pro plugin for WordPress is vulnerable to PHP Object Injection in versions up to 11.4.0 via deserialization…
- April 6, 2026The Wishlist Member plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- April 6, 2026The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to PHP Object Injection in versions up…
- April 6, 2026The Advanced Reporting & Statistics for WooCommerce – Orders, Products & Customers Reporting plugin for WordPress is vulnerable to SQL…
- April 6, 2026The Widget Wrangler plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.3.9.…
- April 6, 2026The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in…
