- March 30, 2026The Image Slider by Ays- Responsive Slider and Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions…
- March 30, 2026The WPJAM Basic plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- March 30, 2026The Green Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all…
- March 29, 2026The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,…
- March 29, 2026The Quentn WP plugin for WordPress is vulnerable to SQL Injection via the 'qntn_wp_access' cookie in all versions up to,…
- March 29, 2026The Vagaro Booking Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘vagaro_code’ parameter in all versions…
- March 29, 2026The Injection Guard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via malicious query parameter names in all versions…
- March 29, 2026The Linksy Search and Replace plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…
- March 29, 2026The Expire Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.2. This…
- March 29, 2026The Photo Engine (Media Organizer & Lightroom) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file…
