- April 28, 2026The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips'…
- April 28, 2026The Experto Dashboard for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings fields (including…
- April 27, 2026The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is…
- April 27, 2026The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all…
- April 27, 2026The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of…
- April 27, 2026The Timeline Blocks for Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titleTag' attribute of the…
- April 27, 2026The Easy Appointments plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- April 26, 2026The Shipment Tracker for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- April 26, 2026The Smart Online Order for Clover plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and…
- April 26, 2026The Client Portal Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.6.2.…
