- March 18, 2026The DA Media GigList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's damedia_giglist shortcode in all…
- March 18, 2026The Show YouTube video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'syv' shortcode in all…
- March 18, 2026The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all…
- March 18, 2026The Infomaniak Connect for OpenID plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'endpoint_login' parameter of the…
- March 18, 2026The WP Booking System – Booking Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up…
- March 18, 2026The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _ob_spacerat_link, _ob_bbad_link, and _ob_teleporter_link…
- March 18, 2026The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Missing Authorization in all versions up to,…
- March 18, 2026The Page and Post Clone plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' parameter in the content_clone()…
- March 18, 2026The Subscription for WooCommerce – WordPress Recurring Payments Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in…
- March 18, 2026The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
