- April 27, 2026The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is…
- April 27, 2026The Easy Appointments plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- April 26, 2026The Shipment Tracker for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- April 26, 2026The Smart Online Order for Clover plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and…
- April 26, 2026The Client Portal Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.6.2.…
- April 26, 2026The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions…
- April 26, 2026The FluentBoards – Project Management, Task Management, Goal Tracking, Kanban Board, and, Team Collaboration plugin for WordPress is vulnerable to…
- April 26, 2026The WCFM Marketplace – Multivendor Marketplace for WooCommerce plugin for WordPress is vulnerable to SQL Injection in versions up to,…
- April 26, 2026The Accept Cryptocurrencies with Plisio plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- April 26, 2026The Video Gallery – YouTube Gallery & Responsive Video Playlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting in…
- April 26, 2026The Jupiter X Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.14.1…
- April 26, 2026The Booking Activities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- April 26, 2026The Mini Ajax Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and…
- April 25, 2026The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site…
- April 24, 2026The Sentence To SEO (keywords, description and tags) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Permanent…
- April 24, 2026The Ni WooCommerce Order Export plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and…
- April 24, 2026The DX Unanswered Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- April 24, 2026The WPMK Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions…
- April 24, 2026The ER Swiffy Insert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [swiffy] shortcode in all versions…
- April 24, 2026The mCatFilter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.5.2. This…
