- April 6, 2026The UpSolution Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 8.41 due…
- April 6, 2026The Spam Protect for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file…
- April 6, 2026The Miraculous Core plugin for WordPress is vulnerable to SQL Injection in versions up to 2.1.2 due to insufficient escaping…
- April 6, 2026The iTracker360 plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in all versions up…
- April 6, 2026The WP Terms Popup – Terms and Conditions and Privacy Policy WordPress Popups plugin for WordPress is vulnerable to unauthorized…
- April 6, 2026The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions…
- April 6, 2026The WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin for WordPress is vulnerable to unauthorized…
- April 6, 2026The Motta Addons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 1.6.1 due to insufficient…
- April 6, 2026The MSTW League Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.10…
- April 6, 2026The Product Rearrange for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
