- March 28, 2026The Multi Functional Flexi Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `arv_lb[message]` parameter in all…
- March 28, 2026The Canto plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.1.1 via the…
- March 26, 2026The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linkgate' shortcode in all…
- March 25, 2026The Ricerca – advanced search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's settings in all versions…
- March 25, 2026The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery shortcode post meta field…
- March 25, 2026The Weaver Show Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'add_class' parameter in all versions…
- March 25, 2026The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to unauthorized modification of data due to…
- March 25, 2026The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including,…
- March 25, 2026The Tour & Activity Operator Plugin for TourCMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'target'…
- March 25, 2026The Hr Press Lite plugin for WordPress is vulnerable to unauthorized access of sensitive employee data due to a missing…
