- March 18, 2026The Smart App Banners plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'size' and 'verticalalign' parameters of…
- March 18, 2026The AA Block Country plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.0.1.…
- March 18, 2026The WP Widget Changer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` variable in all versions…
- March 18, 2026The Stumble! for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` variable in all versions…
- March 18, 2026The EDD Download Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'edd_download_info_link' shortcode in all versions…
- March 18, 2026The Post Like Dislike plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` variable in all versions…
- March 18, 2026The Easy GitHub Gist Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the…
- March 18, 2026The Guest posting / Frontend Posting / Front Editor – WP Front User Submit plugin for WordPress is vulnerable to…
- March 18, 2026The Unify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
- March 18, 2026The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to,…
