- March 30, 2026The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to unauthorized access…
- March 30, 2026The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias (`val` parameter)…
- March 30, 2026The Avada (Fusion) Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 3.15.0 due to…
- March 30, 2026The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ao_post_preload' meta value in all versions up…
- March 30, 2026The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the lazy-loading image processing in all versions up…
- March 30, 2026The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up…
- March 30, 2026The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 30, 2026The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection in versions…
- March 30, 2026The Comments Import & Export plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 30, 2026The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
