- March 18, 2026The MTCaptcha WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2.…
- March 18, 2026The SVG Map Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 18, 2026The xShare plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This…
- March 18, 2026The ACF to REST API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to,…
- March 18, 2026The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 18, 2026The Page Keys plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_key’ parameter in all versions up…
- March 18, 2026The Premmerce WooCommerce Customers Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'money_spent_from', 'money_spent_to', 'registered_from', and…
- March 18, 2026The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kf_field_figure_default_color_render function in all versions up…
- March 18, 2026The aBlocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data and disclosure of sensitive…
- March 18, 2026The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to unauthorized file deletion in versions up to, and including,…
