- March 18, 2026The ACF to REST API plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to,…
- March 18, 2026The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 18, 2026The Page Keys plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_key’ parameter in all versions up…
- March 18, 2026The Recras WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'recrasname' shortcode attribute in all versions…
- March 18, 2026The Moosend Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
- March 18, 2026The MTCaptcha WordPress Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2.…
- March 18, 2026The SVG Map Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 18, 2026The Simple User Meta Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user meta value field…
- March 18, 2026The twinklesmtp – Email Service Provider For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's sender…
- March 18, 2026The HelpDesk contact form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
