- March 18, 2026The WP-Members Membership Plugin for WordPress is vulnerable to unauthorized file access in versions up to, and including, 3.5.4.4. This…
- March 18, 2026The Ultimate Reviews plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,…
- March 18, 2026The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The The Events Calendar Countdown Addon plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The BulletProof Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.9.…
- March 18, 2026The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in all versions up to, and…
- March 18, 2026The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up…
- March 18, 2026The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'displayName' parameter in all…
- March 18, 2026The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization…
- March 18, 2026The Listeo Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 2.0.19 due to insufficient…
