- March 23, 2026The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…
- March 23, 2026The Mail plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.3 due to…
- March 23, 2026The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to unauthorized access due to a missing…
- March 23, 2026The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via unrestricted file upload in…
- March 23, 2026The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including,…
- March 23, 2026The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to, and including,…
- March 23, 2026The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and…
- March 23, 2026The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object…
- March 23, 2026The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in…
- March 23, 2026The Peach Payments Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 23, 2026The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a…
- March 23, 2026The bidorbuy Store Integrator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.12.0…
- March 23, 2026The Syntax Highlighter Compress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.0.83.3…
- March 23, 2026The Guardian News Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 23, 2026The onepay Payment Gateway For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing…
- March 23, 2026The Eli's WordCents adSense Widget with Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to,…
- March 23, 2026The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
- March 23, 2026The Dooodl plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.3.0 due to…
- March 23, 2026The Element Invader – Template Kits for Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing…
- March 23, 2026The Quote Master plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 7.1.1 due…
