Severity: medium

March 18, 2026

The Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…

March 18, 2026

The MapIt plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…

March 18, 2026

The MyBookTable Bookstore plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.5.6 due…

March 18, 2026

The Owl Carousel WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.2.2…

March 18, 2026

The BM Content Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and excluding, 3.16.3.3.…

March 18, 2026

The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress…

March 18, 2026

The Email Marketing Plugin – WP Email Capture plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions…

March 18, 2026

The WeDesignTech Ultimate Booking Addon plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…

March 18, 2026

The Effect Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.1 due…

March 18, 2026

The Co-marquage service-public.fr plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.5.77. This…