- March 23, 2026The Stopwords for comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
- March 23, 2026The WP Allowed Hosts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allowed-hosts' parameter in all versions…
- March 23, 2026The Bayarcash WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- March 23, 2026The Float Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to improper error handling in…
- March 23, 2026The Penci Review plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.5 due…
- March 23, 2026The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This…
- March 23, 2026The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is…
- March 23, 2026The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and…
- March 23, 2026The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
- March 23, 2026The Get Use APIs – JSON Content Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up…
- March 23, 2026The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and…
- March 23, 2026The CM Custom Reports – Flexible reporting to track what matters most plugin for WordPress is vulnerable to Stored Cross-Site…
- March 23, 2026The ilGhera Carta Docente for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and…
- March 23, 2026The CP Multi View Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and…
- March 23, 2026The Product Slider, Product Grid, Product Masonry plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
- March 23, 2026The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.15.9…
- March 23, 2026The Reading progressbar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to 1.3.1 due to insufficient…
- March 23, 2026The Guest posting / Frontend Posting / Front Editor – WP Front User Submit plugin for WordPress is vulnerable to…
- March 23, 2026The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Sensitive Information…
- March 23, 2026The Really Simple Security – Simple and Performant Security (formerly Really Simple SSL) plugin for WordPress is vulnerable to unauthorized…
