Severity: medium

March 18, 2026

The Post Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.11. This…

March 18, 2026

The Simple Like Page plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…

March 18, 2026

The Gmedia Photo Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.24.1.…

March 18, 2026

The Funnelforms Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.8 due…

March 18, 2026

The History Timeline plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…

March 18, 2026

The Maximum Products per User for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to,…

March 18, 2026

The Contact Form Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.1.…

March 18, 2026

The Bootstrap Modals plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.2 due…

March 18, 2026

The Curator.io plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.9.5 due to…

March 18, 2026

The Add Custom Codes plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.80…