Severity: medium

March 18, 2026

The Hotel Listing plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.4.0 due…

March 18, 2026

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin…

March 18, 2026

The FormFacade plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.1. This is…

March 18, 2026

The Custom Admin Interface plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…

March 18, 2026

The Accessibility Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.2 due…

March 18, 2026

The WebMan Amplifier plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.5.12 due…

March 18, 2026

The Simple Archive Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.2.…

March 18, 2026

The Flowbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…

March 18, 2026

The Page Title Splitter plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.5.9…

March 18, 2026

The Portfolio Gallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…