- March 18, 2026The Makesweat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'makesweat_clubid' setting in all versions up to,…
- March 18, 2026The Real Post Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all…
- March 18, 2026The SpiceForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'spiceforms' shortcode in all versions…
- March 18, 2026The Seriously Simple Podcasting plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,…
- March 18, 2026The Reservation Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- March 18, 2026The Breeze Cache plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- March 18, 2026The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrm_get_email_recipients and…
- March 18, 2026The Kunze Law plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's shortcode in all versions up to,…
- March 18, 2026The The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to…
- March 18, 2026The Testimonials Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 1.6 due to…
- March 18, 2026The Hide My WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 6.2.12…
- March 18, 2026The SearchWiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in search results in all versions…
- March 18, 2026The DZS Video Gallery plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 12.39 due…
- March 18, 2026The EventPrime - Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions…
- March 18, 2026The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
- March 18, 2026The Flex QR Code Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The JNews - Video plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 11.0.2…
- March 18, 2026The RealPress – Real Estate Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and…
- March 18, 2026The PopCash.Net Code Integration Tool plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The WP Popups plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
