- March 18, 2026The Block Slider plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- March 18, 2026The ShopMagic – email automation plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The RSS Feed Widget plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Re Gallery – Responsive Photo Gallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
- March 18, 2026The Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.0.3 due to…
- March 18, 2026The X Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The Real Estate Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.1.4…
- March 18, 2026The Bulk Page Generator – LPagery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The Speed Kit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…
- March 18, 2026The Dashboard Welcome for Beaver Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The Email Customizer for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email template content in all…
- March 18, 2026The Cool YT Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'videoid' parameter in all versions…
- March 18, 2026The Testimonial Master plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` variable in all versions up…
- March 18, 2026The Snillrik Restaurant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'menu_style' shortcode attribute in all versions…
- March 18, 2026The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Missing…
- March 18, 2026The Awesome Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to incorrect authorization in the…
- March 18, 2026The AH Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column' shortcode attribute in all versions…
- March 18, 2026The Image Slider Slideshow plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
- March 18, 2026The Wish To Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up…
- March 18, 2026The Simcast plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This…
