- March 18, 2026The WaveSurfer-WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's audio shortcode in all versions up…
- March 18, 2026The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'form_title' parameter in the `search_employee_directory` shortcode…
- March 18, 2026The Orange Confort+ accessibility toolbar for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' parameter…
- March 18, 2026The Okay Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.3 due…
- March 18, 2026The Woo File Dropzone plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in…
- March 18, 2026The Tune Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via CSV import in all versions up to,…
- March 18, 2026The AWCA – The Great Analytics Insights for Your eStore plugin for WordPress is vulnerable to unauthorized access due to…
- March 18, 2026The Court Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.10.8 due…
- March 18, 2026The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to…
