- March 18, 2026The Maximum Products per User for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to,…
- March 18, 2026The Contact Form Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.1.…
- March 18, 2026The Bootstrap Modals plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.2 due…
- March 18, 2026The Curator.io plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.9.5 due to…
- March 18, 2026The Add Custom Codes plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.80…
- March 18, 2026The RestroPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…
- March 18, 2026The MX Time Zone Clocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The Add Custom Codes plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Tooltips plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 10.8.3 due to…
- March 18, 2026The Gmaper for Elementor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Simple Archive Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.2.…
- March 18, 2026The Flowbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…
- March 18, 2026The Super Logos Showcase plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.8…
- March 18, 2026The Everest Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.9. This…
- March 18, 2026The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.9.65…
- March 18, 2026The Valenti Engine plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.3 due…
- March 18, 2026The Hotel Listing plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.4.0 due…
- March 18, 2026The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin…
- March 18, 2026The FormFacade plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.1. This is…
- March 18, 2026The Custom Admin Interface plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
