- March 18, 2026The LearnPress – WordPress LMS Plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including,…
- March 18, 2026The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized access…
- March 18, 2026The Newsletter – Send awesome emails from WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions…
- March 18, 2026The PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net) plugin for WordPress is vulnerable to…
- March 18, 2026The Viet contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to,…
- March 18, 2026The weMail - Email Marketing, Lead Generation, Optin Forms, Email Newsletters, A/B Testing, and Automation plugin for WordPress is vulnerable…
- March 18, 2026The Custom Fonts – Host Your Fonts Locally plugin for WordPress is vulnerable to unauthorized loss of data due to…
- March 18, 2026The WP Hello Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'digit_one' and 'digit_two' parameters in…
- March 18, 2026The Points and Rewards for WooCommerce – Create Loyalty Programs, Reward Customer Purchases, User Badges, Gamification plugin for WordPress is…
- March 18, 2026The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to unauthorized access due…
- March 18, 2026The Visual Link Preview plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Smart Product Viewer plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Hyyan WooCommerce Polylang Integration plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The Tutor LMS BunnyNet Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized access due to a missing…
- March 18, 2026The Order Listener for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The Table of Contents Creator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including,…
- March 18, 2026The SumUp Payment Gateway For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The ShoutOut plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.0.2 due to…
- March 18, 2026The My Post Order plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.2.1.1…
