- March 18, 2026The Chapa Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up…
- March 18, 2026The Smart Appointment & Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the saab_save_form_data AJAX action in…
- March 18, 2026The All push notification for WP plugin for WordPress is vulnerable to time-based SQL Injection via the 'delete_id' parameter in…
- March 18, 2026The MyRewards – Loyalty Points and Rewards for WooCommerce plugin for WordPress is vulnerable to missing authorization in all versions…
- March 18, 2026The Authorsy – Author Box, Multiple Authors, Guest Authors & Post Rating plugin for WordPress is vulnerable to Insecure Direct…
- March 18, 2026The Reflector plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.2.2 due to…
- March 18, 2026The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing…
- March 18, 2026The Extended Random Number Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all…
- March 18, 2026The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to unauthorized access due to a missing…
- March 18, 2026The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_wp_attachment_image_alt’ post meta in…
- March 18, 2026The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all…
- March 18, 2026The Optimize More! – Images plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The WP Job Portal – AI-Powered Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to…
- March 18, 2026The Conditional CAPTCHA plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.0.0. This…
- March 18, 2026The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in…
- March 18, 2026The Run Contests, Raffles, and Giveaways with ContestsWP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions…
- March 18, 2026The WP ULike plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,…
- March 18, 2026The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Border Hero widget's Button…
- March 18, 2026The ThirstyAffiliates – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request…
- March 18, 2026The Mail Mint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19.2.…
