Severity: medium

March 18, 2026

The Simple GDPR Cookie Compliance plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…

March 18, 2026

The Universal Google Adsense and Ads manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability…

March 18, 2026

The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function…

March 18, 2026

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Multiple Checkbox and Multiple Select…

March 18, 2026

The WMF Mobile Redirector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions…

March 18, 2026

The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…

March 18, 2026

The Stopwords for comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…

March 18, 2026

The List Site Contributors plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'alpha' parameter in versions up…

March 18, 2026

The SocialChamp with WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…

March 18, 2026

The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This…