- March 18, 2026The Seraphinite Accelerator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.28.14…
- March 18, 2026The Apocalypse Meow plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to,…
- March 18, 2026The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'get_customer_list'…
- March 18, 2026The WP-Members Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'order_by' attribute of the [wpmem_user_membership_posts] shortcode…
- March 18, 2026The Envira Gallery for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'justified_gallery_theme' parameter in all…
- March 18, 2026The Enable Media Replace plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check…
- March 18, 2026The Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress is…
- March 18, 2026The All-in-One Video Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'vi' parameter in all versions…
- March 18, 2026The Seraphinite Accelerator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on…
- March 18, 2026The Easy Post Submission – Frontend Posting, Guest Publishing & Submit Content for WordPress plugin for WordPress is vulnerable to…
- March 18, 2026The Morkva UA Shipping plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up…
- March 18, 2026The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to Stored Cross-Site…
- March 18, 2026The Wp EMember plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 10.2.2 due…
- March 18, 2026The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification…
- March 18, 2026The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to SQL Injection via the…
- March 18, 2026The WP CTA – Sticky CTA Builder, Generate Leads, Promote Sales plugin for WordPress is vulnerable to unauthorized access due…
- March 18, 2026The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the 'workflow_ids' parameter in all…
- March 18, 2026The MailArchiver plugin for WordPress is vulnerable to SQL Injection via the ‘logid’ parameter in all versions up to, and…
- March 18, 2026The UberSlider MouseInteraction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.3 due…
- March 18, 2026The UberSlider Ultra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.3 due…
