- March 18, 2026The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks…
- March 18, 2026The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and…
- March 18, 2026The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
- March 18, 2026The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via…
- March 18, 2026The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `aigpl-gallery-album`…
- March 18, 2026The Mesmerize Companion plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability…
- March 18, 2026The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure…
- March 18, 2026The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in all versions up to, and…
- March 18, 2026The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in…
- March 18, 2026The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to unauthorized access due to a missing capability…
- March 18, 2026The Advanced Custom Fields: Font Awesome Field plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to,…
- March 18, 2026The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to payment bypass…
- March 18, 2026The Groups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'groups_group_info' shortcode in all versions up…
- March 18, 2026The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the…
- March 18, 2026The Image Hotspot by DevVN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hotspot_content' custom field meta…
- March 18, 2026The Breadcrumb NavXT plugin for WordPress is vulnerable to authorization bypass through user-controlled key in versions up to and including…
- March 18, 2026The Web Accessibility by accessiBe plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and…
- March 18, 2026The Easy Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `ez-toc` shortcode in…
- March 18, 2026The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via…
