- March 18, 2026The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Sensitive Information Exposure…
- March 18, 2026The Link Whisper Free plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 0.9.0…
- March 18, 2026The Calculated Fields Form plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The FooGallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…
- March 18, 2026The Open User Map plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.16.…
- March 18, 2026The Bookster – WordPress Appointment Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘raw’ parameter in…
- March 18, 2026The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site…
- March 18, 2026The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versions up to, and including, 4.2.8.4.…
- March 18, 2026The Frontend File Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.1.11 due to…
- March 18, 2026The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to,…
- March 18, 2026The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Server-Side…
- March 18, 2026The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
- March 18, 2026The Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5.4 due…
- March 18, 2026The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
- March 18, 2026The Download Alt Text AI plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on…
- March 18, 2026The Client Invoicing by Sprout Invoices plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
- March 18, 2026The Ravelry Designs Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'layout' attribute of the 'sb_ravelry_designs'…
- March 18, 2026The Press3D plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 3D Model Gutenberg block in all versions…
