- March 18, 2026The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized license key deletion due to a missing…
- March 18, 2026The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,…
- March 18, 2026The WP Event Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_events' shortcode in all…
- March 18, 2026The Business Directory Plugin for WordPress is vulnerable to authorization bypass due to a missing authorization check in all versions…
- March 18, 2026The EventPrime plugin for WordPress is vulnerable to unauthorized post modification due to missing authorization checks in all versions up…
- March 18, 2026The Dam Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.…
- March 18, 2026The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ce_venue_name' parameter in all versions up…
- March 18, 2026The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to unauthorized arbitrary shortcode execution in all versions up to, and…
- March 18, 2026The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Missing Authorization in all versions up…
- March 18, 2026The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions…
