- March 18, 2026The Popup Box – Easily Create WordPress Popups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
- March 18, 2026The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to unauthorized modification of data due to…
- March 18, 2026The Frontend User Notes plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
- March 18, 2026The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'vkExUnit_sns_title' parameter…
- March 18, 2026The Compress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in…
- March 18, 2026The Brevo - Email, SMS, Web Push, Chat, and more. plugin for WordPress is vulnerable to authorization bypass due to…
- March 18, 2026The Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including,…
- March 18, 2026The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Sensitive Information Exposure…
- March 18, 2026The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due…
- March 18, 2026The Display During Conditional Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all…
