- March 18, 2026The Bookster – WordPress Appointment Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘raw’ parameter in…
- March 18, 2026The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site…
- March 18, 2026The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versions up to, and including, 4.2.8.4.…
- March 18, 2026The Frontend File Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a…
- March 18, 2026The Client Invoicing by Sprout Invoices plugin for WordPress is vulnerable to unauthorized access due to a missing capability check…
- March 18, 2026The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.1.11 due to…
- March 18, 2026The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to,…
- March 18, 2026The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Server-Side…
- March 18, 2026The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and…
- March 18, 2026The Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5.4 due…
