by Ivan Sorkin | Jan 30, 2026 | Plugins
Attack Vectors The WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder (slug: pdf-for-elementor-forms) has a High-severity vulnerability (CVE-2025-60084, CVSS 7.5) that can be targeted over the network. The issue affects versions up to and...
by Ivan Sorkin | Jan 30, 2026 | Plugins
Attack Vectors The vulnerability CVE-2025-60082 affects the WordPress plugin “PDF for WPForms + Drag and Drop Template Builder” (slug: pdf-for-wpforms) in versions 6.5.0 and below. It is rated High severity (CVSS 8.8), which signals meaningful business risk when the...
by Ivan Sorkin | Jan 30, 2026 | Plugins
Attack Vectors The WordPress plugin PDF for Contact Form 7 + Drag and Drop Template Builder (slug: pdf-for-contact-form-7) is affected by a High severity vulnerability (CVE-2025-60081, CVSS 7.5). The key risk factor is that the attack can be carried out by an...
by Ivan Sorkin | Jan 30, 2026 | Plugins
Attack Vectors CVE-2025-68034 affects the CleverReach® WP (slug: cleverreach-wp) plugin for WordPress in versions up to and including 1.5.21. Because this is an unauthenticated SQL Injection with High severity (CVSS 7.5), an external attacker can attempt exploitation...
by Ivan Sorkin | Jan 30, 2026 | Plugins
Attack Vectors CVE-2026-0844 is a High-severity privilege escalation issue (CVSS 8.8) affecting the Simple User Registration plugin for WordPress (slug: wp-registration) in versions up to and including 6.7. The core risk is that an attacker does not need to be an...
Recent Comments