Archives

Booking Calendar Vulnerability (Medium) – CVE-2026-1431

by Ivan Sorkin | Jan 30, 2026 | Plugins

Attack Vectors The WordPress Booking Calendar plugin (slug: booking) is affected by a Medium severity vulnerability (CVSS 5.3) that can be exploited over the internet without requiring a login. In practical terms, an unauthenticated attacker can target the plugin’s...

NEX-Forms – Ultimate Forms Plugin for WordPress Vulnerability (Medi…

by Ivan Sorkin | Jan 30, 2026 | Plugins

Attack Vectors The vulnerability in NEX-Forms – Ultimate Forms Plugin for WordPress (slug: nex-forms-express-wp-form-builder) affects versions up to and including 9.1.8 and is rated Medium severity (CVSS 5.3). It involves missing authorization checks that can allow an...

Next Entries »

Booking Calendar Vulnerability (Medium) – CVE-2026-1431

NEX-Forms – Ultimate Forms Plugin for WordPress Vulnerability (Medi…

Recent Posts

Recent Comments

Categories

Meta

Location

Follow Us

Subscription

Success!