by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors The WordPress plugin personal-authors-category (versions up to and including 0.3) is affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVSS 6.1). In practical terms, an attacker can place malicious code into a crafted URL path...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Severity: High (CVSS 8.1). CVE-2026-2144 affects the WordPress plugin Magic Login Mail or QR Code (slug: magic-login-mail) in versions up to and including 2.05. The core exposure comes from how the plugin handles “magic login” requests: an...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors The vulnerability (CVE-2026-2027) affects the WordPress plugin AMP Enhancer – Compatibility Layer for Official AMP Plugin (slug: amp-enhancer) in versions up to and including 1.0.49. It is rated Medium severity (CVSS 4.4) and involves Stored Cross-Site...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors High severity vulnerability (CVSS 7.5) in BlueSnap Payment Gateway for WooCommerce (slug: bluesnap-payment-gateway-for-woocommerce) impacts all versions up to and including 3.3.0. The issue (CVE-2026-0692) allows unauthenticated attackers to send forged...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Citations tools (WordPress plugin slug: citations-tools) is affected by a Medium severity vulnerability (CVSS 6.4) identified as CVE-2026-1912. The issue impacts all versions up to and including 0.3.2. The primary attack path is through the plugin’s...
Recent Comments