by Ivan Sorkin | Feb 26, 2026 | Themes
Attack Vectors Yozi – Multipurpose Electronics WooCommerce WordPress Theme (slug: yozi) versions up to and including 2.0.63 are affected by CVE-2025-32289, a Critical vulnerability (CVSS 9.8; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Because this...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2025-31914 is a High severity vulnerability (CVSS 7.5) affecting Pixel WordPress Form BuilderPlugin & Autoresponder (slug: pixel-formbuilder) in versions up to and including 1.0.2. The issue is an unauthenticated SQL Injection, meaning an...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2025-47553 is a High-severity vulnerability (CVSS 8.8, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting the DZS Video Gallery WordPress plugin (slug: dzs-videogallery) in versions 12.39 and below. The attack requires an authenticated...
by Ivan Sorkin | Feb 26, 2026 | Themes
Attack Vectors Capie – Minimal Creative WooCommerce WordPress Theme (slug: capie) is affected by a Critical vulnerability (CVSS 9.8) tracked as CVE-2025-31060. The issue is an Unauthenticated Local File Inclusion (LFI) affecting versions up to and including 1.0.40....
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2025-31641 is a Medium-severity SQL Injection vulnerability (CVSS 6.5, CVE record) affecting the UberSlider WordPress plugin (slug: uber-classic) in versions before 2.6. This issue can be exploited by an authenticated WordPress user with...
Recent Comments