by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors ARPrice – WordPress Pricing Table Plugin (slug: arprice) is affected by a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVE-2024-49700, CVSS 6.1). The primary attack path is link-based social engineering: an unauthenticated...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors The LeadBoxer WordPress plugin (slug: leadboxer) is affected by a Medium-severity vulnerability (CVE-2024-52468, CVSS 6.1) impacting versions up to and including 1.3. This is a reflected cross-site scripting (XSS) issue, meaning an attacker can attempt...
by Ivan Sorkin | Feb 26, 2026 | Themes
Attack Vectors ListingPro – WordPress Directory & Listing Theme (slug: listingpro) has a High-severity vulnerability (CVE-2024-39624, CVSS 8.8, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting all versions up to and including 2.9.4. Because...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2024-47338 affects the WPExperts Square For GiveWP WordPress plugin (slug: wpexperts-square-for-give) in versions up to and including 1.3. This is a Medium severity issue (CVSS 4.9) that can be exploited over the network without user interaction,...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2024-38733 affects the WordPress plugin Meks Video Importer (slug: meks-video-importer) in versions up to and including 1.0.12. It is rated Medium severity with a CVSS score of 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). Because this issue...
Recent Comments