by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2024-32086 is a high-severity issue (CVSS 7.5) affecting the Citadela Directory WordPress plugin (slug: citadela-directory) in versions up to and including 5.18.1. The primary concern is that the exposure is unauthenticated, meaning an attacker does...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2024-31366 affects the WordPress plugin Post Type Builder (slug: themify-ptb) in versions earlier than 2.1.4. The issue is rated Medium severity (CVSS 4.3; CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N), meaning it is reachable over the network and...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2024-25931 is a Medium severity Cross-Site Request Forgery (CSRF) vulnerability affecting the Heureka WordPress plugin (slug: heureka) in all versions up to and including 1.0.8 (CVSS 4.3). This type of attack relies on user interaction: an...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2023-49841 is a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 4.4) affecting Optin Forms – Simple List Building Plugin for WordPress (slug: optin-forms) in versions up to and including 1.3.6. The attack requires an authenticated user...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors The vulnerability (CVE-2023-33215, CVE record) affects the WordPress plugin Taggbox: Embed LinkedIn, Facebook, Instagram, TikTok, YouTube & More Social Media Widgets (slug: taggergbox-widget) versions up to and including 3.3. It is rated Medium...
Recent Comments