by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors SEO Flow by LupsOnline (WordPress plugin slug: lupsonline-link-netwerk) has a High severity vulnerability (CVSS 7.5) tracked as CVE-2025-15285. It affects all versions up to and including 2.2.1. Because the issue can be exploited without logging in...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors TARIFFUXX (slug: tariffuxx) versions up to and including 1.4 contain a Medium-severity vulnerability (CVSS 6.5, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) tracked as CVE-2025-10682. The primary attack path is through the tariffuxx_configurator...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-30999 is a High severity vulnerability (CVSS 8.8) affecting the WP Shopify / External Store for Shopify WordPress plugin (slug: wp-shopify) in versions up to and including 1.5.9. The issue is exploitable by an authenticated attacker with...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-57912 is a medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 4.4) affecting Dialogity Free Live Chat (WordPress plugin slug: dialogity-website-chat) in versions up to and including 1.0.3. The attack requires an authenticated...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-2356 is a medium-severity vulnerability (CVSS 5.3) in the WordPress plugin User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder (slug:...
Recent Comments