by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-22335 is a Medium-severity (CVSS 6.5) SQL Injection vulnerability affecting WooCommerce Frontend Manager – Ultimate (slug: wc-frontend-manager-ultimate) in versions up to 6.7.7. The risk is not limited to anonymous visitors: an attacker needs...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors CVE-2025-27362 is a Critical vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the Petito – Animals and Pets Store WooCommerce Theme (slug: bw-petito) in versions up to and including 1.6.4. It is an unauthenticated...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors CVE-2025-24761 affects the DSK – Furniture Store WooCommerce WordPress Theme (slug: dsk) in versions below 2.4. Because the issue is unauthenticated, an external attacker can target a vulnerable site over the internet without needing a username or...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-24553 is a Medium severity vulnerability (CVSS 4.3) affecting Fraud Prevention For WooCommerce and EDD (WordPress plugin slug: woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers) in versions up to and including 2.3.2. The issue...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors WishList Member X (WordPress plugin slug: wishlist-member-x) is affected by CVE-2024-37111, a Medium severity issue (CVSS 5.3, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) impacting all versions prior to 3.26.7. The risk is primarily exposure...
Recent Comments