by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-32306 is a Medium-severity SQL Injection vulnerability (CVSS 6.5) affecting the Radio Player Shoutcast & Icecast WordPress Plugin (slug: audio4-html5) in versions 4.4.6 and earlier. The attack requires an attacker to be authenticated with...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-24543 is a Medium-severity (CVSS 4.3) missing authorization issue affecting the Materialis Companion WordPress plugin (slug: materialis-companion) in versions up to and including 1.3.52. Because the vulnerable function lacks a proper capability...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-24553 is a Medium-severity information exposure issue (CVSS 4.3) affecting the Fraud Prevention For WooCommerce and EDD WordPress plugin (slug: woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers) in versions up to and including...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2024-43257 is a medium-severity sensitive information exposure issue (CVSS 4.3) affecting Leopard – WordPress Offload Media (slug: leopard-wordpress-offload-media) in versions up to and including 2.0.36. The key business concern is that the...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-2301 is a Medium-severity vulnerability (CVSS 4.3) affecting the Post Duplicator WordPress plugin (slug: post-duplicator) in versions 3.0.8 and below. The issue can be abused by an authenticated user with Contributor-level access or higher. By...
Recent Comments