by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2026-25453 is a Medium-severity vulnerability (CVSS 6.4) affecting the Advanced iFrame WordPress plugin (slug: advanced-iframe) in versions up to and including 2025.10. It is an authenticated stored cross-site scripting (XSS) issue, meaning an...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2026-25451 is a Medium-severity stored cross-site scripting (XSS) issue (CVSS 6.4) affecting Bold Page Builder (slug: bold-page-builder) versions up to and including 5.6.7. The vulnerability can be exploited by an authenticated user with...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors Omnipress (WordPress plugin, slug: omnipress) versions <= 1.6.7 are affected by an authenticated Stored Cross-Site Scripting (XSS) vulnerability tracked as CVE-2026-25432 with Medium severity (CVSS 6.4, vector:...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2026-25423 affects the WordPress plugin Real 3D Flipbook – 3D FlipBook, PDF FlipBook, PDF Viewer, PDF Embedder (slug: real3d-flipbook-lite) in versions up to and including 4.16.4. This is a Medium-severity issue (CVSS 4.3) that can be exploited...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2026-25416 is a Medium-severity authorization issue (CVSS 4.3) affecting News Kit Addons For Elementor (slug: news-kit-elementor-addons) in versions <= 1.4.2. Because the weakness can be reached over the network and does not require user...
Recent Comments