by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors Advanced Woo Labels – Product Labels & Badges for WooCommerce (slug: advanced-woo-labels) has a High severity vulnerability (CVSS 8.8) tracked as CVE-2026-1929. The key risk is that an attacker only needs an authenticated WordPress account with...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-2416 is a High-severity vulnerability (CVSS 7.5) affecting the Geo Mashup WordPress plugin (geo-mashup) in versions up to and including 1.13.17. The issue can be exploited remotely over the internet and does not require a user to be logged in....
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors WPGSI: Spreadsheet Integration (slug: wpgsi) versions 3.8.3 and earlier are affected by a High severity vulnerability (CVSS 7.5) that enables unauthenticated attackers to create and delete WordPress posts by abusing exposed REST API endpoints. The...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25348 affects the WordPress plugin Alt Text AI – Automatically generate image alt text for SEO and accessibility (slug: alttext-ai) in versions up to and including 1.10.15. It is rated Medium severity (CVSS 5.3; vector...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25363 is a Medium-severity missing-authorization issue (CVSS 4.3, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) affecting Gallery by FooGallery (FooGallery) for WordPress (plugin slug: foogallery) in versions up to and including 3.1.11....
Recent Comments