Archives

Gallery by FooGallery Vulnerability (Medium) – CVE-2026-25362

by Ivan Sorkin | Feb 24, 2026 | Plugins

Attack Vectors CVE-2026-25362 is a Medium-severity (CVSS 6.4) stored cross-site scripting (XSS) issue affecting Gallery by FooGallery (plugin slug: foogallery) versions <= 3.1.11. The attacker must already have an authenticated WordPress account with Author-level...

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices f…

by Ivan Sorkin | Feb 24, 2026 | Plugins

Attack Vectors CVE-2026-25364 is a Medium-severity (CVSS 5.3) missing authorization issue affecting Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress (slug: sprout-invoices) in versions up to and including 20.8.8. Because the weakness can...

SureForms – Contact Form, Payment Form & Other Custom Form Builder …

by Ivan Sorkin | Feb 24, 2026 | Plugins

Attack Vectors The issue affects the WordPress plugin SureForms – Contact Form, Payment Form & Other Custom Form Builder (slug: sureforms) in versions up to and including 2.2.1. It is rated Medium severity with a CVSS 5.3 score...

Calculated Fields Form Vulnerability (Medium) – CVE-2026-25368

by Ivan Sorkin | Feb 24, 2026 | Plugins

Attack Vectors CVE-2026-25368 is a Medium-severity missing authorization issue (CVSS 4.3) affecting the Calculated Fields Form WordPress plugin (slug: calculated-fields-form) in versions up to and including 5.4.4.1. The primary attack vector is an authenticated user...

PixelYourSite – Your smart PIXEL (TAG) & API Manager Vulnerability …

by Ivan Sorkin | Feb 24, 2026 | Plugins

Attack Vectors CVE-2026-27072 is a High severity vulnerability (CVSS 7.2) affecting the PixelYourSite – Your smart PIXEL (TAG) & API Manager WordPress plugin (pixelyoursite) in versions <= 11.2.0.1. It is an unauthenticated Stored Cross-Site Scripting (XSS)...

« Older Entries

Next Entries »

Gallery by FooGallery Vulnerability (Medium) – CVE-2026-25362

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices f…

SureForms – Contact Form, Payment Form & Other Custom Form Builder …

Calculated Fields Form Vulnerability (Medium) – CVE-2026-25368

PixelYourSite – Your smart PIXEL (TAG) & API Manager Vulnerability …

Recent Posts

Recent Comments

Categories

Meta

Location

Follow Us

Subscription

Success!