by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-1368 affects the Video Conferencing with Zoom WordPress plugin (slug: video-conferencing-with-zoom-api) and is rated Medium severity (CVSS 5.3; CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Because the issue can be exploited over the network...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25384 is a Medium-severity missing authorization issue (CVSS 5.3) affecting WP-Lister Lite for eBay (slug: wp-lister-for-ebay) in versions up to and including 3.8.5. The vulnerability stems from a missing capability check on a plugin function,...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25386 is a medium-severity (CVSS 5.3) missing authorization issue in the Ally – Web Accessibility & Usability WordPress plugin (slug: pojo-accessibility) affecting versions up to and including 4.0.2. Because the vulnerable function lacks a...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25387 affects the Image Optimizer – Optimize Images and Convert to WebP or AVIF plugin (slug: image-optimization), also known as Image Optimizer by Elementor, in versions up to and including 1.7.1. The severity is rated Medium (CVSS 4.3). This...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25388 is a Medium-severity (CVSS 4.3) missing-authorization issue in the Ads Pro Plugin – Multi-Purpose WordPress Advertising Manager (slug: ap-plugin-scripteo) affecting versions up to and including 5.0. The weakness can be exploited...
Recent Comments