by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25331 affects the WP Activity Log plugin (slug: wp-security-audit-log) in versions up to and including 5.5.4. This is a Medium-severity issue (CVSS 6.4, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N). The vulnerability is an authenticated...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors Severity: Medium (CVSS 5.3). The WordPress plugin Alt Text AI – Automatically generate image alt text for SEO and accessibility (also referred to as Download Alt Text AI) is affected in versions up to and including 1.10.15 by CVE-2026-25348 (CVE...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors Gallery by FooGallery (plugin slug: foogallery) is affected by a Medium-severity vulnerability (CVSS 6.4) tracked as CVE-2026-25362. The issue impacts versions up to and including 3.1.11. This is an authenticated, Author+ stored cross-site scripting...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress (slug: sprout-invoices) is affected by CVE-2026-25364, rated Medium severity (CVSS 5.3). According to the published advisory, versions up to and including 20.8.8 may allow...
by Ivan Sorkin | Feb 24, 2026 | Plugins
Attack Vectors CVE-2026-25363 affects the WordPress plugin Gallery by FooGallery (slug: foogallery) up to and including version 3.1.11. The issue is categorized as Medium severity (CVSS 4.3, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N), meaning it can be...
Recent Comments