by Ivan Sorkin | Feb 19, 2026 | Themes
Attack Vectors Nestin (WordPress theme, slug: nestin) versions up to 1.2.6 are vulnerable to an unauthenticated PHP Object Injection issue (Severity: High, CVSS 8.1). This means an attacker can attempt exploitation over the network without needing a login. The...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors The vulnerability affects the Quiz Maker WordPress plugin (slug: quiz-maker) in versions up to and including 6.7.1.7. It is a Medium-severity issue (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) identified as CVE-2026-2384. An attacker must...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors CVE-2026-1581 is a High severity vulnerability affecting the wpForo Forum WordPress plugin (slug: wpforo) in versions up to and including 2.4.14. It enables an unauthenticated time-based SQL injection using the wpfob parameter, meaning an attacker can...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors Product Table and List Builder for WooCommerce Lite (slug: wc-product-table-lite) has a High severity vulnerability (CVSS 7.5, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) that can be exploited remotely over the internet. The issue is an...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors CVE-2026-2718 affects the WordPress plugin Dealia – Request a quote (slug: dealia-request-a-quote) in versions up to and including 1.0.6. This is a Medium severity issue (CVSS 6.4, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N), meaning it can be...
Recent Comments