by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors The Virusdie – One-click website security WordPress plugin (slug: virusdie) has a Medium-severity vulnerability (CVE-2025-14864, CVSS 4.3) affecting versions up to and including 1.1.7. An attacker must be able to log in to your WordPress site with at...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-14445 is a Medium severity vulnerability (CVSS 6.4) affecting the WordPress plugin Image Hotspot by DevVN (slug: devvn-image-hotspot) in versions up to and including 1.2.9. The issue is an authenticated stored cross-site scripting (XSS) flaw...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors WP Customer Reviews (slug: wp-customer-reviews) is affected by a High-severity reflected cross-site scripting (XSS) vulnerability in versions up to and including 3.7.5, tracked as CVE-2025-14452 (CVSS 7.2, vector...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors The vulnerability CVE-2026-0722 affects the WordPress plugin “Shield: Blocks Bots, Protects Users, and Prevents Security Breaches” (slug: wp-simple-firewall) in versions up to and including 21.0.8, with a stated severity of Medium (CVSS 6.5). The...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2026-0561 is a Medium severity reflected cross-site scripting (XSS) issue affecting the WordPress plugin Shield: Blocks Bots, Protects Users, and Prevents Security Breaches (slug: wp-simple-firewall) in versions 21.0.8 and below. The attack is...
Recent Comments