by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-14427 affects the WordPress plugin “Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches” (slug: wp-simple-firewall) in versions up to and including 21.0.9. The issue is rated Medium severity (CVSS 4.3) and can be...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-14342 affects the WordPress plugin SEO Plugin by Squirrly SEO (slug: squirrly-seo) in versions up to and including 12.4.14. It is rated Medium severity (CVSS 4.3), and the reported risk comes from the fact that an attacker only needs an...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-13930 affects the WordPress plugin Checkout Field Manager (Checkout Manager) for WooCommerce (slug: woocommerce-checkout-manager) in versions up to and including 7.8.5. The issue is rated Medium severity (CVSS 5.3). An unauthenticated attacker...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors The vulnerability in OneClick Chat to Order (slug: oneclick-whatsapp-order) affects versions up to and including 1.0.9 and is rated Low severity (CVSS 2.7, CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). It can be exploited by an authenticated user who...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors The Tennis Court Bookings WordPress plugin (slug: tennis-court-bookings) is affected by an authenticated stored cross-site scripting (XSS) issue rated Medium severity (CVSS 4.4; CVE-2026-1044). An attacker would need administrator-level (or higher)...
Recent Comments