by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors This medium-severity vulnerability (CVE-2025-12884, CVSS 4.3) affects the WordPress plugin Advanced Ads – Ad Manager & AdSense up to version 2.0.14. The risk comes from an attacker who already has a valid login on your site. The most likely entry...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors Critical risk: CVE-2025-12882 affects the WordPress plugin Clasifico Listing (slug: clasifico-listing) in versions up to, and including, 2.0, with a CVSS score of 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The primary attack path is...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-13048 affects the WordPress plugin StatCounter – Free Real Time Visitor Stats (slug: official-statcounter-plugin-for-wordpress) in versions up to and including 2.1.0. It is a Medium severity issue (CVSS 6.4). The attack requires an...
by Ivan Sorkin | Feb 18, 2026 | Themes
Attack Vectors The WordPress theme NewsBlogger (versions 0.2.5.6 to 0.2.6.1) is affected by a High severity vulnerability (CVE-2025-12821, CVSS 8.8) that can be exploited through Cross-Site Request Forgery (CSRF). In practical terms, an attacker does not need to log...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2025-13079 affects the WordPress plugin Popup Builder – Create highly converting, mobile friendly marketing popups. (slug: popup-builder) in versions up to and including 4.4.2. The severity is Medium (CVSS 5.3). The primary attack path is an...
Recent Comments