by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors Easy Taxonomy Images (slug: easy-taxonomy-images) has a High-severity vulnerability (CVSS 7.2; vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) that allows unauthenticated attackers to inject malicious code into your WordPress site. Because this...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors Page Builder – AIO WP Builder: #1 Website Builder for WordPress (slug: all-in-one-wp-builder) is affected by CVE-2025-53217, rated Medium severity (CVSS 4.3). The issue can be exploited remotely over the network by an authenticated user who has at least...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2025-53228 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) vulnerability affecting the bbpress Simple Advert Units WordPress plugin (bbpress-simple-advert-units) in versions <= 0.41. The primary risk scenario is link-based...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors Bravis User (slug: bravis-user) has a High-severity vulnerability (CVSS 8.1) that can be exploited remotely over the internet (AV:N). In practical terms, this means an attacker does not need a login (PR:N) or user interaction (UI:N) to attempt...
by Ivan Sorkin | Feb 26, 2026 | Plugins
Attack Vectors CVE-2026-2383 is a medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting the Simple Download Monitor WordPress plugin (simple-download-monitor) in versions 4.0.5 and earlier. The vulnerability can be exploited by an authenticated...
Recent Comments