by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors The WordPress plugin New User Approve (slug: new-user-approve) has a Medium-severity vulnerability (CVSS 5.3) tracked as CVE-2025-69063. The issue affects all versions up to and including 3.2.0. Because the vulnerability can be exploited by...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors The WordPress plugin Cnvrse (slug: cnvrse) is affected by a Medium-severity issue (CVSS 5.3) tracked as CVE-2025-69394. This vulnerability can be exploited remotely over the internet and does not require an attacker to be logged in. Because the weakness...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors CVE-2025-69401 is a Medium-severity (CVSS 5.3) vulnerability affecting the WordPress plugin WooODT Lite – Delivery & pickup date time location for WooCommerce (slug: byconsole-woo-order-delivery-time) in versions up to and including 2.5.2. The issue...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors CVE-2025-68514 is a Medium severity vulnerability (CVSS 4.3) affecting the WordPress plugin Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (slug: paid-member-subscriptions) in versions up to and...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors Bravis Addons (WordPress plugin slug: bravis-addons) has a High-severity vulnerability (CVSS 8.8) that can be triggered by an attacker who already has a login on your site at the Subscriber level or higher. In practical business terms, this is most...
Recent Comments