by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Severity: Medium (CVSS 5.3) — CVE-2025-11771 affects the WordPress plugin Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO (slug: tokenico-cryptocurrency-token-launchpad-presale-ico-ido-airdrop) in versions up to and...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors This Medium-severity vulnerability (CVSS 4.3) in the WordPress plugin Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO (slug: tokenico-cryptocurrency-token-launchpad-presale-ico-ido-airdrop) affects versions up to and...
by Ivan Sorkin | Feb 13, 2026 | Themes
Attack Vectors CVE-2024-43334 is a Medium severity (CVSS 6.1) reflected cross-site scripting (XSS) issue affecting the Paroti – Nonprofit Charity WordPress Theme (slug: paroti) across various versions. Because the attack is reflected, it typically relies on...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Bayarcash WooCommerce (WordPress plugin slug: bayarcash-wc) is affected by a Medium severity missing authorization issue (CVE: CVE-2026-24606, CVSS 5.3). In versions up to and including 4.3.12, a function lacks a required capability check, which can...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Link Hopper (slug: link-hopper) has a Medium severity vulnerability (CVSS 4.4) identified as CVE-2025-15483. The issue is a Stored Cross-Site Scripting (XSS) weakness that can be triggered through the “hop_name” parameter in Link Hopper versions 2.5 and...
Recent Comments