by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors MailChimp Campaigns (WordPress plugin slug: olalaweb-mailchimp-campaign-manager) is affected by a Medium severity vulnerability (CVSS 5.3) tracked as CVE-2026-1303. The issue allows an attacker who can authenticate to your WordPress site (including...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors MDirector Newsletter (slug: mdirector-newsletter) versions 4.5.8 and earlier have a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability (CVE-2025-14852, CVSS 4.3). This type of issue typically doesn’t require the attacker to log in; instead,...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors WP Quick Contact Us (slug: wp-quick-contact-us) versions 1.0 and below are affected by a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability (CVE-2026-1394, CVSS 4.3). This attack does not rely on breaking into your site directly. Instead,...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors The WordPress plugin Best-wp-google-map (slug: best-wp-google-map) is affected by a Medium severity vulnerability (CVSS 6.4) identified as CVE-2026-1096. The issue impacts all versions up to and including 2.1. This is an authenticated Stored Cross-Site...
by Ivan Sorkin | Feb 13, 2026 | Plugins
Attack Vectors Percent to Infograph (slug: percent-to-infograph) has a Medium severity vulnerability (CVSS 6.4) identified as CVE-2026-1939. The issue affects all versions up to and including 1.0. The primary attack path requires an attacker to be an authenticated...
Recent Comments