by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Product: Ed’s Font Awesome (slug: eds-font-awesome) Vulnerability: CVE-2026-2496 (Medium severity, CVSS 6.4; vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) This issue affects Ed’s Font Awesome versions 2.0 and earlier. An attacker...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Ed’s Social Share (slug: eds-social-share) has a Medium-severity vulnerability (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) tracked as CVE-2026-2501. The issue affects all versions up to, and including, 2.0. An attacker must be...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Product: ElementCamp (slug: element-camp) Severity: Medium (CVSS 6.5 – CVE-2026-2503) This issue affects the ElementCamp WordPress plugin in versions up to and including 2.3.6. The vulnerability is an authenticated (Author+) SQL injection that can be...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Fonts Manager | Custom Fonts (slug: fonts-manager-custom-fonts) is affected by a High severity vulnerability (CVSS 7.5, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) tracked as CVE-2026-1800. Because the issue is unauthenticated, an attacker does not...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3353 is a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 4.4) affecting the Comment SPAM Wiper WordPress plugin (comment-spam-wiper) in versions up to and including 1.2.1. The attack path requires an authenticated user...
Recent Comments