by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors WP Job Portal – AI-Powered Recruitment System for Company or Job Board website (slug: wp-job-portal) is affected by a High-severity vulnerability (CVE-2026-4306, CVSS 7.5). The issue can be exploited without logging in (unauthenticated) over the network...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors CVE-2026-2412 is a Medium-severity (CVSS 6.5) SQL Injection vulnerability in the Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker WordPress plugin (slug: quiz-master-next) affecting versions up to and including 10.3.5. The attack requires an...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors LearnPress – WordPress LMS Plugin for Create and Sell Online Courses (slug: learnpress) versions up to and including 4.3.2.8 are affected by CVE-2026-3225, a Medium severity issue (CVSS 4.3; CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). The primary...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors Smart Custom Fields (slug: smart-custom-fields) is affected by CVE-2026-4066 with Medium severity (CVSS 4.3; vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). The primary attack path is through the plugin’s AJAX endpoint for relational post...
by Ivan Sorkin | Mar 22, 2026 | Plugins
Attack Vectors CVE-2025-13997 is a Medium-severity vulnerability (CVSS 5.3) affecting the WordPress plugin King Addons for Elementor – 80+ Elementor Widgets, 4,000+ Elementor Templates, WooCommerce, Mega Menu, Popup Builder (slug: king-addons) in versions up to and...
Recent Comments