by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors MediCenter – Health Medical Clinic WordPress Theme (slug: medicenter) versions up to and including 14.9 are affected by a medium-severity reflected cross-site scripting (XSS) vulnerability (CVE-2026-28137, CVSS 6.1). This issue can be exploited by...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors ListingPro Plugin (slug: listingpro-plugin) versions up to and including 2.9.8 are affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVE-2026-28122, CVSS 6.1). The most common way this type of vulnerability is exploited is...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors The vulnerability in WP Attractive Donations System – Easy Stripe & Paypal donations (versions up to and including 1.25) is a High-severity, unauthenticated SQL Injection (CVE-2026-28115, CVSS 7.5). “Unauthenticated” means an attacker may not...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors AllInOne – Banner Rotator (slug: all-in-one-bannerRotator) versions up to and including 3.8 are affected by a Medium-severity Reflected Cross-Site Scripting (XSS) issue (CVE-2026-28112, CVSS 6.1). In practical terms, an attacker can craft a...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-28110 is a Medium severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) vulnerability affecting the WordPress plugin LambertGroup – AllInOne – Banner with Playlist (slug: all-in-one-bannerWithPlaylist) in versions up to and...
Recent Comments