by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors The WordPress plugin LambertGroup – AllInOne – Content Slider (slug: all-in-one-contentSlider) is affected by a Medium-severity vulnerability (CVSS 6.1) identified as CVE-2026-28109. The issue is a reflected cross-site scripting (XSS)...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors LambertGroup – AllInOne – Banner with Thumbnails (slug: all-in-one-thumbnailsBanner) is affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVSS 6.1, CVE-2026-28108). In practical terms, an attacker can craft a link...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors Site Suggest (WordPress plugin slug: site-suggest) versions up to and including 1.3.9 are affected by a Medium-severity issue (CVSS 5.3) identified as CVE-2026-28104. The core concern is that an attacker does not need to be logged in to reach a...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-28103 is a Medium severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Responsive Zoom In/Out Slider WordPress Plugin (slug: lbg_zoominoutslider) in versions up to and including 5.4.5. The most likely attack path is...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Porto (WordPress theme) versions up to and including 7.6.2 are affected by a Medium-severity Reflected Cross-Site Scripting (XSS) issue (CVSS 6.1). The vulnerability can be exploited by an unauthenticated attacker, but it typically requires user...
Recent Comments