by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-2289 affects the WordPress plugin Taskbuilder – Project Management & Task Management Tool With Kanban Board (slug: taskbuilder) in versions up to and including 5.0.3. It is a Medium-severity stored cross-site scripting (XSS) issue (CVSS...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors WPBookit (slug: wpbookit) is affected by a High severity Stored Cross-Site Scripting issue (CVE-2026-1945) in versions up to and including 1.0.8. The core risk is that an unauthenticated attacker can submit malicious content through the wpb_user_name...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-1980 affects the WPBookit WordPress plugin (slug: wpbookit) in versions up to 1.0.8. The issue is rated Medium severity (CVSS 5.3) and stems from a route called get_customer_list that lacks a required authorization check. From a business...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-1651 affects the WordPress plugin Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress (slug: email-subscribers) in versions up to 5.9.16. It is rated Medium severity (CVSS 6.5). This...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors PostX (plugin: Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX, slug: ultimate-post) has a High severity vulnerability (CVSS 7.2, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) tracked as CVE-2026-1273. It affects all versions up to...
Recent Comments