by Ivan Sorkin | Apr 14, 2026 | Uncategorized
Vulnerability: CVE-2026-24636 (Medium severity, CVSS 4.3) impacts Sugar Calendar (Lite) – Events Calendar, Event Tickets, and Events Management Platform (slug: sugar-calendar-lite) in versions up to and including 3.9.1. The issue is a missing authorization check that...
by Ivan Sorkin | Apr 14, 2026 | Uncategorized
Attack Vectors Product affected: Test Plugin (test-plugin) Severity: Medium (CVSS 5.5; CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N) This vulnerability (CVE-0000-0001) can be reached over the network and does not require user interaction, meaning it may be exploitable...
by Ivan Sorkin | Apr 14, 2026 | Uncategorized
Attack Vectors Test Plugin (slug: test-plugin) has a Medium severity vulnerability (CVSS 5.5) tracked as CVE-0000-0001. Based on the published CVSS vector (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N), the most likely path to exploitation is remote access over the...
by Ivan Sorkin | Mar 26, 2026 | Plugins
Attack Vectors Smart Slider 3 (WordPress plugin slug: smart-slider-3) is affected by CVE-2026-3098, a Medium-severity vulnerability (CVSS 6.5) that can be exploited by an authenticated user with Subscriber-level access or higher. This matters for business sites...
by Ivan Sorkin | Mar 26, 2026 | Plugins
Attack Vectors CVE-2026-2511 is a High-severity (CVSS 7.5) vulnerability affecting the WordPress plugin JS Help Desk – AI-Powered Support & Ticketing System (slug: js-support-ticket) in versions 3.0.4 and earlier. It can be exploited remotely over the internet and...
Recent Comments