by Ivan Sorkin | Mar 25, 2026 | Plugins
Attack Vectors CVE-2026-4335 is a Medium severity (CVSS 5.4) Stored Cross-Site Scripting (XSS) issue affecting ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF (slug: shortpixel-image-optimiser) in versions 6.4.3 and below. The attack requires an...
by Ivan Sorkin | Mar 25, 2026 | Plugins
Attack Vectors Masteriyo LMS – Online Course Builder for eLearning, LMS & Education (slug: learning-management-system) is affected by a Critical privilege escalation vulnerability (CVE-2026-4484) in versions 2.1.6 and below. The issue allows an authenticated user...
by Ivan Sorkin | Mar 25, 2026 | Plugins
Attack Vectors CVE-2026-4758 is a High-severity issue (CVSS 8.8) affecting WP Job Portal – AI-Powered Recruitment System for Company or Job Board website (slug: wp-job-portal) versions 2.4.9 and earlier. The vulnerability is authenticated, meaning an attacker needs a...
by Ivan Sorkin | Mar 24, 2026 | Plugins
Attack Vectors CVE-2026-2991 is a High-severity authentication bypass vulnerability (CVSS 7.3) affecting the KiviCare – Clinic & Patient Management System (EHR) WordPress plugin (kivicare-clinic-management-system) in versions up to and including 4.1.2. An...
by Ivan Sorkin | Mar 24, 2026 | Plugins
Attack Vectors CVE-2026-4766 is a Medium severity stored cross-site scripting (XSS) issue (CVSS 6.4, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affecting the Easy Image Gallery WordPress plugin (slug: easy-image-gallery) in versions up to and including...
Recent Comments