by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors CVE-2026-3079 is a Medium-severity vulnerability (CVSS 6.5) affecting the LearnDash LMS WordPress plugin (sfwd-lms) in versions up to and including 5.0.3. The issue can be exploited by an authenticated user with Contributor-level access or higher. The...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors Woocommerce Custom Product Addons Pro (slug: woo-custom-product-addons-pro) is affected by a Critical vulnerability (CVSS 9.8, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) tracked as CVE-2026-4001. The risk is highest for organizations running...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors CVE-2026-3533 is a High severity vulnerability (CVSS 8.8) affecting the Jupiter X Core WordPress plugin (slug: jupiterx-core) in versions 4.14.1 and below. The risk is triggered by an attacker who already has a WordPress login with Subscriber-level...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors WP Job Portal – AI-Powered Recruitment System for Company or Job Board website (slug: wp-job-portal) is affected by a High-severity vulnerability (CVE-2026-4306, CVSS 7.5). The issue can be exploited without logging in (unauthenticated) over the network...
by Ivan Sorkin | Mar 23, 2026 | Plugins
Attack Vectors CVE-2026-2412 is a Medium-severity (CVSS 6.5) SQL Injection vulnerability in the Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker WordPress plugin (slug: quiz-master-next) affecting versions up to and including 10.3.5. The attack requires an...
Recent Comments