by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors WP Posts Re-order (slug: wp-posts-re-order) versions up to and including 1.0 are affected by a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability tracked as CVE-2026-1378 (CVSS 4.3; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)....
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-0609 is a Medium severity vulnerability (CVSS 6.4) affecting the Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin (slug: logo-slider-wp) in versions up to and including 4.9.0. The issue is a stored cross-site scripting...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors WPFAQBlock– FAQ & Accordion Plugin For Gutenberg (slug: wpfaqblock) is affected by CVE-2026-1093, a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4, CVE record). The vulnerability can be exploited by an authenticated WordPress user...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-1393 is a Medium severity Cross-Site Request Forgery (CSRF) issue (CVSS 4.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) affecting the WordPress plugin Add Google Social Profiles to Knowledge Graph Box (slug:...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors PQ Addons – Creative Elementor Widgets (slug: peacefulqode-elementzplus-widgets) has a Medium-severity stored cross-site scripting (XSS) vulnerability (CVE-2026-1397, CVSS 6.4) affecting versions up to and including 1.0.0. An attacker must be...
Recent Comments