by Ivan Sorkin | Feb 12, 2026 | Themes
Attack Vectors CVE-2024-43334 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) vulnerability affecting Paroti – Nonprofit Charity WordPress Theme (slug: paroti) and other themes by gavias in various versions. Because exploitation does not...
by Ivan Sorkin | Feb 12, 2026 | Themes
Attack Vectors Oxpitan (the “Oxpitan – Nonprofit Charity WordPress Theme,” slug: oxpitan) versions up to and including 1.3.1 are affected by a Critical Local File Inclusion (LFI) vulnerability (CVE-2025-32294, CVSS 9.8). Because this issue is unauthenticated, an...
by Ivan Sorkin | Feb 12, 2026 | Plugins
Attack Vectors FastDup – Fastest WordPress Migration & Duplicator (slug: fastdup) in versions 2.7.1 and earlier has a High-severity vulnerability (CVSS 8.8, CVE-2026-1104) that can be exploited by an attacker who already has an authenticated WordPress account with...
by Ivan Sorkin | Feb 12, 2026 | Plugins
Attack Vectors Secure Copy Content Protection and Content Locking (slug: secure-copy-content-protection) is affected by a High severity issue (CVSS 7.2, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) tracked as CVE-2026-1320. The reported attack path involves an...
by Ivan Sorkin | Feb 12, 2026 | Plugins
Attack Vectors CVE-2026-1316 is a High severity vulnerability (CVSS 7.2) affecting the Customer Reviews for WooCommerce WordPress plugin (slug: customer-reviews-woocommerce) in versions up to and including 5.97.0. The primary attack path is an unauthenticated Stored...
Recent Comments