by Ivan Sorkin | Feb 11, 2026 | Themes
Attack Vectors Constix – Construction Factory & Industrial WordPress Theme (slug: constix) is affected by CVE-2024-43334, a Medium-severity reflected cross-site scripting (XSS) issue (CVSS 6.1, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This type...
by Ivan Sorkin | Feb 11, 2026 | Themes
Attack Vectors CVE-2024-43334 is a Medium severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) and other “themes by gavias” across various versions. Because...
by Ivan Sorkin | Feb 11, 2026 | Plugins
Attack Vectors CVE-2026-1537 affects the WordPress plugin LatePoint – Calendar Booking Plugin for Appointments and Events (slug: latepoint-2) in versions 5.2.6 and below. This is a Medium-severity issue (CVSS 5.3) that allows an unauthenticated attacker—someone who is...
by Ivan Sorkin | Feb 11, 2026 | Themes
Attack Vectors CVE-2026-1729 is a Critical authentication bypass affecting the AdForest WordPress theme (slug: adforest) in versions up to and including 6.0.12. Because the issue can be exploited remotely over the internet with no prior access required (CVSS 9.8), it...
by Ivan Sorkin | Feb 11, 2026 | Plugins
Attack Vectors CVE-2025-13391 affects the WordPress plugin Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) (slug: uni-woo-custom-product-options-premium) and is rated Medium severity (CVSS 5.8). In versions up to and including...
Recent Comments