by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2025-31850 is a Medium severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting the PDF Generator for WordPress Elementor plugin (slug: pdf-generator-addon-for-elementor-page-builder) in versions up to and including 2.1.0. The key risk...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors Membee Login (WordPress plugin slug: membees-member-login-widget) is affected by a High-severity vulnerability (CVSS 7.2) identified as CVE-2025-68844. The issue is an unauthenticated stored cross-site scripting (XSS) flaw in versions up to and...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24528 affects the WordPress plugin Nova Blocks by Pixelgrade (slug: nova-blocks) in versions 2.1.9 and earlier. It is a Medium severity issue (CVSS 6.4) involving stored cross-site scripting (XSS), where malicious code can be saved into site...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2025-31819 is a Medium severity vulnerability (CVSS 6.4) affecting the Nova Blocks by Pixelgrade WordPress plugin (slug: nova-blocks) in versions up to and including 2.1.8. It allows an authenticated user with Contributor-level access or higher to...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2025-62752 affects the WordPress plugin Calendar.online / Kalender.digital (plugin slug: kalender-digital) in versions up to and including 1.0.13. This is a Medium severity issue (CVSS 6.4), and it requires an attacker to be an authenticated...
Recent Comments