by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Product: Performance Monitor (WordPress plugin, slug: performance-monitor) Vulnerability: CVE-2026-1648 (High severity, CVSS 7.2; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) This High-severity issue is exploitable over the internet with no...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors e-shot (WordPress plugin slug: e-shot-form-builder) versions up to and including 1.0.2 contain a Medium-severity vulnerability (CVSS 5.3) tracked as CVE-2026-3546. The issue involves a missing authorization check that allows any authenticated WordPress...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3645 affects Punnel – Landing Page Builder (slug: punnel-landing-page-builder) in versions up to and including 1.3.1. This is rated Medium severity with a CVSS 5.3 score (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). The issue is exploitable...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Smarter Analytics (slug: smarter-analytics) versions 2.0 and below are affected by a Medium-severity issue (CVSS 5.3) where an unauthenticated attacker can trigger a plugin configuration reset by sending a web request that includes a reset parameter....
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-1908 is a Medium severity vulnerability (CVSS 6.4) affecting the Integration with Hubspot Forms WordPress plugin (slug: integration-with-hubspot-forms) in versions up to and including 1.2.2. The issue can be exploited by an authenticated...
Recent Comments