by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Simple Football Scoreboard (slug: simple-football-score-board) versions 1.0 and below have a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) tracked as CVE-2026-1891. The attack requires an authenticated WordPress account with...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Task Manager (WordPress plugin slug: task-manager) is affected by CVE-2026-2351, a Medium severity issue (CVSS 6.5; vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). The vulnerability is exploitable by an authenticated user with Subscriber-level...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-4127 affects the Speedup Optimization WordPress plugin (slug: speedup-optimization) in versions <= 1.5.9 and is rated Medium severity (CVSS 5.3, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). The issue is tied to an AJAX endpoint...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Task Manager (WordPress plugin slug: task-manager) is reported as vulnerable in versions up to and including 3.0.2 to an arbitrary shortcode execution issue (severity: Medium, CVSS 6.5) tracked as CVE-2026-4004. According to the published advisory, an...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Product: Outgrow (WordPress plugin, slug: outgrow) Vulnerability: CVE-2026-1889 (Severity: Medium, CVSS 6.4; Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affecting Outgrow versions up to and including 2.1. This issue can be exploited by an...
Recent Comments