by Ivan Sorkin | Mar 20, 2026 | Plugins
CVE-2026-3516 is a medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) affecting the Contact List – Online Staff Directory & Address Book WordPress plugin (slug: contact-list) in versions up to and including 3.0.18. It allows an...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3368 is a High-severity (CVSS 7.2) vulnerability affecting the Injection Guard WordPress plugin (slug: injection-guard) in versions up to and including 1.2.9. It is an unauthenticated stored cross-site scripting (XSS) issue that can be...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Keep Backup Daily (slug: keep-backup-daily) versions 2.1.2 and earlier are affected by CVE-2026-3577, a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 4.4). The attack requires an authenticated WordPress user with Administrator-level...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Keep Backup Daily (WordPress plugin slug: keep-backup-daily) is affected by CVE-2026-3339, a Low severity issue (CVSS 2.7; vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). The vulnerability is reachable through the plugin’s kbd_open_upload_dir AJAX...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3350 is a Medium-severity (CVSS 6.4) stored cross-site scripting (XSS) issue affecting Image Alt Text Manager – Bulk & Dynamic Alt Tags For image SEO Optimization + AI (WordPress plugin slug: alt-manager) in versions 1.8.2 and earlier. The...
Recent Comments