Ivan Sorkin | WPFore

RegistrationMagic – Custom Registration Forms, User Registration, P…

by Ivan Sorkin | Mar 19, 2026 | Plugins

Attack Vectors CVE-2026-24373 is a Critical authentication bypass vulnerability (CVSS 9.8, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the WordPress plugin RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login...

Mobile App Editor – WordPress to Android App Builder Vulnerability …

by Ivan Sorkin | Mar 19, 2026 | Plugins

Attack Vectors Mobile App Editor – WordPress to Android App Builder (slug: mobile-app-editor) has a High severity vulnerability (CVSS 7.2, CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) tracked as CVE-2026-27067. Because it requires an authenticated user with...

Penci Soledad Data Migrator Vulnerability (Medium) – CVE-2026-27054

by Ivan Sorkin | Mar 19, 2026 | Plugins

Attack Vectors CVE-2026-27054 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Penci Soledad Data Migrator WordPress plugin (penci-data-migrator) in versions up to and including 1.3.1. The primary attack path is social...

Xagio SEO – AI Powered SEO Vulnerability (Medium) – CVE-2026-24968

by Ivan Sorkin | Mar 19, 2026 | Plugins

Attack Vectors CVE-2026-24968 affects the WordPress plugin Xagio SEO – AI Powered SEO (slug: xagio-seo) in versions up to and including 7.1.0.30. Because this is an unauthenticated privilege escalation, an attacker can target a site remotely over the internet without...

Instant VA – Virtual Assistant Elementor Template Kit Vulnerability…

by Ivan Sorkin | Mar 19, 2026 | Themes

Attack Vectors Instant VA – Virtual Assistant Elementor Template Kit (slug: instantva) has a High severity vulnerability (CVSS 8.1, CVE-2026-24969) that can be exploited by an attacker who can log in as a Subscriber (or higher). This matters because Subscriber...

« Older Entries

Next Entries »

RegistrationMagic – Custom Registration Forms, User Registration, P…

Mobile App Editor – WordPress to Android App Builder Vulnerability …

Penci Soledad Data Migrator Vulnerability (Medium) – CVE-2026-27054

Xagio SEO – AI Powered SEO Vulnerability (Medium) – CVE-2026-24968

Instant VA – Virtual Assistant Elementor Template Kit Vulnerability…

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!