by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors MetForm Pro (slug: metform-pro) versions up to and including 3.9.1 are affected by CVE-2026-24611, rated Medium severity (CVSS 5.3). According to Wordfence, the issue can allow unauthenticated attackers (no login required) to trigger an unauthorized...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-24970 affects the Energox | EV Charging Station WordPress Theme (theme slug: energox) in versions up to and including 1.2. This is a High severity issue (CVSS 8.1, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), meaning an attacker can...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors The vulnerability CVE-2026-27051 affects the Golo – City Travel Guide WordPress Theme (slug: golo) in versions 1.7.0 and below. It is rated Critical with a CVSS 9.8 score (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), meaning it can be exploited...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2025-15473 affects the WordPress plugin Timetics – Appointment Booking Calendar & Scheduling System (slug: timetics) in versions below 1.0.52. Because the issue can be triggered without logging in (no account required), an external attacker can...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-24372 is a Medium-severity vulnerability (CVSS 5.3) affecting the Subscriptions for WooCommerce WordPress plugin (slug: subscriptions-for-woocommerce) in versions up to and including 1.8.10. Because the issue can be triggered by unauthenticated...
Recent Comments