by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Severity: Critical (CVSS 9.8) — CVE-2026-4038 affects the WordPress plugin Aimogen Pro – All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit (all versions up to and including 2.7.5). Because the vulnerable pathway can be...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-24971 affects the Search & Go – Directory WordPress Theme (slug: searchgo) in versions 2.8 and below. The primary attack vector is authenticated access: an attacker only needs a valid WordPress account with Subscriber-level privileges...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32461 is a Medium-severity missing authorization issue (CVSS 4.3, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) affecting the WordPress plugin Really Simple Security – Simple and Performant Security (formerly Really Simple SSL) (slug:...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Active Products Tables for WooCommerce. Use constructor to create tables (slug: profit-products-tables-for-woocommerce) has a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability affecting versions up to and including 1.0.7 (CVE-2026-32450,...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-27071 is a Medium-severity (CVSS 5.3) vulnerability affecting WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution (WordPress plugin slug: wp-cafe) in versions up to and including 3.0.7. The issue can be triggered...
Recent Comments