by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32455 is a Medium-severity vulnerability (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affecting the MDTF – Meta Data and Taxonomies Filter WordPress plugin (slug: wp-meta-data-filter-and-taxonomy-filter) in versions up to and...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Everest Forms Pro (WordPress plugin, slug: everest-forms-pro) is affected by a High severity vulnerability (CVE-2026-27070, CVSS 7.2; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N). Because this is an unauthenticated stored cross-site scripting...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32458 is a Medium-severity (CVSS 4.9) SQL Injection vulnerability affecting WOLF – WordPress Posts Bulk Editor and Manager Professional (slug: bulk-editor) in versions <= 1.0.8.7. The attack requires an authenticated WordPress user with...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Website LLMs.txt (slug: website-llms-txt) versions 8.2.6 and earlier are affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVE-2026-27068, CVSS 6.1). The most likely attack path is social engineering: an unauthenticated attacker...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-2687 is a Medium severity Stored Cross-Site Scripting (XSS) issue (CVSS 4.4: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N) affecting the Reading progressbar WordPress plugin (slug: reading-progress-bar) in versions up to 1.3.1. The attack...
Recent Comments