by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-25452 is a High-severity vulnerability (CVSS 7.2, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) affecting the WordPress plugin Remoji – Post/Comment Reaction and Enhancement (slug: remoji) in versions up to and including 2.2. Because...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2025-15363 is a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting Get Use APIs – JSON Content Importer (slug: json-content-importer) in versions prior to 2.0.10. The attack requires an authenticated WordPress account with...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-4136 is a Medium-severity unvalidated redirect vulnerability affecting the Membership Plugin – Restrict Content WordPress plugin (slug: restrict-content) in all versions up to and including 3.2.24. The issue can be triggered during the password...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-22507 affects the Beelove | Honey Production and Sweets Online Store WordPress Theme (slug: beelove) in versions up to and including 1.2.6. The issue is rated High severity (CVSS 8.1), and it is unauthenticated, meaning an attacker does not...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-22510 is a High-severity vulnerability (CVSS 8.1; CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the Melody theme for WordPress (product/slug: melodyschool) in versions up to and including 1.6.3. Because it is unauthenticated, an...
Recent Comments