by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-24964 is a Medium-severity (CVSS 6.4) Server-Side Request Forgery (SSRF) vulnerability affecting the WordPress plugin Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe (slug: contest-gallery) in versions <=...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Darna Framework (WordPress plugin slug: darna-framework) versions up to and including 2.9 are affected by a Medium-severity vulnerability: Reflected Cross-Site Scripting (XSS) (CVE: CVE-2026-27088, CVSS 6.1, vector...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Wolverine Framework (WordPress plugin slug: wolverine-framework) versions <= 1.9 are affected by a Medium-severity reflected Cross-Site Scripting (XSS) vulnerability (CVSS 6.1, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) tracked as...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-24364 is a medium-severity missing-authorization issue (CVSS 4.3) affecting User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration (WordPress plugin slug: wp-user-frontend) in versions up to and...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-27084 is a High-severity vulnerability (CVSS 8.1) affecting the Buisson WordPress theme (slug: buisson) in versions up to and including 1.1.11. Details are published at the CVE record and in the original advisory. This issue is unauthenticated,...
Recent Comments