by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors tagDiv Composer (slug: td-composer) versions up to and including 5.4.2 are affected by a Reflected Cross-Site Scripting (XSS) vulnerability tracked as CVE-2025-50001. The issue is rated Medium severity with a CVSS 6.1...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-27083 affects the Work & Travel Company – Youth Programs WordPress theme (slug: work-travel-company) in versions <= 1.2. The issue is rated High severity with a CVSS score of 8.1. This vulnerability can be targeted remotely over...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors Love Story (lovestory) theme for WordPress is affected by CVE-2026-27082, a High severity issue (CVSS 8.1) involving PHP deserialization of untrusted input. Because the vulnerability is unauthenticated, an attacker does not need a valid WordPress...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors The WordPress plugin Addi – Cuotas que se adaptan a ti (slug: buy-now-pay-later-addi) is affected by a Medium-severity vulnerability (CVSS 5.3) that can be exploited remotely over the network. Because the issue is described as exploitable by...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors News Magazine X (WordPress theme, slug: news-magazine-x) versions up to 1.2.50 are affected by CVE-2026-24382, a Medium severity issue (CVSS 5.3; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Because the weakness can be exploited over the...
Recent Comments