by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-2631 is a Critical (CVSS 9.8) vulnerability affecting the Datalogics Ecommerce Delivery – Datalogics WordPress plugin in versions below 2.6.60. Because it is unauthenticated, an attacker does not need a valid WordPress account to attempt...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Medium severity vulnerability CVE-2026-1867 affects the WordPress plugin Guest posting / Frontend Posting / Front Editor – WP Front User Submit (slug: front-editor) in versions prior to 5.0.6. The issue is classified as unauthenticated information...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-3658 is a High-severity vulnerability (CVSS 7.5) affecting the Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (slug: simply-schedule-appointments) in versions up to and including 1.6.10.0. It can be exploited without...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-1463 is a High-severity issue (CVSS 8.8, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting the WordPress plugin Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery (slug: nextgen-gallery). The vulnerability is...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors High severity vulnerability (CVSS 8.2) in KiviCare – Clinic & Patient Management System (EHR) (plugin slug: kivicare-clinic-management-system) affects all versions up to and including 4.1.2. It can be exploited remotely over the internet with no...
Recent Comments