by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-2991 is a Critical (CVSS 9.8) vulnerability affecting the WordPress plugin KiviCare – Clinic & Patient Management System (EHR) (slug: kivicare-clinic-management-system) in versions <= 4.1.2. It can be exploited remotely over the internet...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-3090 is a High-severity stored cross-site scripting (XSS) vulnerability (CVSS 7.2) affecting Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App (slug: post-smtp) in versions up to...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors This Medium-severity vulnerability (CVSS 5.3) affects the WordPress plugin Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App (slug: post-smtp) in versions up to and including 3.8.0. An...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-2512 is a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affecting the Code Embed WordPress plugin (slug: simple-embed-code) in versions up to and including 2.5.1. An...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2026-27332 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Agrofood – Elementor WooCommerce WordPress Theme (slug: agrofood) in versions prior to 1.4.0. Because this is a reflected XSS, an attacker typically...
Recent Comments