by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-27984 is a High-severity issue (CVSS 8.8) affecting the WordPress plugin Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets (slug: widget-options) in versions 4.1.3 and earlier. The risk is highest for...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-25423 is a Medium-severity missing-authorization issue affecting Real 3D Flipbook – 3D FlipBook, PDF FlipBook, PDF Viewer, PDF Embedder (slug: real3d-flipbook-lite) in versions up to and including 4.19.1. The vulnerability is reachable over the...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2026-25399 affects the Serious Slider WordPress plugin (slug: cryout-serious-slider) in versions up to and including 1.2.7. The issue is a missing authorization (capability) check on a plugin function, which can allow an attacker who already has a...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2025-68048 affects the WordPress plugin NextMove Lite – Thank You Page for WooCommerce (slug: woo-thank-you-page-nextmove-lite) in versions up to and including 2.23.0. With a Medium severity rating (CVSS 5.3), the key concern is that an attacker...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart (slug: lazytasks-project-task-management) has a Critical vulnerability (CVSS 9.8) that can be exploited remotely over the internet without any user login. In practical...
Recent Comments