by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors WP Hotel Booking (slug: wp-hotel-booking) versions ≤ 2.2.9 contain a High-severity Local File Inclusion vulnerability (CVE-2024-51582, CVSS 8.8). This issue can be exploited by an authenticated user with Contributor-level access or higher. From a...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2024-37930 is a Medium-severity issue (CVSS 5.3) affecting the SmartMag WordPress theme (slug: smartmag-responsive-retina-wordpress-magazine) in versions below 10.1.0. The exposure occurs when log files are publicly accessible on the website....
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2024-31115 is a Critical vulnerability (CVSS 10.0) affecting the Chauffeur Taxi Booking System for WordPress plugin (slug: chauffeur-booking-system) in versions 7.2 and earlier. Because the issue is unauthenticated, an external attacker can attempt...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2024-31106 is a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVSS 6.1) affecting the Yoo Slider – Image Slider & Video Slider WordPress plugin (yoo-slider) in versions up to and including 2.1.1. This issue can be exploited...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors This Medium-severity vulnerability (CVSS 6.5) affects the Booked – Appointment Booking for WordPress plugin (slug: booked) in versions prior to 2.4.4. It can be exploited over the network by an unauthenticated attacker, meaning they do not need a user...
Recent Comments