by Ivan Sorkin | Mar 17, 2026 | Plugins
Attack Vectors Medium severity vulnerability (CVSS 6.1) has been identified in the WordPress plugin [CR]Paid Link Manager (slug: crpaid-link-manager) affecting versions 0.5 and earlier. This issue is tracked as CVE-2026-1780. The weakness is a Reflected Cross-Site...
by Ivan Sorkin | Mar 17, 2026 | Plugins
Attack Vectors CVE-2026-1926 is a Medium-severity issue (CVSS 5.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) affecting the Subscriptions for WooCommerce WordPress plugin (slug: subscriptions-for-woocommerce) in versions up to and including 1.9.2. Because the...
by Ivan Sorkin | Mar 17, 2026 | Plugins
Attack Vectors CVE-2026-4268 affects the WordPress plugin WP Go Maps (formerly WP Google Maps) (slug: wp-google-maps) in versions 10.0.05 and below. It is rated Medium severity (CVSS 6.4) and can be exploited remotely over the internet. The key business risk driver is...
by Ivan Sorkin | Mar 17, 2026 | Plugins
Attack Vectors CVE-2026-27373 is a Medium-severity (CVSS 6.5) vulnerability affecting the WordPress plugin Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent (slug: tablesome) in versions up to and including 1.2.3. This issue is an...
by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors Xagio SEO – AI Powered SEO (slug: xagio-seo) versions <= 7.1.0.29 are affected by a Medium-severity missing authorization issue (CVE-2025-63025). An attacker must be able to log in to your WordPress site (even with subscriber-level access) to attempt...
Recent Comments