by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors CVE-2026-2373 is a Medium severity information exposure issue (CVSS 5.3) affecting the WordPress plugin Royal Addons for Elementor – Addons and Templates Kit for Elementor (royal-elementor-addons) in versions up to and including 1.7.1049. The risk comes...
by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors CVE-2024-1081 is a medium-severity stored cross-site scripting (XSS) vulnerability (CVSS 6.4) affecting the WordPress plugin 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery (slug: interactive-3d-flipbook-powered-physics-engine)...
by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors Product: WowStore – Store Builder & Product Blocks for WooCommerce (slug: product-blocks) Severity: High (CVSS 7.5, CVE-2026-2579) This issue is an unauthenticated SQL Injection vulnerability affecting WowStore versions up to and including 4.4.3. An...
by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors The medium-severity vulnerability (CVSS 5.3) in User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration (slug: wp-user-frontend) affects versions 4.2.8 and below and enables unauthenticated attackers to...
by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors CVE-2026-1883 affects the Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types WordPress plugin (slug: wicked-folders) in versions up to and including 4.1.0. This is a Medium severity issue (CVSS 4.3; vector:...
Recent Comments