by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors CVE-2026-1870 is a Medium severity vulnerability (CVSS 5.3) affecting Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor (slug: thim-elementor-kit) in versions up to and including 1.3.7. The exposure can be triggered remotely over...
by Ivan Sorkin | Mar 13, 2026 | Plugins
Attack Vectors CVE-2026-1948 affects the NEX-Forms – Ultimate Forms Plugin for WordPress (slug: nex-forms-express-wp-form-builder) in versions 9.1.9 and earlier. This is a Medium-severity issue (CVSS 4.3, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). An...
by Ivan Sorkin | Mar 13, 2026 | Plugins
Attack Vectors Wp EMember (slug: wp-emember) is affected by a Medium severity vulnerability (CVSS 6.1, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) tracked as CVE-2026-28073. The issue is a Reflected Cross-Site Scripting (XSS) flaw impacting versions up to...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors Social Icons Widget & Block – Social Media Icons & Share Buttons (slug: social-icons-widget-by-wpzoom) is affected by a Medium-severity vulnerability (CVE-2026-4063, CVSS 4.3). The primary attack path requires an attacker to have any...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-3986 is a medium-severity (CVSS 6.4) Stored Cross-Site Scripting (XSS) issue affecting the Calculated Fields Form WordPress plugin (slug: calculated-fields-form) in versions up to and including 5.4.5.0. An attacker needs an authenticated...
Recent Comments