by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-28036 is a Medium-severity Server-Side Request Forgery (SSRF) issue (CVSS 6.4) affecting the Restaurant WordPress Theme | Ratatouille theme (slug: ratatouille) in versions up to and including 1.2.6. The key exposure is that an attacker needs...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors Super Stage WP (slug: super-stage-wp) versions up to and including 1.0.1 are affected by CVE-2026-1542, rated High severity (CVSS 8.1). The reported issue is unauthenticated, meaning an external attacker does not need a login to attempt exploitation...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-27984 is a High-severity (CVSS 8.8) issue affecting the WordPress plugin Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets (slug: widget-options) in all versions up to and including 4.1.3. This...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-27983 is a Critical vulnerability (CVSS 9.8) affecting the LMS Elementor Pro WordPress plugin (slug: lms-elementor-pro) in versions <= 1.0.4. Because the issue is unauthenticated, an attacker does not need a valid login to attempt...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CarZone – A Complete Car Dealer HTML Wire-Frame (slug: carzone) is affected by CVE-2026-27338, a High severity issue (CVSS 7.5; CVE record) that can be triggered over the network by an authenticated user with Subscriber-level access or higher....
Recent Comments