by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2025 is a Medium-severity vulnerability (CVSS 5.3) affecting the WordPress plugin Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more (slug: mail-mint) in versions below 1.19.5. The issue is...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2987 is a Medium-severity vulnerability (CVSS 6.1) affecting the WordPress plugin Simple Ajax Chat – Add a Fast, Secure Chat Box (slug: simple-ajax-chat) in versions up to, and including, 20260217. An attacker does not need to log in...
by Ivan Sorkin | Mar 11, 2026 | Plugins
Attack Vectors CVE-2026-3657 is a High severity vulnerability (CVSS 7.5) affecting My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu) (slug: mystickymenu) in versions up to and including 2.8.6. The issue can be exploited remotely by...
by Ivan Sorkin | Mar 11, 2026 | Plugins
Attack Vectors CVE-2026-3226 affects the LearnPress – WordPress LMS Plugin for Create and Sell Online Courses (slug: learnpress) in versions 4.3.2.8 and below. This is a Medium severity issue (CVSS 4.3) that can be exploited by an authenticated user with...
by Ivan Sorkin | Mar 11, 2026 | Plugins
Attack Vectors The WordPress plugin Name Directory (slug: name-directory) contains a High severity vulnerability (CVSS 7.2) identified as CVE-2026-3178. It is an unauthenticated stored cross-site scripting (XSS) issue, meaning an attacker does not need a login to...
Recent Comments