by Ivan Sorkin | Mar 10, 2026 | Core
Attack Vectors This medium-severity issue (CVSS 4.3) affects WordPress core versions up to and including 6.9.1. It can be exploited by an authenticated user with at least Author-level access (i.e., someone who can log in and create/edit content). An attacker can use...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-1708 is a High-severity vulnerability (CVSS 7.5) affecting the WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (slug: simply-schedule-appointments) in versions up to and including 1.6.9.27. The issue...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-2917 is a Medium severity vulnerability (CVSS 5.4) affecting the Happy Addons for Elementor WordPress plugin (happy-elementor-addons) in versions up to and including 3.21.0. It can be exploited remotely over the network by an authenticated user...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors Product: Happy Addons for Elementor (slug: happy-elementor-addons) Vulnerability: CVE-2026-2918 Severity: Medium (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) This issue affects Happy Addons for Elementor versions 3.21.0 and below. An...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-3903 is a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin Modular DS: Monitor, update, and backup multiple websites (slug: modular-connector) in versions up to and including 2.5.1. An attacker does...
Recent Comments