by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors Product: RTMKit (WordPress plugin slug: rometheme-for-elementor) Severity: Medium (CVSS 6.1 — CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVE-2025-12473 affects RTMKit versions up to and including 1.6.8. The issue is a reflected cross-site scripting...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-2324 affects the WordPress plugin LatePoint – Calendar Booking Plugin for Appointments and Events (slug: latepoint-2) in versions 5.2.7 and earlier. It is rated Medium severity (CVSS 6.1). The primary attack path is a Cross-Site Request Forgery...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-2569 is a Medium severity stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting the Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer WordPress plugin (slug: 3d-flipbook-dflip-lite) in versions 2.4.20 and below. The attack...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors CVE-2026-3228 is a Medium-severity issue (CVSS 6.4) affecting the NextScripts: Social Networks Auto-Poster WordPress plugin (slug: social-networks-auto-poster-facebook-twitter-g) in versions 4.4.6 and earlier. The vulnerability is an authenticated...
by Ivan Sorkin | Mar 10, 2026 | Plugins
Attack Vectors Unlimited Elements For Elementor (slug: unlimited-elements-for-elementor) is affected by a High-severity vulnerability (CVE-2026-2724, CVSS 7.2) that can be exploited without authentication. An attacker can submit specially crafted content through the...
Recent Comments