by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2025-32595 is a Critical vulnerability (CVSS 9.8) affecting the Krowd – Crowdfunding & Charity WordPress Theme (slug: krowd) in versions prior to 1.5.0. The issue is an Unauthenticated Local File Inclusion (LFI), meaning an attacker can...
by Ivan Sorkin | Mar 6, 2026 | Plugins
Attack Vectors CVE-2025-68029 affects the WordPress plugin Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription Payments (slug: wallet-system-for-woocommerce) in versions 2.7.3 and...
by Ivan Sorkin | Mar 6, 2026 | Plugins
Attack Vectors Broken Link Notifier (slug: broken-link-notifier) has a Medium severity vulnerability (CVSS 5.3) identified as CVE-2026-25408. The issue affects versions up to and including 1.3.5. Because the vulnerability involves missing authorization (a missing...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2024-43334 is a Medium-severity reflected cross-site scripting (XSS) issue affecting multiple WordPress themes by gavias, including the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) in various versions. The...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2024-43334 affects the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) and is rated Medium severity (CVSS 6.1). The issue is a reflected cross-site scripting (XSS) weakness, meaning an attacker can try to get a...
Recent Comments