by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider PerpetuumMobile (also described as the UberSlider – Layer Slider WordPress Plugin, slug: uberSlider_perpetuummobile) has a Medium-severity vulnerability (CVSS 6.1) identified as CVE-2026-28100. The issue is a Reflected Cross-Site...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider Ultra (UberSlider – Layer Slider WordPress Plugin, slug: uberSlider_ultra) is affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVE-2026-28099, CVSS 6.1). Reflected XSS commonly works when an attacker places...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Guff – Blog & Magazine Ghost Theme (slug: guff) versions up to and including 1.0.1 have a Medium severity issue (CVSS 5.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) tied to missing authorization. In practical terms, this means an attacker...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors The Pizza House – Restaurant / Cafe / Bistro WordPress theme (slug: pizzahouse) in versions up to and including 1.4.0 has a High-severity vulnerability (CVSS 8.1) that can be triggered remotely without authentication. In practical business terms,...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27428 affects the WordPress plugin Eagle Booking (slug: eagle-booking) in versions up to and including 1.3.4.3. This is a Medium severity issue (CVSS 6.5, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). The key business-relevant point: an...
Recent Comments