by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Metro (WordPress theme) versions up to and including 2.13 are affected by a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVE-2026-27382, CVSS 6.1). Reflected XSS typically relies on an attacker getting a real user to click a...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Gecko 6.0 – Responsive Shopify Theme – RTL support (slug: gecko) is affected by a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability in versions up to and including 1.9.8 (CVE: CVE-2026-27375, CVSS 6.1). The most common...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent (slug: tablesome) is affected by an authenticated (Subscriber+) SQL Injection vulnerability in versions up to and including 1.2.3. Severity is described as Medium with a CVSS...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27361 affects the Responsive Posts Carousel WordPress Plugin (slug: responsive-posts-carousel-pro) in versions up to and including 15.1 and is rated Medium severity (CVSS 5.3). The issue is a missing authorization check, which means an attacker...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27354 affects the WordPress plugin WooCommerce Coming Soon Product with Countdown (slug: woo-coming-soon-product) in versions up to and including 5.0. It is rated Medium severity (CVSS 6.4). The risk begins when an attacker has (or can obtain)...
Recent Comments