Core | WPFore

WordPress Vulnerability (Medium) –

by Ivan Sorkin | Mar 11, 2026 | Core

Attack Vectors This Medium-severity vulnerability (CVSS 4.4) affects WordPress (slug: wordpress) versions up to and including 6.9.1, and involves Stored Cross-Site Scripting (XSS) through navigation menu items configured in the admin interface. To exploit it, an...

WordPress Vulnerability (Medium) –

by Ivan Sorkin | Mar 10, 2026 | Core

Attack Vectors WordPress (slug: wordpress) versions up to and including 6.9.1 are affected by a Medium-severity vulnerability (CVSS 5.8, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N) that can be exploited without authentication. The attack is performed...

WordPress Vulnerability (Medium) –

by Ivan Sorkin | Mar 10, 2026 | Core

Attack Vectors This Medium-severity vulnerability (CVSS 6.5) affects WordPress core (slug: wordpress) in versions up to and including 6.9.1. It can be triggered by an authenticated user with Author-level permissions or higher who is able to upload media. The...

WordPress Vulnerability (Medium) – CVE-2026-3906

by Ivan Sorkin | Mar 10, 2026 | Core

Attack Vectors Product: WordPress core (wordpress) | Severity: Medium (CVSS 4.3, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) | CVE: CVE-2026-3906 This issue affects WordPress versions 6.9 through 6.9.1 and involves the new Notes feature introduced in 6.9 for...

WordPress Vulnerability (Medium) – CVE-2026-3906

by Ivan Sorkin | Mar 10, 2026 | Core

Attack Vectors WordPress (wordpress) versions 6.9 through 6.9.1 are affected by CVE-2026-3906, rated Medium severity (CVSS 4.3). The primary attack path is through the WordPress REST API. An attacker must be authenticated with at least Subscriber-level access (or any...

WordPress Vulnerability (Medium) –

by Ivan Sorkin | Mar 10, 2026 | Core

Attack Vectors This medium-severity issue (CVSS 4.3) affects WordPress core versions up to and including 6.9.1. It can be exploited by an authenticated user with at least Author-level access (i.e., someone who can log in and create/edit content). An attacker can use...

WordPress Vulnerability (Medium) –

WordPress Vulnerability (Medium) –

WordPress Vulnerability (Medium) –

WordPress Vulnerability (Medium) – CVE-2026-3906

WordPress Vulnerability (Medium) – CVE-2026-3906

WordPress Vulnerability (Medium) –

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!