by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors ListingPro Reviews (WordPress plugin slug: listingpro-reviews) versions below 2.9.11 are affected by a Medium-severity (CVSS 6.1) reflected cross-site scripting (XSS) issue tracked as CVE-2025-69051. This vulnerability can be exploited remotely over the...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-62087 affects the Sticky Notes for WP Dashboard WordPress plugin (slug: wb-sticky-notes) in versions 1.2.4 and earlier. This is a Medium-severity issue (CVSS 4.3, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). An attacker must be...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-22461 is a Medium-severity vulnerability (CVSS 5.3; CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) affecting Product Feed Manager for WooCommerce – CTX Feed – Support 220+ Shopping & Social Channels (slug:...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-49049 is a Medium-severity SQL Injection vulnerability (CVSS 6.5) affecting the DZS Video Gallery WordPress plugin (slug: dzs-videogallery) in versions up to and including 12.39. The key risk factor for business owners is that the attack can be...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-24534 affects the Booter – Bots & Crawlers Manager WordPress plugin (slug: booter-bots-crawlers-manager) in versions up to and including 1.5.7. This is a Medium-severity issue (CVSS 4.3, vector:...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-24604 is a Medium-severity issue (CVSS 5.3) affecting the Simple GDPR Cookie Compliance WordPress plugin (slug: simple-gdpr-cookie-compliance) in versions 2.0.0 and below. Because the weakness can be reached over the network and does not...
Recent Comments