by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-30999 is a High severity vulnerability (CVSS 8.8) affecting the WP Shopify / External Store for Shopify WordPress plugin (slug: wp-shopify) in versions up to and including 1.5.9. The issue is exploitable by an authenticated attacker with...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2025-57912 is a medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 4.4) affecting Dialogity Free Live Chat (WordPress plugin slug: dialogity-website-chat) in versions up to and including 1.0.3. The attack requires an authenticated...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-2356 is a medium-severity vulnerability (CVSS 5.3) in the WordPress plugin User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder (slug:...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors Gallery Images Ape (slug: gallery-images-ape) versions <= 2.2.8 are affected by a Medium severity vulnerability (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) tracked as CVE-2022-41785. This issue is an authenticated Stored Cross-Site...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors Simple Business Directory Pro (slug: simple-business-directory-pro) is affected by a Critical vulnerability (CVSS 9.8; CVE-2025-31918) that can be exploited remotely over the internet. The most concerning aspect for business owners is that the reported...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Medium-severity vulnerability CVE-2025-54005 affects the SKT Page Builder WordPress plugin (slug: skt-builder) in versions 4.9 and below. With a CVSS score of 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N), it can allow an authenticated user (subscriber level or...
Recent Comments