by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors Product Table and List Builder for WooCommerce Lite (slug: wc-product-table-lite) has a High severity vulnerability (CVSS 7.5, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) that can be exploited remotely over the internet. The issue is an...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors CVE-2026-2718 affects the WordPress plugin Dealia – Request a quote (slug: dealia-request-a-quote) in versions up to and including 1.0.6. This is a Medium severity issue (CVSS 6.4, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N), meaning it can be...
by Ivan Sorkin | Feb 19, 2026 | Plugins
Attack Vectors The WordPress plugin Client Testimonial Slider (slug: wp-client-testimonial) is affected by a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 4.4; CVE-2026-2716). The risk arises when an authenticated user with Administrator-level access...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors Simple Membership (WordPress plugin slug: simple-membership) versions 4.7.0 and below have a Medium severity vulnerability (CVE-2026-1461, CVSS 6.5) that can be exploited over the internet without authentication. The issue centers on the plugin’s Stripe...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2026-1219 is a medium-severity (CVSS 5.3) issue affecting the WordPress plugin MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar (slug: mp3-music-player-by-sonaar) in versions 4.0 through 5.10. An unauthenticated attacker can...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors CVE-2026-1994 is a Critical vulnerability (CVSS 9.8) affecting the WordPress plugin s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions (s2member) in versions up to and including 260127. The...
Recent Comments