by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors Medium severity (CVSS 6.5) vulnerability CVE-2025-13587 affects the WordPress plugin Two Factor (2FA) Authentication via Email (slug: two-factor-2fa-via-email) in versions up to and including 1.9.8. The issue can be exploited during the login process...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors High severity (CVSS 7.2) vulnerability CVE-2025-12975 affects Product Feed Manager for WooCommerce – CTX Feed – Support 220+ Shopping & Social Channels (plugin slug: webappick-product-feed-for-woocommerce) in versions <= 6.6.11. The issue enables...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors The vulnerability (CVE-2025-12845) affects the Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent WordPress plugin (slug: tablesome) in versions 0.5.4 through 1.2.1. It is rated High severity (CVSS 8.8), meaning it can create...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors Web Accessibility by accessiBe (slug: accessibe) is affected by a Medium severity issue (CVSS 5.3) tracked as CVE-2025-13113. The exposure occurs on public-facing pages, meaning a visitor does not need to log in to potentially access the leaked...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors Library Management System (WordPress plugin slug: library-management-system) versions 3.2.1 and below contain a High severity issue (CVSS 7.5) that can be exploited over the network without user interaction. The vulnerability is an unauthenticated SQL...
by Ivan Sorkin | Feb 18, 2026 | Plugins
Attack Vectors This medium-severity vulnerability (CVE-2025-12884, CVSS 4.3) affects the WordPress plugin Advanced Ads – Ad Manager & AdSense up to version 2.0.14. The risk comes from an attacker who already has a valid login on your site. The most likely entry...
Recent Comments