by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors EmailKit – Email Customizer for WooCommerce & WP (slug: emailkit) is affected by CVE-2026-1925, a Medium severity vulnerability (CVSS 4.3, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) in versions 1.6.2 and below. The primary attack path is...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors Filestack (WordPress plugin slug: filepicker-media-uploader) versions up to and including 2.0.8 are affected by CVE-2025-13959, a Medium-severity stored cross-site scripting (XSS) issue (CVSS 6.4). The reported entry point is the plugin’s filepicker...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors The WordPress plugin URL Shortify – Simple and Easy URL Shortener (slug: url-shortify) has a Medium severity issue (CVSS 4.7) identified as CVE-2026-1277. The vulnerability affects all versions up to and including 1.12.1. An unauthenticated attacker can...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin (slug: frontend-post-submission-manager-lite) has a Medium severity vulnerability (CVSS 6.1) tracked as CVE-2026-1296. The issue is an unauthenticated open redirect affecting...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors CVE-2026-1714 affects the WordPress plugin ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin (slug: woolentor-addons) in versions up to and including 3.3.2. The vulnerability is rated High severity (CVSS 8.6). The primary attack...
by Ivan Sorkin | Feb 17, 2026 | Plugins
Attack Vectors Business Directory Plugin – Easy Listing Directories for WordPress (slug: business-directory-plugin) is affected by a High-severity vulnerability (CVSS 7.5, CVE-2026-2576) that can be exploited remotely over the internet with no login required....
Recent Comments