Plugins | WPFore

WPFAQBlock– FAQ & Accordion Plugin For Gutenberg Vulnerability (Med…

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors WPFAQBlock– FAQ & Accordion Plugin For Gutenberg (slug: wpfaqblock) is affected by CVE-2026-1093, a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4, CVE record). The vulnerability can be exploited by an authenticated WordPress user...

Add Google Social Profiles to Knowledge Graph Box Vulnerability (Me…

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors CVE-2026-1393 is a Medium severity Cross-Site Request Forgery (CSRF) issue (CVSS 4.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) affecting the WordPress plugin Add Google Social Profiles to Knowledge Graph Box (slug:...

PQ Addons – Creative Elementor Widgets Vulnerability (Medium) – CVE…

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors PQ Addons – Creative Elementor Widgets (slug: peacefulqode-elementzplus-widgets) has a Medium-severity stored cross-site scripting (XSS) vulnerability (CVE-2026-1397, CVSS 6.4) affecting versions up to and including 1.0.0. An attacker must be...

Redirect countdown Vulnerability (Medium) – CVE-2026-1390

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors CVE-2026-1390 is a Medium severity (CVSS 4.3) Cross-Site Request Forgery (CSRF) issue affecting the Redirect countdown WordPress plugin (slug: redirect-countdown) in all versions up to and including 1.0. In practical terms, an attacker doesn’t need to...

Schema Shortcode Vulnerability (Medium) – CVE-2026-1575

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors CVE-2026-1575 is a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting the Schema Shortcode WordPress plugin (slug: schema-shortcode) in versions up to and including 1.0. The attack requires an authenticated WordPress account...

SR WP Minify HTML Vulnerability (Medium) – CVE-2026-1392

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors SR WP Minify HTML (slug: sr-wp-minify-html) is affected by a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability (CVE-2026-1392, CVSS 4.3; CVE record). In practical terms, an external attacker does not need a login to your WordPress site to...

« Older Entries

Next Entries »

WPFAQBlock– FAQ & Accordion Plugin For Gutenberg Vulnerability (Med…

Add Google Social Profiles to Knowledge Graph Box Vulnerability (Me…

PQ Addons – Creative Elementor Widgets Vulnerability (Medium) – CVE…

Redirect countdown Vulnerability (Medium) – CVE-2026-1390

Schema Shortcode Vulnerability (Medium) – CVE-2026-1575

SR WP Minify HTML Vulnerability (Medium) – CVE-2026-1392

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!