by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24985 affects the WP Forms Signature Contract Add-On plugin (slug: wp-forms-signature-contract-add-on) in versions 1.8.2 and earlier, and is rated Medium severity (CVSS 4.3). The issue can be exploited by an authenticated WordPress user with...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors The vulnerability CVE-2026-24984 affects the WordPress plugin Visual Link Preview (slug: visual-link-preview) in versions 2.2.9 and earlier. It is rated Medium severity (CVSS 4.3) and involves a “missing authorization” issue. The most relevant entry...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24982 is a Medium severity missing authorization issue (CVSS 5.3) affecting the WordPress plugin Spectra Gutenberg Blocks – Website Builder for the Block Editor (slug: ultimate-addons-for-gutenberg) in versions up to and including 2.19.17....
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors The WordPress plugin Booking for Appointments and Events Calendar – Amelia (slug: ameliabooking) is affected by a Medium severity vulnerability (CVE-2026-24967; CVSS 5.3) in versions up to and including 1.2.38. The issue is described as a “missing...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors WBW Product Table PRO (slug: woo-producttables-pro) versions up to and including 2.2.6 contain a High-severity (CVSS 7.5) vulnerability that can be exploited remotely over the internet. Because the issue is unauthenticated (no login required) and has a...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24966 is a Medium-severity Cross-Site Request Forgery (CSRF) issue affecting the Copyscape Premium WordPress plugin (slug: copyscape-premium) in versions up to and including 1.4.1. CSRF attacks typically rely on social engineering: an...
Recent Comments