by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24946 is a Medium-severity authorization issue in the WordPress plugin Print Invoice & Delivery Notes for WooCommerce (slug: woocommerce-delivery-notes) affecting all versions up to and including 5.8.0. Because the vulnerability is tied to...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors Reflector (WordPress plugin slug: reflector-plugins) versions up to and including 1.2.2 are affected by a Medium-severity issue (CVSS 6.1, CVE-2026-24948). This is a reflected cross-site scripting (XSS) vulnerability, meaning an attacker can craft a...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2026-24950 is a Medium-severity (CVSS 5.3) issue affecting the WordPress plugin Authorsy – Author Box, Multiple Authors, Guest Authors & Post Rating (slug: authorsy) in versions 1.0.6 and earlier. The vulnerability is an Insecure Direct Object...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2025-67979 is a High-severity vulnerability (CVSS 8.8) affecting GSheetConnector For WPForms – WPForms Google Sheets Integration (Real-Time Sync) (slug: gsheetconnector-wpforms) in versions up to and including 4.0.1. It enables authenticated...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors Contact Manager (WordPress plugin slug: contact-manager) versions up to and including 9.1 have a High-severity vulnerability (CVSS 8.1, CVE-2025-68853) that can be triggered by unauthenticated attackers over the network. The issue stems from...
by Ivan Sorkin | Feb 10, 2026 | Plugins
Attack Vectors CVE-2025-68834 affects the WordPress plugin Sync Master Sheet – Product Sync with Google Sheet for WooCommerce (slug: product-sync-master-sheet) in versions up to and including 1.1.3, and it is rated Medium severity (CVSS 5.3). The issue is described as...
Recent Comments