by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Smarter Analytics (slug: smarter-analytics) versions 2.0 and below are affected by a Medium-severity issue (CVSS 5.3) where an unauthenticated attacker can trigger a plugin configuration reset by sending a web request that includes a reset parameter....
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-1908 is a Medium severity vulnerability (CVSS 6.4) affecting the Integration with Hubspot Forms WordPress plugin (slug: integration-with-hubspot-forms) in versions up to and including 1.2.2. The issue can be exploited by an authenticated...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Simple Football Scoreboard (slug: simple-football-score-board) versions 1.0 and below have a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) tracked as CVE-2026-1891. The attack requires an authenticated WordPress account with...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Task Manager (WordPress plugin slug: task-manager) is affected by CVE-2026-2351, a Medium severity issue (CVSS 6.5; vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). The vulnerability is exploitable by an authenticated user with Subscriber-level...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-4127 affects the Speedup Optimization WordPress plugin (slug: speedup-optimization) in versions <= 1.5.9 and is rated Medium severity (CVSS 5.3, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). The issue is tied to an AJAX endpoint...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Task Manager (WordPress plugin slug: task-manager) is reported as vulnerable in versions up to and including 3.0.2 to an arbitrary shortcode execution issue (severity: Medium, CVSS 6.5) tracked as CVE-2026-4004. According to the published advisory, an...
Recent Comments