Plugins | WPFore

App Builder – Create Native Android & iOS Apps On The Flight Vulner…

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors CVE-2026-2375 is a Medium-severity privilege escalation issue (CVSS 6.5) affecting the WordPress plugin App Builder – Create Native Android & iOS Apps On The Flight (slug: app-builder) in all versions up to and including 5.5.10. An attacker does not...

Show Posts list – Easy designs, filters and more Vulnerability (Med…

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors CVE-2026-4022 is a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) affecting the WordPress plugin Show Posts list – Easy designs, filters and more (slug: show-posts-shortcodes) in versions <= 1.1.0. The issue occurs through...

Ad Short Vulnerability (Medium) – CVE-2026-4067

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors Product: Ad Short (slug: ad-short)Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting (XSS) via the [ad] shortcode client attributeSeverity: Medium (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)CVE: CVE-2026-4067 This issue...

Ecover Builder For Dummies Vulnerability (Medium) – CVE-2026-4077

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors Ecover Builder For Dummies (versions up to and including 1.0) has a Medium-severity stored cross-site scripting issue (CVE-2026-4077, CVSS 6.4). The attack path is straightforward: an authenticated WordPress user with Contributor-level access or higher...

WP Random Button Vulnerability (Medium) – CVE-2026-4086

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors WP Random Button (slug: wp-random-button) has a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) affecting versions 1.0 and earlier. The issue is tracked as CVE-2026-4086. This is an authenticated attack scenario: a user with...

Quentn WP Vulnerability (High) – CVE-2026-2468

by Ivan Sorkin | Mar 20, 2026 | Plugins

Attack Vectors Quentn WP (WordPress plugin slug: quentn-wp) has a High-severity vulnerability (CVSS 7.5, CVE-2026-2468) that can be exploited by an unauthenticated attacker over the internet. The attack is carried out by manipulating a specific browser cookie named...

« Older Entries

Next Entries »

App Builder – Create Native Android & iOS Apps On The Flight Vulner…

Show Posts list – Easy designs, filters and more Vulnerability (Med…

Ad Short Vulnerability (Medium) – CVE-2026-4067

Ecover Builder For Dummies Vulnerability (Medium) – CVE-2026-4077

WP Random Button Vulnerability (Medium) – CVE-2026-4086

Quentn WP Vulnerability (High) – CVE-2026-2468

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!