by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3567 is a Medium-severity vulnerability (CVSS 5.3, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) affecting RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress (slug: computer-repair-shop) in versions <= 4.1132. The risk...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors EmailKit – Email Customizer for WooCommerce & WP (slug: emailkit) is affected by CVE-2026-3474, rated Medium severity (CVSS 4.9). The issue can be exploited by an authenticated attacker with Administrator-level (or higher) access through a REST API...
by Ivan Sorkin | Mar 20, 2026 | Plugins
CVE-2026-3516 is a medium-severity Stored Cross-Site Scripting (XSS) vulnerability (CVSS 6.4) affecting the Contact List – Online Staff Directory & Address Book WordPress plugin (slug: contact-list) in versions up to and including 3.0.18. It allows an...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors CVE-2026-3368 is a High-severity (CVSS 7.2) vulnerability affecting the Injection Guard WordPress plugin (slug: injection-guard) in versions up to and including 1.2.9. It is an unauthenticated stored cross-site scripting (XSS) issue that can be...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Keep Backup Daily (slug: keep-backup-daily) versions 2.1.2 and earlier are affected by CVE-2026-3577, a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 4.4). The attack requires an authenticated WordPress user with Administrator-level...
by Ivan Sorkin | Mar 20, 2026 | Plugins
Attack Vectors Keep Backup Daily (WordPress plugin slug: keep-backup-daily) is affected by CVE-2026-3339, a Low severity issue (CVSS 2.7; vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). The vulnerability is reachable through the plugin’s kbd_open_upload_dir AJAX...
Recent Comments