by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Severity: Critical (CVSS 9.8) — CVE-2026-4038 affects the WordPress plugin Aimogen Pro – All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit (all versions up to and including 2.7.5). Because the vulnerable pathway can be...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32461 is a Medium-severity missing authorization issue (CVSS 4.3, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) affecting the WordPress plugin Really Simple Security – Simple and Performant Security (formerly Really Simple SSL) (slug:...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Active Products Tables for WooCommerce. Use constructor to create tables (slug: profit-products-tables-for-woocommerce) has a Medium-severity Stored Cross-Site Scripting (XSS) vulnerability affecting versions up to and including 1.0.7 (CVE-2026-32450,...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-27071 is a Medium-severity (CVSS 5.3) vulnerability affecting WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution (WordPress plugin slug: wp-cafe) in versions up to and including 3.0.7. The issue can be triggered...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors CVE-2026-32455 is a Medium-severity vulnerability (CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affecting the MDTF – Meta Data and Taxonomies Filter WordPress plugin (slug: wp-meta-data-filter-and-taxonomy-filter) in versions up to and...
by Ivan Sorkin | Mar 19, 2026 | Plugins
Attack Vectors Everest Forms Pro (WordPress plugin, slug: everest-forms-pro) is affected by a High severity vulnerability (CVE-2026-27070, CVSS 7.2; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N). Because this is an unauthenticated stored cross-site scripting...
Recent Comments