by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2025-32204 is a Medium-severity vulnerability (CVSS 4.9) affecting the WordPress plugin Split Test For Elementor (slug: split-test-for-elementor) in versions <= 1.8.3. This issue is an authenticated SQL Injection, meaning an attacker must be...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2025-31526 is a medium-severity SQL Injection vulnerability (CVSS 6.5) affecting the Behance Portfolio Manager WordPress plugin (slug: portfolio-manager-powered-by-behance) in versions 1.7.5 and earlier. The attack requires a logged-in WordPress...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors The vulnerability in Behance Portfolio Manager (slug: portfolio-manager-powered-by-behance) affects versions up to and including 1.7.5 and is rated Medium severity (CVSS 4.9, vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). Exploitation requires...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors WP Hotel Booking (slug: wp-hotel-booking) versions ≤ 2.2.9 contain a High-severity Local File Inclusion vulnerability (CVE-2024-51582, CVSS 8.8). This issue can be exploited by an authenticated user with Contributor-level access or higher. From a...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2024-31115 is a Critical vulnerability (CVSS 10.0) affecting the Chauffeur Taxi Booking System for WordPress plugin (slug: chauffeur-booking-system) in versions 7.2 and earlier. Because the issue is unauthenticated, an external attacker can attempt...
by Ivan Sorkin | Mar 18, 2026 | Plugins
Attack Vectors CVE-2024-31106 is a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVSS 6.1) affecting the Yoo Slider – Image Slider & Video Slider WordPress plugin (yoo-slider) in versions up to and including 2.1.1. This issue can be exploited...
Recent Comments