by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors CVE-2024-1081 is a medium-severity stored cross-site scripting (XSS) vulnerability (CVSS 6.4) affecting the WordPress plugin 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery (slug: interactive-3d-flipbook-powered-physics-engine)...
by Ivan Sorkin | Mar 16, 2026 | Plugins
Attack Vectors Product: WowStore – Store Builder & Product Blocks for WooCommerce (slug: product-blocks) Severity: High (CVSS 7.5, CVE-2026-2579) This issue is an unauthenticated SQL Injection vulnerability affecting WowStore versions up to and including 4.4.3. An...
by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors The medium-severity vulnerability (CVSS 5.3) in User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration (slug: wp-user-frontend) affects versions 4.2.8 and below and enables unauthenticated attackers to...
by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors CVE-2026-1883 affects the Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types WordPress plugin (slug: wicked-folders) in versions up to and including 4.1.0. This is a Medium severity issue (CVSS 4.3; vector:...
by Ivan Sorkin | Mar 14, 2026 | Plugins
Attack Vectors CVE-2026-1870 is a Medium severity vulnerability (CVSS 5.3) affecting Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor (slug: thim-elementor-kit) in versions up to and including 1.3.7. The exposure can be triggered remotely over...
by Ivan Sorkin | Mar 13, 2026 | Plugins
Attack Vectors CVE-2026-1948 affects the NEX-Forms – Ultimate Forms Plugin for WordPress (slug: nex-forms-express-wp-form-builder) in versions 9.1.9 and earlier. This is a Medium-severity issue (CVSS 4.3, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). An...
Recent Comments