by Ivan Sorkin | Mar 13, 2026 | Plugins
Attack Vectors Wp EMember (slug: wp-emember) is affected by a Medium severity vulnerability (CVSS 6.1, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) tracked as CVE-2026-28073. The issue is a Reflected Cross-Site Scripting (XSS) flaw impacting versions up to...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors Social Icons Widget & Block – Social Media Icons & Share Buttons (slug: social-icons-widget-by-wpzoom) is affected by a Medium-severity vulnerability (CVE-2026-4063, CVSS 4.3). The primary attack path requires an attacker to have any...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-3986 is a medium-severity (CVSS 6.4) Stored Cross-Site Scripting (XSS) issue affecting the Calculated Fields Form WordPress plugin (slug: calculated-fields-form) in versions up to and including 5.4.5.0. An attacker needs an authenticated...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2879 is a Medium severity vulnerability (CVSS 5.4) affecting the WordPress plugin GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools (slug: getgenie) in versions up to and including 4.3.2. The primary exposure is to...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2888 is a Medium-severity issue (CVSS 5.3) affecting the Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin (slug: formidable) in versions 6.28 and below. An attacker can target...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder (slug: formidable) has a High-severity vulnerability (CVSS 7.5) tracked as CVE-2026-2890. The issue can be exploited without authentication, meaning...
Recent Comments