by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-3045 is a High severity vulnerability (CVSS 7.5) affecting the WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (slug: simply-schedule-appointments) in versions up to and including 1.6.9.29. The issue...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-1704 is a Medium-severity vulnerability (CVSS 4.3) affecting Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (slug: simply-schedule-appointments) in versions up to and including 1.6.9.29. The issue can be exploited...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-3891 affects the Pix for WooCommerce WordPress plugin (slug: payment-gateway-pix-for-woocommerce) in versions <= 1.5.0 and is rated Critical with a CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Because this issue is...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2025-68515 is a Medium-severity vulnerability (CVSS 5.3) affecting WP Booking System – Booking Calendar (plugin slug: wp-booking-system) in versions up to and including 2.0.19.12. It is categorized as an Unauthenticated Information Exposure issue....
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-22471 is a High-severity issue (CVSS 8.1) affecting the Secudeal Payments for Ecommerce WordPress plugin (versions up to and including 1.1). Because the weakness can be triggered without authentication, an attacker can attempt exploitation...
by Ivan Sorkin | Mar 12, 2026 | Plugins
High severity alert (CVSS 8.8): Booking for Appointments and Events Calendar – Amelia (WordPress plugin slug: ameliabooking) is affected by an authenticated privilege escalation vulnerability in versions up to and including 1.2.38. Tracked as CVE-2026-24963, this...
Recent Comments