by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2025-69411 is a Critical vulnerability (CVSS 9.1) in the ionCube Tester Plus WordPress plugin (slug: ioncube-tester-plus) affecting versions up to and including 1.3. Because it is unauthenticated, an attacker can target your site over the internet...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2025 is a Medium-severity (CVSS 5.3) vulnerability affecting the WordPress plugin Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more (slug: mail-mint) in versions prior to 1.19.5. The issue is...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-22480 is a medium-severity vulnerability (CVSS 6.6) affecting the WebToffee WooCommerce Product Feeds – Google Shopping, Pinterest, TikTok Ads, & More WordPress plugin (webtoffee-product-feed) in versions up to and including 2.3.3. This...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-27095 is a High severity issue (CVSS 8.1) affecting the WordPress plugin Bus Ticket Booking with Seat Reservation (slug: bus-ticket-booking-with-seat-reservation) in versions up to and including 5.6.2. The vulnerability is exploitable by...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2025-69347 affects the Subscription for WooCommerce – WordPress Recurring Payments Plugin (slug: subscription) in versions 1.8.10 and earlier. This is an authenticated issue, meaning an attacker must be logged in with Customer (Custom-level) access...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-22484 is a High-severity vulnerability (CVSS 7.5) affecting the Lisfinity Core WordPress plugin (slug: lisfinity-core) used by the pebas® Lisfinity WordPress theme in versions 1.5.0 and below. Because the issue is unauthenticated, an...
Recent Comments