by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-27984 is a High-severity (CVSS 8.8) issue affecting the WordPress plugin Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets (slug: widget-options) in all versions up to and including 4.1.3. This...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-27983 is a Critical vulnerability (CVSS 9.8) affecting the LMS Elementor Pro WordPress plugin (slug: lms-elementor-pro) in versions <= 1.0.4. Because the issue is unauthenticated, an attacker does not need a valid login to attempt...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors Critical (CVSS 9.1) vulnerability CVE-2026-22460 affects the WordPress plugin FormGent – Next-Gen AI Form Builder for WordPress with Multi-Step, Quizzes, Payments & More (slug: formgent) in versions <= 1.4.2. Because the issue is unauthenticated,...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-24385 is a High severity vulnerability (CVSS 7.5) affecting the Podlove Web Player WordPress plugin (podlove-web-player) in versions 5.9.1 and below. The issue is an Authenticated (Contributor+) PHP Object Injection risk caused by...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2025 is a Medium-severity vulnerability (CVSS 5.3) affecting the WordPress plugin Mail Mint – Newsletters, Email Marketing, Automation, WooCommerce Emails, Post Notification, and more (slug: mail-mint) in versions below 1.19.5. The issue is...
by Ivan Sorkin | Mar 12, 2026 | Plugins
Attack Vectors CVE-2026-2987 is a Medium-severity vulnerability (CVSS 6.1) affecting the WordPress plugin Simple Ajax Chat – Add a Fast, Secure Chat Box (slug: simple-ajax-chat) in versions up to, and including, 20260217. An attacker does not need to log in...
Recent Comments