Name Directory Vulnerability (High) – CVE-2026-3178

by | Mar 11, 2026 | Plugins

Attack Vectors The WordPress plugin Name Directory (slug: name-directory) contains a High severity vulnerability (CVSS 7.2) identified as CVE-2026-3178. It is an unauthenticated stored cross-site scripting (XSS) issue, meaning an attacker does not need a login to...

Gravity Forms Vulnerability (Medium) – CVE-2026-3492

by | Mar 11, 2026 | Plugins

Attack Vectors CVE-2026-3492 affects the Gravity Forms plugin (gravityforms) in versions up to and including 2.9.28.1 and is rated Medium severity (CVSS 6.4). The issue is an authenticated (Subscriber+) stored cross-site scripting (XSS) vulnerability triggered through...