by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-28114 affects the WooCommerce License Manager WordPress plugin (slug: fs-license-manager) and is rated High severity (CVSS 7.2; CVE link). The issue is an authenticated arbitrary file upload, meaning an attacker must first have valid access....
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors Ultimate Learning Pro (slug: indeed-learning-pro) is affected by a Medium-severity vulnerability (CVE-2026-28113, CVSS 6.1) that enables reflected cross-site scripting (XSS) in versions up to and including 3.9.1. This means a malicious actor can attempt...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-28078 affects the Directory Listings WordPress plugin – uListing (slug: ulisting) in versions up to and including 2.2.0. This is a Medium-severity issue (CVSS 4.9) that requires an authenticated user with Editor-level access or higher to...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider Classic (slug: uberSlider_classic) versions 2.5 and earlier are affected by a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2026-28102, CVSS 6.1). Reflected XSS typically relies on an attacker sending a specially...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider MouseInteraction (WordPress plugin slug: uberSlider_mouseinteraction) has a Medium severity vulnerability (CVSS 6.1) identified as CVE-2026-28101. The issue is a Reflected Cross-Site Scripting (XSS) risk affecting versions up to and including...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider PerpetuumMobile (also described as the UberSlider – Layer Slider WordPress Plugin, slug: uberSlider_perpetuummobile) has a Medium-severity vulnerability (CVSS 6.1) identified as CVE-2026-28100. The issue is a Reflected Cross-Site...
Recent Comments