by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors UberSlider Ultra (UberSlider – Layer Slider WordPress Plugin, slug: uberSlider_ultra) is affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVE-2026-28099, CVSS 6.1). Reflected XSS commonly works when an attacker places...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27428 affects the WordPress plugin Eagle Booking (slug: eagle-booking) in versions up to and including 1.3.4.3. This is a Medium severity issue (CVSS 6.5, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). The key business-relevant point: an...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent (slug: tablesome) is affected by an authenticated (Subscriber+) SQL Injection vulnerability in versions up to and including 1.2.3. Severity is described as Medium with a CVSS...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27361 affects the Responsive Posts Carousel WordPress Plugin (slug: responsive-posts-carousel-pro) in versions up to and including 15.1 and is rated Medium severity (CVSS 5.3). The issue is a missing authorization check, which means an attacker...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors CVE-2026-27354 affects the WordPress plugin WooCommerce Coming Soon Product with Countdown (slug: woo-coming-soon-product) in versions up to and including 5.0. It is rated Medium severity (CVSS 6.4). The risk begins when an attacker has (or can obtain)...
by Ivan Sorkin | Mar 5, 2026 | Plugins
Attack Vectors Scientific and Interactive Blocks – inseri core (WordPress plugin slug: inseri-core) versions up to and including 1.0.5 have a Medium severity issue (CVSS 5.3, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) tracked as CVE-2026-27344. The core risk...
Recent Comments