Plugins | WPFore

Power Charts – Responsive Beautiful Charts & Graphs Vulnerability (…

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors CVE-2026-4011 is a Medium-severity Stored Cross-Site Scripting (XSS) issue (CVSS 6.4) affecting Power Charts – Responsive Beautiful Charts & Graphs (plugin slug: wpgo-power-charts-lite) in versions <= 0.1.0. The attack requires an authenticated...

Login as User – Switch User & WooCommerce Login as Customer Vulnera…

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors CVE-2026-5617 is a High-severity privilege escalation issue (CVSS 8.8) affecting Login as User – Switch User & WooCommerce Login as Customer (slug: one-click-login-as-user) in all versions up to and including 1.0.3. The attack requires an...

Quick Interest Slider Vulnerability (High) – CVE-2026-5694

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors CVE-2026-5694 is a High-severity vulnerability (CVSS 7.2; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) affecting the Quick Interest Slider WordPress plugin (slug: quick-interest-slider) in all versions up to and including 3.1.5. The issue is an...

DesignO Vulnerability (Medium) – CVE-2025-31600

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors DesignO (WordPress plugin slug: designo) versions 2.2.0 and earlier are affected by a Medium-severity Cross-Site Request Forgery (CSRF) vulnerability (CVSS 4.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N), tracked as CVE-2025-31600. CSRF attacks rely...

Inquiry form to posts or pages Vulnerability (Medium) – CVE-2026-6293

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors Inquiry form to posts or pages (slug: inquiry-form-to-posts-or-pages) version 1.0 is reported as Medium severity (CVSS 4.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) under CVE-2026-6293. The primary entry point is a Cross-Site Request Forgery (CSRF)...

WP Visitor Statistics (Real Time Traffic) Vulnerability (Medium) – …

by Ivan Sorkin | Apr 14, 2026 | Plugins

Attack Vectors CVE-2025-49996 is a Medium-severity missing authorization issue (CVSS 5.3) affecting the WP Visitor Statistics (Real Time Traffic) plugin (slug: wp-stats-manager) in versions up to and including 8.4. Because the weakness is reachable without...

« Older Entries

Next Entries »

Power Charts – Responsive Beautiful Charts & Graphs Vulnerability (…

Login as User – Switch User & WooCommerce Login as Customer Vulnera…

Quick Interest Slider Vulnerability (High) – CVE-2026-5694

DesignO Vulnerability (Medium) – CVE-2025-31600

Inquiry form to posts or pages Vulnerability (Medium) – CVE-2026-6293

WP Visitor Statistics (Real Time Traffic) Vulnerability (Medium) – …

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!