by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors Medium severity (CVSS 5.4) vulnerability CVE-2026-1927 affects the WordPress plugin Greenshift – animation and page builder blocks (slug: greenshift-animation-and-page-builder-blocks) in versions 12.6 and below. The issue can be exploited by an...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors Morkva UA Shipping (slug: morkva-ua-shipping) versions 1.7.9 and earlier have a Medium severity Stored Cross-Site Scripting issue (CVE-2026-2292) that can be triggered through the plugin’s admin settings. The primary attack path requires an...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-2289 affects the WordPress plugin Taskbuilder – Project Management & Task Management Tool With Kanban Board (slug: taskbuilder) in versions up to and including 5.0.3. It is a Medium-severity stored cross-site scripting (XSS) issue (CVSS...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors WPBookit (slug: wpbookit) is affected by a High severity Stored Cross-Site Scripting issue (CVE-2026-1945) in versions up to and including 1.0.8. The core risk is that an unauthenticated attacker can submit malicious content through the wpb_user_name...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-1980 affects the WPBookit WordPress plugin (slug: wpbookit) in versions up to 1.0.8. The issue is rated Medium severity (CVSS 5.3) and stems from a route called get_customer_list that lacks a required authorization check. From a business...
by Ivan Sorkin | Mar 3, 2026 | Plugins
Attack Vectors CVE-2026-1651 affects the WordPress plugin Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress (slug: email-subscribers) in versions up to 5.9.16. It is rated Medium severity (CVSS 6.5). This...
Recent Comments