by Ivan Sorkin | Mar 2, 2026 | Plugins
Attack Vectors The WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS (slug: ays-chatgpt-assistant) has a Medium severity vulnerability (CVSS 5.3, CVE-2026-1336) that can be exploited remotely over the internet. Because the issue involves missing...
by Ivan Sorkin | Mar 2, 2026 | Plugins
Attack Vectors The vulnerability CVE-2026-1566 affects the LatePoint – Calendar Booking Plugin for Appointments and Events (slug: latepoint-2) in versions 5.2.7 and earlier. It is rated High severity with a CVSS 8.8 score...
by Ivan Sorkin | Mar 2, 2026 | Plugins
Attack Vectors CVE-2026-3132 is a high-severity vulnerability (CVSS 8.8) affecting the Master Addons for Elementor Premium plugin (slug: master-addons-pro) for WordPress in versions up to and including 2.1.3. The issue enables authenticated remote code execution via...
by Ivan Sorkin | Mar 2, 2026 | Plugins
Attack Vectors The WordPress plugin Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe (slug: contest-gallery) is affected by CVE-2026-3180, a High severity vulnerability (CVSS 7.5, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)....
by Ivan Sorkin | Feb 27, 2026 | Plugins
Attack Vectors Tutor LMS – eLearning and online course solution (WordPress plugin slug: tutor) is affected by a High-severity vulnerability (CVSS 7.5) tracked as CVE-2025-13673. The issue is an unauthenticated SQL injection that can be triggered via the coupon_code...
by Ivan Sorkin | Feb 27, 2026 | Plugins
Attack Vectors WP Mail Logging (slug: wp-mail-logging) is affected by a High-severity vulnerability (CVE-2026-2471, CVSS 7.5) that can be triggered through everyday website interactions. An unauthenticated attacker may submit a specially crafted payload via any...
Recent Comments