by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors DW Question Answer Pro (slug: dw-question-answer-pro) has a Medium-severity vulnerability (CVSS 5.4; CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) tracked as CVE-2021-24800. This issue can be exploited remotely over the network by a user who is already...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2021-24805 is a Medium-severity Cross-Site Request Forgery (CSRF) issue (CVSS 5.4) affecting DW Question & Answer Pro (slug: dw-question-answer-pro) through version 1.3.6. CSRF attacks typically rely on tricking a legitimate, logged-in user into...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors Easy Digital Downloads – Recount Earnings (slug: edd-recount-earnings) is affected by a Medium severity Cross-Site Scripting (XSS) issue tracked as CVE-2015-9524 (CVSS 6.1, vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This vulnerability can be...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors The DZS Video Gallery WordPress plugin (versions below 7.95) has a Medium-severity vulnerability (CVSS 5.3) that can be triggered remotely over the internet. Based on the published details, the issue can be exploited by an unauthenticated attacker (no...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors Simple Ajax Chat – Add a Fast, Secure Chat Box (slug: simple-ajax-chat) has a Medium-severity vulnerability (CVE-2024-2956, CVSS 4.4) that can be triggered when an authenticated user with administrator-level permissions (or higher) enters malicious...
by Ivan Sorkin | Feb 25, 2026 | Plugins
Attack Vectors CVE-2026-1311 affects the Worry Proof Backup WordPress plugin (slug: worry-proof-backup) in all versions up to and including 0.2.4. It is rated High severity with a CVSS 8.8 score (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The primary attack path...
Recent Comments