Vulnerabilities
Stay ahead of the curve with our comprehensive coverage of WordPress plugin and theme vulnerabilities. Don’t let outdated software put your website at risk.
Arbitrary File Upload vulnerability in WordPress Forminator Plugin
An Arbitrary File Upload vulnerability has been identified in the WordPress Forminator Plugin. This vulnerability allows an attacker to upload any type
Cross-Site Scripting (XSS) vulnerability in WordPress Happy Elementor Addons Pro Plugin
A Cross-Site Scripting (XSS) vulnerability has been identified in the WordPress Happy Elementor Addons Pro Plugin. This vulnerability allows an attacker to
Cross-Site Scripting (XSS) vulnerability in WordPress Bridge Core Plugin
A Cross-Site Scripting (XSS) vulnerability has been identified in the WordPress Bridge Core Plugin. This vulnerability allows an attacker to inject malicious
Arbitrary File Upload vulnerability in WordPress Olive One Click Demo Import Plugin
An Arbitrary File Upload vulnerability has been identified in the WordPress Olive One Click Demo Import Plugin. This vulnerability allows an attacker
Broken Access Control vulnerability in WordPress Premmerce User Roles Plugin
A Broken Access Control vulnerability has been identified in the WordPress Premmerce User Roles Plugin. This vulnerability allows an unprivileged user to
Arbitrary Code Execution vulnerability in WordPress Kanban Boards for WordPress Plugin
An Arbitrary Code Execution vulnerability has been identified in the WordPress Kanban Boards for WordPress Plugin. This vulnerability allows an attacker to
SQL Injection vulnerability in WordPress Demon image annotation Plugin
An SQL Injection vulnerability has been identified in the WordPress Demon image annotation Plugin. This vulnerability allows an attacker to inject malicious
Cross-Site Scripting (XSS) vulnerability in Online Booking & Scheduling Calendar Plugin
A Cross-Site Scripting (XSS) vulnerability has been identified in the WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin. This
Remote File Inclusion vulnerability in WordPress Canto Plugin
A Remote File Inclusion (RFI) vulnerability has been identified in the WordPress Canto Plugin. This vulnerability allows an attacker to get a
Cross-Site Scripting (XSS) vulnerability in WordPress Leyka Plugin
A high-severity vulnerability has been identified in the WordPress Leyka Plugin. This vulnerability allows an attacker to inject malicious scripts into the
PHP Object Injection vulnerability in WordPress Themesflat Addons For Elementor Plugin
A PHP Object Injection vulnerability has been identified in the WordPress Themesflat Addons For Elementor Plugin. This vulnerability allows an attacker to
Medium-severity Cross-Site Scripting (XSS) vulnerability in WordPress Simple Share Follow Button plugin
A Cross-Site Scripting (XSS) vulnerability has been identified in the WordPress Simple Share Follow Button plugin. This vulnerability could allow an attacker
High-severity Sensitive Data Exposure vulnerability in WordPress WP Ultimate CSV Importer plugin
A Sensitive Data Exposure vulnerability has been identified in the WordPress WP Ultimate CSV Importer plugin. This vulnerability could allow an attacker
Remote Code Execution (RCE) Vulnerability in JetElements For Elementor Plugin
WordPress security is of utmost importance, and we want to bring attention to a critical Remote Code Execution (RCE) vulnerability discovered in
High-severity Remote Code Execution (RCE) vulnerability in WordPress WP Ultimate CSV Importer plugin
A Remote Code Execution (RCE) vulnerability has been identified in the WordPress WP Ultimate CSV Importer plugin. This vulnerability could allow an