Reflected XSS in reCaptcha by WebDesignBy Plugin
A cross-site scripting vulnerability affects reCaptcha by WebDesignBy. This WordPress plugin adds Google reCAPTCHA to your forms. CVE-2026-4512…
Blog
Stored Cross-Site Scripting in Social Rocket Plugin
Overview of CVE-2026-1923 A stored Cross-Site Scripting vulnerability affects the Social Rocket plugin. This flaw has a CVSS…
Missing Authorization in HT Mega Addons for Elementor
A missing authorization vulnerability affects HT Mega Addons for Elementor. This WordPress plugin has over 200,000 active installations.…
Stored Cross-Site Scripting in ITERAS Plugin
Overview of CVE-2026-4078 A stored Cross-Site Scripting vulnerability affects the ITERAS plugin. This flaw has a CVSS score…
Royal Elementor Addons CSRF Vulnerability
Attackers can trick admins into changing plugin settings in Royal Elementor Addons. This CSRF flaw lets attackers perform…
Stored XSS in WP Store Locator Plugin
A stored cross-site scripting vulnerability affects WP Store Locator. This WordPress plugin helps businesses display store locations. CVE-2026-3361…
Stored Cross-Site Scripting in Liaison Site Prober Plugin
Overview of CVE-2026-3569 A stored Cross-Site Scripting vulnerability affects Liaison Site Prober. This flaw has a CVSS score…
HM Books Gallery Missing Authorization Vulnerability
Users can bypass access controls in HM Books Gallery. This missing authorization flaw affects book management features. It…
Critical Arbitrary File Upload in Breeze Cache Plugin
A critical vulnerability hits Breeze Cache, a WordPress caching plugin. CVE-2026-3844 carries a CVSS score of 9.8. This…
Cross-Site Request Forgery in Taqnix Plugin
Overview of CVE-2026-3565 A Cross-Site Request Forgery vulnerability affects the Taqnix plugin. This flaw has a CVSS score…