BetterDocs Missing Authorization Vulnerability
Users can access restricted documentation features in BetterDocs. This missing authorization flaw affects data privacy. It exposes sensitive…
Blog
ExactMetrics Missing Authorization Vulnerability
Authenticated users can access unauthorized features in ExactMetrics. This flaw exposes your analytics data. It may allow privilege…
Stored XSS in Gutentor WordPress Plugin
Security researchers found a stored cross-site scripting (XSS) flaw in Gutentor. This WordPress page builder plugin has over…
Missing Authorization in Booking Calendar Contact Form Plugin
Overview of CVE-2026-6810 A missing authorization vulnerability affects the Booking Calendar Contact Form plugin. This flaw has a…
MaxiBlocks Builder Arbitrary File Upload Vulnerability
Attackers can upload malicious files through MaxiBlocks Builder. This puts your WordPress site at risk. You need to…
Critical Arbitrary File Upload in Drag and Drop File Upload for Contact Form 7 Plugin
# CVE-2026-5364: Critical Arbitrary File Upload in Drag and Drop File Upload for Contact Form 7 Plugin (CVSS…
PHP Supply Chain Attack: Backdoor Discovered in Popular Composer Package
A supply chain attack targeting the PHP ecosystem has been discovered this week. Security researchers found a backdoor…
CrawlerX Botnet Evolves: New Variant Targets WooCommerce Sites
Security researchers have identified a new variant of the CrawlerX botnet that specifically targets WooCommerce sites. The latest…
WordPress Security Hardening Checklist: 15 Steps to Secure Your Site
A hardened WordPress site is one where every attack surface is minimized, every configuration is intentional, and no…
WordPress Database Security: Best Practices for Securing MySQL
Your WordPress database contains everything that makes your site your site: posts, user accounts, plugin settings, WooCommerce orders,…