WordPress powers a significant share of the web, and for good reason. It is flexible, well supported and capable of handling everything from a simple brochure site to a full ecommerce platform. But ...
HDAnalytics is a fast, cookieless WordPress analytics plugin delivering actionable insights, full GDPR/CCPA compliance, ...
WPvivid Backup & Migration plugin allows for arbitrary file upload which can lead to remote code execution.
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...
The new Link Fixer plugin for WordPress uses the Wayback Machine to prevent dead links, keeping old posts and references accessible for readers.
A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
Critical bug in ACF: Extended WordPress plugin allows arbitrary role escalation to administrator About 50,000 WordPress sites are vulnerable despite patch in version 0.9.2.2 No exploitation reported ...
Patchstack found critical Modular DS flaw (CVE-2026-23550) allowing admin bypass Vulnerability scored 10/10 and is already being exploited in the wild Vendor released fix in version 2.5.2; users urged ...
This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results