WordPress Plugin Vulnerability

NewsSecurity Vulnerabilities

Vulnerability in WordPress File Uploads Addon for WooCommerce plugin (CVE-2026-24625)

– Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.

Read More
NewsSecurity Vulnerabilities

WordPress Modular DS Plugin 2.5.2 is vulnerable to a high priority Privilege Escalation (CVE-2026-23800)

CVE number = CVE-2026-23800 This could allow a malicious actor to escalate their low privileged account to something with higher

Read More
NewsSecurity Vulnerabilities

WooCommerce Reflected Cross-Site Scripting Vulnerability (CVE-2025-0864)

CVE number = CVE-2025-0864 The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable

Read More
NewsSecurity Vulnerabilities

WordPress WP Go Maps Plugin is vulnerable to Cross Site Request Forgery (CVE-2025-24742)

CVE-2025-24742 – There is a Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps.

Read More
NewsSecurity Vulnerabilities

ChatGPT WordPress plugin – Cross-Site Scripting vulnerability [CVE-2024-6843]

CVE number = CVE-2024-6843 The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which

Read More
Cyber SecurityNewsSecurity News

Malware Campaign Exploits Popup Builder WordPress Plugin

A recent malware campaign is exploiting a critical security vulnerability in the Popup Builder plugin for WordPress, allowing the injection

Read More
NewsSecurity Vulnerabilities

Critical flaw found in Backup Migration WordPress plugin [CVE-2023-6553]

Security experts are cautioning users of a widely-used WordPress plugin to promptly apply a patch or face the potential of

Read More
NewsSecurity Vulnerabilities

Multiple Vulnerabilities In WordPress Plugin Popup Builder

WebARX has reported that the Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter plugin (versions 3.71 and below) suffers

Read More
NewsSecurity Vulnerabilities

Critical XSS vulnerability in GDPR Cookie Consent WordPress plugin

On January 28th 2020, NinTechNet researcher Jerome Bruandet discovered a vulnerability affecting GDPR Cookie Consent version 1.8.2 and below. He

Read More
NewsSecurity Vulnerabilities

Strategy11 formidable plugin for WordPress code execution [CVE-2019-15780]

CVE number – CVE-2019-15780 Strategy11 formidable plugin for WordPress could allow a remote attacker to execute arbitrary code on the

Read More