Plugin Vulnerability

40,000+ Sites Exposed: Critical 9.8 CVSS Flaw Grants Total WordPress Account Takeover

• Vulnerability Report

40,000+ Sites Exposed: Critical 9.8 CVSS Flaw Grants Total WordPress Account Takeover

Do Son May 2, 2026 0

A security vulnerability has been identified in Temporary Login, a popular WordPress plugin designed to provide secure,...

Read More Read more about 40,000+ Sites Exposed: Critical 9.8 CVSS Flaw Grants Total WordPress Account Takeover

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

• Vulnerability Report

Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

Do Son April 23, 2026 0

A major security threat is currently sweeping through the WordPress ecosystem. Breeze, a highly popular caching plugin...

Read More Read more about Over 400,000 WordPress Sites at Risk as “Breeze” Plugin Zero-Day Is Exploited in the Wild

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

• Vulnerability Report

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Do Son April 6, 2026 0

In a major alert for the WordPress community, a critical security flaw has been disclosed in the...

Read More Read more about Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

• Vulnerability Report

Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

Do Son March 26, 2026 0

The attackers begin actively exploiting a critical vulnerability in Kali Forms, a popular drag-and-drop form builder WordPress...

Read More Read more about Hackers Actively Exploiting 9.8 Critical RCE Flaw in Kali Forms WordPress Plugin

200k Sites Exposed: Critical CleanTalk Flaw (CVSS 9.8) Allows RCE

• Vulnerability Report

200k Sites Exposed: Critical CleanTalk Flaw (CVSS 9.8) Allows RCE

Do Son February 16, 2026 0

A plugin designed to keep spam bots at bay has inadvertently left the back door open for...

Read More Read more about 200k Sites Exposed: Critical CleanTalk Flaw (CVSS 9.8) Allows RCE

Null Byte Nightmare: Critical WPvivid Backup Flaw (CVSS 9.8) Exposes 800K WordPress Sites

• Vulnerability Report

Null Byte Nightmare: Critical WPvivid Backup Flaw (CVSS 9.8) Exposes 800K WordPress Sites

Do Son February 11, 2026 0

A critical security vulnerability has been discovered in WPvivid Backup, a popular WordPress plugin used by over...

Read More Read more about Null Byte Nightmare: Critical WPvivid Backup Flaw (CVSS 9.8) Exposes 800K WordPress Sites

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

• Vulnerability Report

Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

Do Son January 20, 2026 0

A critical security vulnerability has been discovered in Advanced Custom Fields: Extended, a popular WordPress plugin with...

Read More Read more about Critical Flaw in “Advanced Custom Fields: Extended” Exposes 100K WordPress Sites to Takeover

CVE-2025-11833 (CVSS 9.8): Critical Flaw Exposes 400,000 WordPress Sites to Unauthenticated Account Takeover

• Vulnerability Report

CVE-2025-11833 (CVSS 9.8): Critical Flaw Exposes 400,000 WordPress Sites to Unauthenticated Account Takeover

Do Son November 1, 2025 0

The Post SMTP plugin, used by over 400,000 WordPress sites to ensure reliable email delivery, has been...

Read More Read more about CVE-2025-11833 (CVSS 9.8): Critical Flaw Exposes 400,000 WordPress Sites to Unauthenticated Account Takeover

Jenkins Faces Wave of Plugin Flaws, Including SAML Authentication Bypass (CVE-2025-64131)

• Vulnerability Report

Jenkins Faces Wave of Plugin Flaws, Including SAML Authentication Bypass (CVE-2025-64131)

Do Son October 30, 2025 0

The Jenkins project has issued a major security advisory addressing a wave of vulnerabilities, including high-severity flaws...

Read More Read more about Jenkins Faces Wave of Plugin Flaws, Including SAML Authentication Bypass (CVE-2025-64131)

Wordfence Warns of Active Exploits Targeting Critical Privilege Escalation Flaw in WP Freeio (CVE-2025-11533)

• Vulnerability Report

Wordfence Warns of Active Exploits Targeting Critical Privilege Escalation Flaw in WP Freeio (CVE-2025-11533)

Do Son October 30, 2025 0

The Wordfence Threat Intelligence team has issued an urgent warning about CVE-2025-11533, a critical privilege escalation vulnerability...

Read More Read more about Wordfence Warns of Active Exploits Targeting Critical Privilege Escalation Flaw in WP Freeio (CVE-2025-11533)

LiteSpeed Cache Flaw (CVE-2025-12450): 7 Million WordPress Sites Exposed to XSS Attack

• Vulnerability Report

LiteSpeed Cache Flaw (CVE-2025-12450): 7 Million WordPress Sites Exposed to XSS Attack

Do Son October 29, 2025 0

A security flaw has been discovered in the LiteSpeed Cache for WordPress (LSCWP) plugin, one of the...

Read More Read more about LiteSpeed Cache Flaw (CVE-2025-12450): 7 Million WordPress Sites Exposed to XSS Attack

RomethemeKit Elementor Plugin Flaw Enables RCE: CVE-2025-30911

• Vulnerability

RomethemeKit Elementor Plugin Flaw Enables RCE: CVE-2025-30911

Do Son April 17, 2025 0

A newly disclosed vulnerability in the popular RomethemeKit For Elementor WordPress plugin—installed on over 30,000 active sites—could...

Read More Read more about RomethemeKit Elementor Plugin Flaw Enables RCE: CVE-2025-30911