Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)

Last week, there were 122 vulnerabilities disclosed in 90 WordPress Plugins and 22 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 16, 2026 to March 22, 2026)

Last week, there were 266 vulnerabilities disclosed in 220 WordPress Plugins and 30 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 95 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 9, 2026 to March 15, 2026)

Last week, there were 116 vulnerabilities disclosed in 78 WordPress Plugins and 19 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 66 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 2, 2026 to March 8, 2026)

Last week, there were 199 vulnerabilities disclosed in 84 WordPress Plugins and 107 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 23, 2026 to March 1, 2026)

Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 16, 2026 to February 22, 2026)

Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 9, 2026 to February 15, 2026)

Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our ' High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 4, 2025 to August 10, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through September 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

Advisory ROSA-SA-2025-2871

Software: tigervnc 1.8.0 OS: rosa-server79 packageevrstring: tigervnc-1.8.0.0-33.0.5.res7 CVE-ID: CVE-2024-9632 BDU-ID: 2024-09084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XkbSetCompatMap function of the X Window System X.Org Server implementation is related to a buffer overflow in...

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 25, 2024 to December 1, 2024)

Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with ourEnd of Year Holiday Extravaganza , High-Risk Bonus Blitz Challenge , and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for...

PT-2024-11954 · Undefined · Undefined

🚨Major Threat Alert: High Alert: AMD Processors Hit by Multiple Security Flaws - CVE-2023-20576 CVE-2023-20576 CVE-2023-20577 CVE-2023-20579 CVE-2023-20587 Chatter: 🔴 High Maturity: 💢 Emerging https://t.co/hiHfkLxSGd CyberSecurity ThreatIntel InfoSec...

Quick Paypal Payments 3.0 - Presistant XSS (0day)

No description provided by source. TITLE ===== Quick Paypal Payments - Persistent Cross Site Scripting Vulnerability AUTHOR ====== Zy0d0x BLOG ==== https://zy0d0x.com DATE ==== 10/08/2013 VENDOR ====== Quick Plugins - http://quick-plugins.com/ AFFECTED PRODUCT ================ Quick Paypal Paymen...

Quick Paypal Payments 3.0 - Presistant XSS (0day)

Exploit for php platform in category web applications TITLE ===== Quick Paypal Payments - Persistent Cross Site Scripting Vulnerability AUTHOR ====== Zy0d0x BLOG ==== https://zy0d0x.com DATE ==== 10/08/2013 VENDOR ====== Quick Plugins - http://quick-plugins.com/ AFFECTED PRODUCT ================...

Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS

Exploit for php platform in category web applications TITLE ===== Quick Contact Form - Persistent Cross Site Scripting Vulnerability AUTHOR ====== Zy0d0x DATE ==== 10/06/2013 VENDOR ====== Quick Plugins - http://quick-plugins.com/ AFFECTED PRODUCT ================ Quick Contact Form Wordpress...

WordPress Plugin Quick Contact Form 6.0 - Persistent Cross-Site Scripting

WordPress Plugin Quick Contact Form 6.0 - Persistent Cross-Site Scripting =============================================================================== | | / / / / / / // / / -/ - / // / / / / // / ////,//////,// ///, / // team PUBLIC SECURITY ADVISORY | |...

GlobalSign Set to Resume CA Operations

GlobalSign is still in the process of completing the investigation into whether its certificate authority infrastructure was compromised, but the company on Tuesday was ready to resume some of its operations under “high-threat” conditions. The company said that it has found evidence that its main...

Taha Portal 3.2 Cross Site Scripting

||------------------------------------------------------------------|| ||Software..............Taha Portal v 3.2 ||Vulnerability.........Cross Site Scripting ||Threat Level..........High ||Vender................www.tahasystem.com ||Author................Bl4ck.Viper Turkish Hacker...

AlgoPars Software Co SQL Injection

||------------------------------------------------------------------|| ||Software..............AlgoPars Software Co ||Vulnerability.........Sql Injection ||Threat Level..........High ||Vender................www.algopars.ir ||Author................Bl4ck.Viper Turkish Hacker...

[ONSEC-09-010] Undersky CMS SQL injection

ONSEC-09-010 Undersky CMS SQL injection Цель: Undersky CMS http://www.undersky.ru Тип: SQL инъекция Угроза: Высокая Дата обнаружения: 03.07.2009 Дата оповещения разработчика: 03.07.2009 Дата выхода исправления: 05.07.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описани...

[ONSEC-09-017] Blogolet PHP including

ONSEC-09-017 Blogolet PHP including Цель: Blogolet CMS Тип: PHP инъекция Угроза: Высокая Дата обнаружения: 21.09.2009 Дата оповещения разработчика: 21.09.2009 Дата выхода исправления: 21.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимость существует...