CVE-2026-3116 Improper Input Validation in Zoom Plugin Webhook Handler

Mattermost Plugins versions =11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589...

WordPress Advance Block Extend plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via TitleColor Block Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via TitleColor Block Attribute vulnerability discovered by WordFence in WordPress Plugin Advance Block Extend versions = 1.0.4...

EUVD-2023-36846

Malicious code in bioql PyPI...

WordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Plugin Radius Blocks versions = 2.1.2...

WordPress CTX Feed plugin <= 6.5.6 - Arbitrary Options Update vulnerability

Arbitrary Options Update vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin CTX Feed versions = 6.5.6...

CVE-2023-25479

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Podlove Podlove Subscribe button plugin = 1.3.7 versions...