Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)

Last week, there were 87 vulnerabilities disclosed in 198 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 61 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities ...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)

Last week, there were 158 vulnerabilities disclosed in 123 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 69 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

WordPress plugin Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Issues...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 22, 2025 to September 28, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

SUSE-SU-2025:02472-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser bsc1244404. - CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser bsc1244403. - CVE-2025-47806: Fixed stack buffer overflow in SubRi...

Jenkins plugins Multiple Vulnerabilities (2025-07-09)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller,...

RHSA-2025:8976 Red Hat Security Advisory: gstreamer1-plugins-bad-free security update

Bulletin has no description...

DSA-5941-1 gst-plugins-bad1.0 - security update

Bulletin has no description...

Jenkins plugins Multiple Vulnerabilities (2025-05-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Critical In WSO2 Oauth Plugin 1.0 and earlier authentication claims are accepted without validation by the WSO2 Oauth security realm. This...

Jenkins plugins Multiple Vulnerabilities (2025-01-22)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins OpenId Connect Authentication Plugin 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as...

gstreamer-plugins-good-1.24.10-3.1 on GA media (moderate)

gstreamer-plugins-good-1.24.10-3.1 on GA media Announcement ID: openSUSE-SU-2024:14586-1 Rating: moderate Cross-References: CVE-2024-47539 CVE-2024-47543 CVSS scores: CVE-2024-47539 SUSE : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-47543 SUSE : 6.2...

Jenkins plugins Multiple Vulnerabilities (2024-11-27)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. CVE-2024-47855 - Jenkins Simple Queue Plugin 1.4.4...

Jenkins plugins Multiple Vulnerabilities (2024-11-13)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform...