Unauthenticated JoomSport Directory Traversal Enables LFI |...
Urgent CVE-2025-7721 LFI in JoomSport <=5.7.3; patch to 5.7.4 now.
Critical CSRF Advisory Notification Bar Plugin |...
Urgent CSRF advisory for Notification Bar plugin CVE-2025-9895 with immediate mitigations and WAF guidance
Critical Meks Easy Maps Contributor Stored XSS...
Auth stored XSS in Meks Easy Maps <=2.1.4: risk, detection, mitigation, and WP-Firewall protection
Critical Authenticated SQL Injection in Slideshow Plugin...
Authenticated SQL injection in Woo superb slideshow plugin CVE-2025-9199 with mitigation guidance
Authenticated Contributor SQL Injection in WordPress Plugin...
Authenticated SQL injection in WP Cycle Text Announcement <=8.1; guidance for owners and developers