WP Security
WWordPress Vulnerability Database

LA Studio Element Kit Backdoor Advisory(CVE20260920)

  • January 21, 2026
Backdoor in WordPress LA-Studio Element Kit for Elementor Plugin
Read More
WWordPress Vulnerability Database

Protect Against Privilege Escalation in ACF Extended(CVE202514533)

  • January 20, 2026
Privilege Escalation in WordPress Advanced Custom Fields: Extended Plugin
Read More
WWordPress Vulnerability Database

HK Security Advisory Koko Analytics SQL Injection(CVE202622850)

  • January 20, 2026
SQL Injection in WordPress Koko Analytics Plugin
Read More
WWordPress Vulnerability Database

Community Advisory LearnPress Access Control Flaw(CVE202514798)

  • January 19, 2026
Broken Access Control in WordPress LearnPress Plugin
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert Contact Form Flaw(CVE202512718)

  • January 19, 2026
Broken Access Control in WordPress Quick Contact Form Plugin
Read More
WWordPress Vulnerability Database

Protecting User Data in WordPress Registrations(CVE202512825)

  • January 19, 2026
Sensitive Data Exposure in WordPress User Registration Using Contact Form 7 Plugin
Read More
WWordPress Vulnerability Database

Community Security Alert RepairBuddy IDOR Vulnerability(CVE20260820)

  • January 19, 2026
Insecure Direct Object References (IDOR) in WordPress RepairBuddy Plugin
Read More
WWordPress Vulnerability Database

Community Alert Aisle Theme Local File Inclusion(CVE202567941)

  • January 18, 2026
Local File Inclusion in WordPress The Aisle Theme
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert WP Mail XSS(CVE202568008)

  • January 18, 2026
Cross Site Scripting (XSS) in WordPress WP Mail Plugin
Read More
WWordPress Vulnerability Database

Protecting Hong Kong Sites From Powerlift Vulnerability(CVE202567940)

  • January 18, 2026
Local File Inclusion in WordPress Powerlift Theme
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Suggested for you

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0
English
Chinese (Hong Kong) Chinese (China) Spanish Hindi French