Orderable Plugin Access Control Vulnerability//Published on 2026-02-19//CVE-2026-0974
Urgent guide to mitigate CVE-2026-0974 in Orderable <=1.20.0 for WordPress
Critical Access Control Flaw in Cookie Notice//Published on 2026-02-19//CVE-2025-11754
Urgent patch for WP Cookie Notice CVE-2025-11754; upgrade to 4.1.3 with mitigations.
Critical SQL Injection in WordPress Library Plugin//Published on 2026-02-19//CVE-2025-12707
Urgent security advisory CVE-2025-12707 unauthenticated SQLi in Library Management System plugin
Critical Local File Inclusion in Prodigy Commerce//Published on 2026-02-19//CVE-2026-0926
Unauthenticated LFI in Prodigy Commerce <=3.2.9 with WAF patches and incident response guidance
Mitigating WordPress Email Two Factor Vulnerability//Published on 2026-02-19//CVE-2025-13587
Urgent guide to CVE-2025-13587 2FA via Email vulnerability and practical mitigations for WordPress sites
Critical Arbitrary Deletion Flaw in WooCommerce Checkout//Published on 2026-02-19//CVE-2025-13930
Urgent guide to CVE-2025-13930 mitigation for WooCommerce Checkout Manager vulnerability
Critical Local File Inclusion in Prodigy Commerce//Published on 2026-02-19//CVE-2026-0926
Unauthenticated LFI in Prodigy Commerce <=3.2.9 with WAF patches and incident response guidance
Orderable Plugin Access Control Vulnerability//Published on 2026-02-19//CVE-2026-0974
Urgent guide to mitigate CVE-2026-0974 in Orderable <=1.20.0 for WordPress
Critical SQL Injection in WordPress Library Plugin//Published on 2026-02-19//CVE-2025-12707
Urgent security advisory CVE-2025-12707 unauthenticated SQLi in Library Management System plugin
Mitigating WordPress Email Two Factor Vulnerability//Published on 2026-02-19//CVE-2025-13587
Urgent guide to CVE-2025-13587 2FA via Email vulnerability and practical mitigations for WordPress sites