Blog

Urgent: Patch Redirection for Contact Form 7 to 3.2.5 to stop PHP Object Injection

Urgent advisory: unauthenticated file deletion in Redirection for Contact Form 7; update to 3.2.5.

Explains stored XSS in Contact Manager plugin and how WP-Firewall mitigates it

ColorMag vulnerability CVE-2025-9202: guidance to patch, mitigate, and defend WordPress sites.

Urgent guide to patching Easy Digital Downloads CSRF CVE-2025-8102 with detection and mitigation

Critical unauthenticated PHP Object Injection in Redirection for Contact Form 7 (≤3.2.4) update 3.2.5

Urgent guide to CVE-2025-8618 stored XSS in WPC Smart Quick View; patch and mitigations

Explains authenticated file deletion in Media Library Assistant CVE-2025-8357 and mitigations for WordPress.

Explains CVE-2025-8622 Stored XSS in Flexible Map <=1.18.0, fixes and mitigations.

Nexter Blocks stored XSS CVE-2025-8567 vulnerability overview and mitigation for WordPress