Blog

Urgent: Patch Redirection for Contact Form 7 to 3.2.5 to stop PHP Object Injection

Urgent advisory: unauthenticated file deletion in Redirection for Contact Form 7; update to 3.2.5.

Explains stored XSS in Contact Manager plugin and how WP-Firewall mitigates it

ColorMag vulnerability CVE-2025-9202: guidance to patch, mitigate, and defend WordPress sites.

Urgent guide to patching Easy Digital Downloads CSRF CVE-2025-8102 with detection and mitigation

Critical unauthenticated PHP Object Injection in Redirection for Contact Form 7 (≤3.2.4) update 3.2.5

Urgent guide to CVE-2025-8618 stored XSS in WPC Smart Quick View; patch and mitigations

Explains authenticated file deletion in Media Library Assistant CVE-2025-8357 and mitigations for WordPress.

Legt CVE-2025-8622 opgeslagen XSS in flexibele kaart uit <=1.18.0, fixes and mitigations.

Overzicht en oplossing van de kwetsbaarheid van Nexter Blocks voor opgeslagen XSS CVE-2025-8567 voor WordPress