Urgent XSS Risk in LBG Zoominoutslider Plugin//Published on 2026-02-28//CVE-2026-28103
Explains reflected XSS in LBG Zoominoutslider <=5.4.5 and urgent WordPress mitigations
Plugin Vulnerabilities
Preventing Arbitrary File Downloads in uListing//Published on 2026-02-28//CVE-2026-28078
WordPress uListing CVE-2026-28078 arbitrary file download risk and mitigations
Critical SQL Injection in WordPress Donation Plugin//Published on 2026-02-28//CVE-2026-28115
Urgent SQLi CVE-2026-28115 in WP Attractive Donations System; containment, patching, WAF, and recovery guidance
Urgent XSS Advisory for Ultimate Learning Pro//Published on 2026-02-28//CVE-2026-28113
Urgent guide to mitigating reflected XSS in Ultimate Learning Pro version 3.9.1 with WAF
Mitigating XSS in ListingPro Plugin//Published on 2026-02-28//CVE-2026-28122
Urgent guidance for ListingPro CVE-2026-28122 reflected XSS with WAF patches and upgrade steps
Exploitable Local File Inclusion in Welldone Theme//Published on 2026-02-28//CVE-2026-28118
Urgent guide to mitigating LFI in Welldone theme CVE-2026-28118 for WordPress sites
Preventing Local File Inclusion in Smart SEO//Published on 2026-02-28//CVE-2026-28117
Urgent guide to CVE-2026-28117 LFI in smart SEO theme and immediate WordPress hardening
Critical Local File Inclusion in Muzicon Theme//Published on 2026-02-28//CVE-2026-28107
Urgent Muzicon LFI vulnerability guide for WordPress with detection tips and mitigations
Nirvana Theme Local File Inclusion Risk//Published on 2026-02-28//CVE-2026-28119
Nirvana theme LFI CVE-2026-28119: immediate mitigation, containment, and WordPress security guidance
Critical XSS in RH Frontend Publishing Pro//Published on 2026-02-28//CVE-2026-28126
Guidance for WordPress site owners on CVE-2026-28126 reflected XSS in RH Frontend Publishing Pro