CVE-2023-47232 - Exploiting the mojofywp WP Affiliate Disclosure Plugin Vulnerability (Versions up to 1.2.6)
If you run a WordPress website and use affiliate links, you might be familiar with the WP Affiliate Disclosure plugin from mojofywp. This nifty tool
CVE-2025-22288 - How Path Traversal Vulnerability in WPMU DEV Smush Plugin Can Expose Your WordPress
Security researchers found a critical weakness in millions of WordPress websites using the popular Smush Image Compression and Optimization plugin, published by WPMU DEV. This
CVE-2025-47437 - SSRF in LiteSpeed Cache (All Versions through 7..1) — Exploit & Analysis
A brand new security hole has been found in LiteSpeed Technologies' LiteSpeed Cache plugin (versions up to 7..1). This vulnerability, tracked as CVE-2025-47437,
CVE-2025-58794 - CSRF Vulnerability in Notification for Telegram (Up to 3.4.6) – How Attackers Can Exploit Your Site
The security world has spotted a major flaw in the popular Notification for Telegram plugin, which affects versions up to 3.4.6. Tracked as
CVE-2025-47539 - Incorrect Privilege Assignment in Themewinter Eventin Lets Users Escalate Privileges
If you build WordPress sites with events, you may have heard of the Eventin plugin by Themewinter. It helps you manage events with booking features,
Episode
00:00:00
00:00:00