Articles
Newsflash
14 Jul 2026 Business and Enterprise Solutions
WordPress: Stored Cross-Site Scripting vulnerability in APCu Manager

In APCu Manager component for WordPress versions before 4.5.0 a high severity vulnerability CVE-2026-10083 was detected. This vulnerability allows attackers to execute arbitrary web scripts. To address this issue, users should upgrade APCu Manager to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-10083.

Read more
CMS
14 Jul 2026 Business and Enterprise Solutions
WooCommerce: Cross Site Scripting (XSS) in WooCommerce Designer Pro

In WooCommerce Designer Pro component for WooCommerce versions 1.9.34 and earlier a medium severity vulnerability CVE-2026-57329 was detected. This vulnerability allows attackers to execute arbitrary web scripts. To address this issue, users should upgrade WooCommerce Designer Pro to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-57329.

Read more
E-commerce
14 Jul 2026 Business and Enterprise Solutions
WordPress: Arbitrary Post Modification Vulnerability in F4 Post Tree

In F4 Post Tree component for WordPress versions before 2.0.5 a medium severity vulnerability CVE-2026-9676 was detected. This vulnerability allows authenticated users with Subscriber-level access and above to modify the parent and menu order of arbitrary posts. To address this issue, users should upgrade F4 Post Tree to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-9676.

Read more
CMS
14 Jul 2026 Business and Enterprise Solutions
Joomla: Arbitrary File Deletion and Creation in Helix3 plugin

In Helix3 plugin component for Joomla in unpatched versions a high severity vulnerability CVE-2026-49049 was detected. This vulnerability allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters. To address this issue, users should upgrade Helix3 plugin to the latest available version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-49049.

Read more
CMS
14 Jul 2026 Business and Enterprise Solutions
Joomla: Arbitrary File Upload vulnerability in Page Builder CK

In Page Builder CK component for Joomla versions before 3.6.0 a critical severity vulnerability CVE-2026-56290 was detected. This vulnerability allows attackers to upload arbitrary files and achieve remote code execution. To address this issue, users should upgrade Page Builder CK to version 3.6.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-56290.

Read more
CMS
13 Jul 2026 Communication and Collaboration
Mattermost: Data exfiltration via markdown rendering in AI bot posts

In Mattermost versions 10.11.18 and earlier, 11.6.3 and earlier, and 11.5.6 and earlier a low severity vulnerability CVE-2026-3472 was detected. This vulnerability allows an authenticated attacker to exfiltrate data. To address this issue, users should upgrade Mattermost to version 10.11.19 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-3472.

Read more
Communication
Case Studies