"vendor on a patch. wordfence premium, care, and response customers received this protection immediately, while users still running the free version of wordfence will receive this enhanced protection after a 30 day delay. total unpatched & patched vulnerabilities last week patch s…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
69%
"details > fox < = 1. 4. 5 - authenticated ( shop manager + ) sql injection 4. 9 cvss rating 4. 9 ( medium ) cve - id cve - 2026 - 39497 patch status patched published mar 23, 2026 affected software fox – currency switcher professional for woocommerce [ woocommerce - currency - sw…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
67%
"plugin for woocommerce [ cartflows ] researcher truong huu phuc ( truonghuuphuc ) more details > conditional menus < = 1. 2. 6 - cross - site request forgery to menu options update 4. 3 cvss rating 4. 3 ( medium ) cve - id cve - 2026 - 1032 patch status patched published mar 25, …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
60%
"inclusion ' ) 2 unrestricted upload of file with dangerous type 2 cross - site request forgery ( csrf ) 1 improper authentication 1 improper authorization 1 improper control of generation of code ( ' code injection ' ) 1 improper input validation 1 improper neutralization of crlf…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
54%
"[ products - file - upload - for - woocommerce ] researcher denver jackson more details > ricky < 2. 31 - unauthenticated php object injection 8. 1 cvss rating 8. 1 ( high ) cve - id cve - 2026 - 25032 patch status patched published mar 23, 2026 affected software ricky - pet shop…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
48%
"calendar – amelia [ ameliabooking ] researcher daroo more details > download monitor < = 5. 1. 8 - authenticated ( contributor + ) sql injection 6. 5 cvss rating 6. 5 ( medium ) cve - id cve - 2026 - 39486 patch status patched published mar 25, 2026 affected software download mon…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
42%
"researcher phat rio more details > wpbookit pro < = 1. 6. 18 - authenticated ( subscriber + ) privilege escalation 4. 3 cvss rating 4. 3 ( medium ) cve - id cve - 2026 - 25414 patch status unpatched published mar 23, 2026 affected software wpbookit pro - appointment booking plugi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
39%
"id cve - 2026 - 4758 patch status patched published mar 25, 2026 affected software wp job portal – ai - powered recruitment system for company or job board website [ wp - job - portal ] researcher daroo more details > archicon < 1. 7 - unauthenticated php object injection 8. 1 cv…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
38%
"##press vulnerability discoveries to us and earn a bounty on in - scope vulnerabilities through our bug bounty program. responsibly disclosing your vulnerability discoveries to us will also get your name added on the wordfence intelligence leaderboard along with being mentioned i…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
37%
"##pakiad s. ( m3ez ) 2 darkmode 2 tran nguyen bao khanh 2 zaim 2 youssef elouaer 1 sshell 1 hung nguyen ( bashu ) 1 ppzzaarr 1 ashkan moghaddas 1 que thanh tuan 1 legion hunter 1 bao - bluerock 1 ren voza 1 s00me00ne 1 daniel basta ( whizzu ) 1 bonds 1 ahmed rayen ayari 1 andrea …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
36%
"researcher phat rio more details > wpbookit pro < = 1. 6. 18 - authenticated ( subscriber + ) privilege escalation 4. 3 cvss rating 4. 3 ( medium ) cve - id cve - 2026 - 25414 patch status unpatched published mar 23, 2026 affected software wpbookit pro - appointment booking plugi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
36%
"- 2026 - 2343 patch status patched published mar 27, 2026 affected software peprodev ultimate invoice [ pepro - ultimate - invoice ] researcher ashkan moghaddas more details > sureforms < = 2. 5. 2 - unauthenticated payment amount validation bypass via ' form _ id ' 7. 5 cvss rat…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
34%
"medium ) cve - id cve - 2026 - 25376 patch status patched published mar 23, 2026 affected software addon jobsearch chat [ addon - jobsearch - chat ] researcher phat rio more details > boutique < 2. 4. 6 - reflected cross - site scripting 6. 1 cvss rating 6. 1 ( medium ) cve - id …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to ... Read More