Advisories 29 March 2018 / 0 Comments Advisory on Drupal core - Remote Code Execution This advisory focuses on the Remote Code Execution vulnerability. Download RELATED ADVISORIES Advisories 2 July 2026 EventON WordPress Plugin SQL Injection Exposes Database Contents (CVE-2026-9711) Scope: EventON WordPress Plugin (Versions Affected, Exact Range Unspecified in Source Material) Severity: High Open VSX Registry Stored XSS Enables Supply Chain Attack Against VS Code, Cursor, and Windsurf (CVE-2026-13323) Advisories 2 July 2026 RegistrationMagic WordPress Plugin CSRF to Privilege Escalation Granting Admin Access (CVE-2026-12158) Advisories 2 July 2026 nginx-proxy-manager Prototype Pollution via JSON Parser Enables Unauthenticated RCE (CVE-2026-13228) Advisories 2 July 2026 Download Manager WordPress Plugin Authenticated Stored XSS via Shortcode Attribute (CVE-2026-13733) Advisories 2 July 2026 Custom Payment Gateways for WooCommerce Unauthenticated Stored XSS in Checkout Fields (CVE-2026-7517) Advisories 2 July 2026 NEX-Forms WordPress Plugin Unauthenticated Stored XSS via Form Field Name (CVE-2026-12142) Advisories 2 July 2026