WordPress Vulnerability Report — March 18, 2026

Since last week, 159 new vulnerabilities have emerged in the WordPress ecosystem, including 6 in Core, 130 plugins, and 23 themes. Of those, 46 remain unpatched, but Solid Security Pro users are protected by virtual patching from Patchstack.

Sarah Ulmer

Updated:Mar 23, 2026

Published:Mar 18, 2026

Filed Under:WordPress Vulnerability Report

Reading Time:29 min.

In this report, 159 vulnerabilities have been publicly disclosed. Security patches for 113 of these Core, plugins, and themes are now available. Please run these updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.

Currently, 46 plugin and theme vulnerabilities remain unpatched. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.

Along with poor user account security, vulnerable plugins and themes are among the top reasons why WordPress websites get hacked. Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

1. WordPress Core

1.1 WordPress Core
1.2 WordPress Core
1.3 WordPress Core
1.4 WordPress Core
1.5 WordPress Core
1.6 WordPress Core

2. WordPress Plugins — 100 Patched / 30 Unpatched

2.1 WP ULike – Like & Dislike Buttons for Engagement and Feedback
2.2 StoreCustomizer – A plugin to Customize all WooCommerce Pages
2.3 WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution
2.4 Addi – Cuotas que se adaptan a ti
2.5 TotalPoll for Polls and Contests
2.6 ViaBill – WooCommerce
2.7 Photo Contest | Competition | Video Contest
2.8 Mobile App Editor – WordPress to Android App Builder
2.9 Admin Safety Guard — Login Security & 2FA
2.10 ACPT (Pro) – Custom Post Types Plugin for WordPress
2.11 BuilderPress
2.12 Curly Core
2.13 Darna Framework
2.14 DukaPress
2.15 Everest Forms Pro
2.16 Handmade Framework
2.17 Jobica Core
2.18 Legacy Admin
2.19 MetForm Pro
2.20 Modern Events Calendar
2.21 Penci Soledad Data Migrator
2.22 WooCommerce Infinite Scroll
2.23 The Aisle Core
2.24 UiPress lite
2.25 Ultra WordPress Admin
2.26 Unlimited Elements for Elementor (Premium)
2.27 Wolverine Framework
2.28 WZone
2.29 WZone
2.30 WP App Bar
2.31 WooCommerce
2.32 Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)
2.33 MC4WP: Mailchimp for WordPress
2.34 The Events Calendar
2.35 Royal Addons for Elementor – Addons and Templates Kit for Elementor
2.36 Meta Box
2.37 PixelYourSite – Your smart PIXEL (TAG) & API Manager
2.38 Ally – Web Accessibility & Usability
2.39 Checkout Field Editor (Checkout Manager) for WooCommerce
2.40 Admin Menu Editor
2.41 Happy Addons for Elementor
2.42 Happy Addons for Elementor
2.43 Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
2.44 Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
2.45 ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)
2.46 ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)
2.47 Unlimited Elements For Elementor
2.48 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer
2.49 LatePoint – Calendar Booking Plugin for Appointments and Events
2.50 My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)
2.51 Social Icons Widget & Block – Social Media Icons & Share Buttons
2.52 Tutor LMS – eLearning and online course solution
2.53 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
2.54 LearnPress – WordPress LMS Plugin for Create and Sell Online Courses
2.55 GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
2.56 GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
2.57 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
2.58 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
2.59 Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
2.60 Ultra Addons for Contact Form 7
2.61 WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters
2.62 Advanced Product Fields (Product Addons) for WooCommerce
2.63 RTMKit
2.64 RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging
2.65 Calculated Fields Form
2.66 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy
2.67 Modular DS: Monitor, update, and backup multiple websites
2.68 Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits
2.69 NextScripts: Social Networks Auto-Poster
2.70 Website LLMs.txt
2.71 Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder
2.72 Post Snippets – Custom WordPress Code Snippets Customizer
2.73 Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor
2.74 Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types
2.75 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
2.76 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
2.77 Job Postings
2.78 Lead Form Builder & Contact Form
2.79 Subscriptions for WooCommerce
2.80 weForms – Easy Drag & Drop Contact Form Builder For WordPress
2.81 Xagio SEO – AI Powered SEO
2.82 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
2.83 RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
2.84 EventPrime – Events Calendar, Bookings and Tickets
2.85 NEX-Forms – Ultimate Forms Plugin for WordPress
2.86 Reading progressbar
2.87 UpsellWP – WooCommerce Upsell and Related Products Offers
2.88 WOLF – WordPress Posts Bulk Editor and Manager Professional
2.89 Responsive Blocks – Page Builder for Blocks & Patterns
2.90 JS Archive List
2.91 Name Directory
2.92 Simple Ajax Chat – Add a Fast, Secure Chat Box
2.93 Timetics – Appointment Booking Calendar & Scheduling System
2.94 Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe
2.95 Flexmls® IDX Plugin
2.96 Active Products Tables for WooCommerce. Use constructor to create tables
2.97 WP Easy Pay – Payment and Donation form Builder for Square
2.98 MDTF – Meta Data and Taxonomies Filter
2.99 Booktics – Booking Calendar for Appointments and Service Businesses
2.100 Booktics – Booking Calendar for Appointments and Service Businesses
2.101 Datalogics Ecommerce Delivery – Datalogics
2.102 PitchPrint
2.103 CM Custom Reports – Flexible reporting to track what matters most
2.104 Guest posting / Frontend Posting / Front Editor – WP Front User Submit
2.105 Court Reservation – Manage Your Court Bookings Online
2.106 LearnPress – Sepay Payment
2.107 Pix for WooCommerce
2.108 Primer MyData for Woocommerce
2.109 Paid Videochat Turnkey Site – HTML5 PPV Live Webcams
2.110 ZIP Code Based Content Protection
2.111 Divi Booster
2.112 Elated Listing
2.113 Fusion Builder
2.114 Fusion Builder
2.115 Avada Core
2.116 Avada Core
2.117 Gravity Forms
2.118 JetBooking
2.119 Jobica Core
2.120 Jobica Core
2.121 MetForm Pro
2.122 Organici Library
2.123 Organici Library
2.124 Organici Library
2.125 Visionary Core
2.126 Visionary Core
2.127 PixelYourSite PRO
2.128 tagDiv Composer
2.129 tagDiv Opt-In Builder
2.130 Tutor LMS Pro

3. WordPress Themes — 7 Patched / 16 Unpatched

3.1 Amfissa
3.2 Beelove
3.3 Belfort
3.4 Buisson
3.5 Deston
3.6 Emaurri
3.7 Golo
3.8 Jannah
3.9 Love Story
3.10 LuxeDrive
3.11 Melody
3.12 MultiOffice
3.13 Photography
3.14 Rosebud
3.15 Work & Travel Company
3.16 Zorka
3.17 Astra
3.18 News Magazine X
3.19 Energox
3.20 Instant VA
3.21 CitiLights
3.22 CitiLights
3.23 Search & Go

Our WordPress Vulnerability Report covers the latest emerging WordPress plugin, theme, and core vulnerabilities. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. Responsible disclosure of vulnerabilities is essential to keeping the WordPress community safe. Please share this report to help spread the word and make WordPress — and the web — more secure.

WordPress Core

WordPress 6.9.4 is now available, addressing 10 security issues and a bug that affected template file loading on a limited number of sites. Because this is a security release, it is recommended that you update your sites immediately.

Also, WordPress 7.0 Beta 5 is ready for download and testing! As this is a pre-release version, it is intended for testing and development only and should not be installed on production or mission-critical sites. Organizations should use local or staging environments to evaluate compatibility and new features before the final rollout.

WordPress 7.0 is scheduled for release on April 9, 2026.

Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 6.9.2
Severity Score:: Medium

Vulnerability:: Server Side Request Forgery (SSRF)
Patched in Version:: 6.9.2
Severity Score:: Medium

Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 6.9.2
Severity Score:: Medium

Vulnerability:: XML External Entity (XXE)
Patched in Version:: 6.9.4
Severity Score:: Medium

Vulnerability:: Broken Access Control
Patched in Version:: 6.9.4
Severity Score:: Medium
CVE:: CVE-2026-3906

Vulnerability:: Broken Access Control
Patched in Version:: 6.9.2
Severity Score:: Medium

WordPress Plugins — 100 Patched / 30 Unpatched

Plugin:: WP ULike – Like & Dislike Buttons for Engagement and Feedback
Plugin Slug:: wp-ulike
Installations: 70,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: Medium
CVE:: 2026-2358

Plugin:: StoreCustomizer – A plugin to Customize all WooCommerce Pages
Plugin Slug:: woocustomizer
Installations: 20,000+
Vulnerability:: Broken Access Control
Patched in Version:: No Fix
Severity Score:: Medium
CVE:: 2026-27046

Plugin:: WPCafe – Restaurant Menu, Online Food Ordering and Reservation Booking Solution
Plugin Slug:: wp-cafe
Installations: 6,000+
Vulnerability:: Broken Access Control
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27071

Plugin:: Addi – Cuotas que se adaptan a ti
Plugin Slug:: buy-now-pay-later-addi
Installations: 2,000+
Vulnerability:: Broken Authentication
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27073

Plugin:: TotalPoll for Polls and Contests
Plugin Slug:: totalpoll-lite
Installations: 1,000+
Vulnerability:: Remote Code Execution (RCE)
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27044

Plugin:: ViaBill – WooCommerce
Plugin Slug:: viabill-woocommerce
Installations: 500+
Vulnerability:: Settings Change
Patched in Version:: No Fix
Severity Score:: Medium
CVE:: 2026-25469

Plugin:: Photo Contest | Competition | Video Contest
Plugin Slug:: totalcontest-lite
Installations: 300+
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-0677

Plugin:: Mobile App Editor – WordPress to Android App Builder
Plugin Slug:: mobile-app-editor
Installations: 40+
Vulnerability:: Arbitrary File Upload
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27067

Plugin:: Admin Safety Guard — Login Security & 2FA
Plugin Slug:: admin-safety-guard
Installations: 10+
Vulnerability:: Broken Authentication
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-25471

Plugin:: ACPT (Pro) – Custom Post Types Plugin for WordPress
Plugin Slug:: advanced-custom-post-type
Vulnerability:: Remote Code Execution (RCE)
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-25470

Plugin:: BuilderPress
Plugin Slug:: builderpress
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27065

Plugin:: Curly Core
Plugin Slug:: curly-core
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27047

Plugin:: Darna Framework
Plugin Slug:: darna-framework
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27088

Plugin:: DukaPress
Plugin Slug:: dukapress
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-2466

Plugin:: Everest Forms Pro
Plugin Slug:: everest-forms-pro
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27070

Plugin:: Handmade Framework
Plugin Slug:: handmade-framework
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-22520

Plugin:: Jobica Core
Plugin Slug:: jobica-core
Vulnerability:: Broken Authentication
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27049

Plugin:: Legacy Admin
Plugin Slug:: legacy-admin
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-22524

Plugin:: MetForm Pro
Plugin Slug:: metform-pro
Vulnerability:: Broken Access Control
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-24611

Plugin:: Modern Events Calendar
Plugin Slug:: modern-events-calendar
Vulnerability:: Broken Access Control
Patched in Version:: No Fix
Severity Score:: Medium
CVE:: 2026-32583

Plugin:: Penci Soledad Data Migrator
Plugin Slug:: penci-data-migrator
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27054

Plugin:: WooCommerce Infinite Scroll
Plugin Slug:: sb-woocommerce-infinite-scroll
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27045

Plugin:: The Aisle Core
Plugin Slug:: theaisle-core
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27048

Plugin:: UiPress lite
Plugin Slug:: uipress-lite
Vulnerability:: Broken Access Control
Patched in Version:: No Fix
Severity Score:: Medium
CVE:: 2026-27091

Plugin:: Ultra WordPress Admin
Plugin Slug:: ultra-admin
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-22523

Plugin:: Unlimited Elements for Elementor (Premium)
Plugin Slug:: unlimited-elements-for-elementor-premium
Vulnerability:: Arbitrary File Upload
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27041

Plugin:: Wolverine Framework
Plugin Slug:: wolverine-framework
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27087

Plugin:: WZone
Plugin Slug:: woozone
Vulnerability:: SQL Injection
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27039

Plugin:: WZone
Plugin Slug:: woozone
Vulnerability:: Arbitrary File Deletion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27040

Plugin:: WP App Bar
Plugin Slug:: wp-app-bar
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-1074

Plugin:: WooCommerce
Plugin Slug:: woocommerce
Installations: 7,000,000+
Vulnerability:: Cross Site Request Forgery (CSRF)
Patched in Version:: 10.5.3
Severity Score:: Medium
CVE:: 2026-3589

Plugin:: Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)
Plugin Slug:: really-simple-ssl
Installations: 3,000,000+
Vulnerability:: Broken Access Control
Patched in Version:: 9.5.8
Severity Score:: Medium
CVE:: 2026-32461

Plugin:: MC4WP: Mailchimp for WordPress
Plugin Slug:: mailchimp-for-wp
Installations: 1,000,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.12.0
Severity Score:: Medium
CVE:: 2026-1781

Plugin:: The Events Calendar
Plugin Slug:: the-events-calendar
Installations: 700,000+
Vulnerability:: Arbitrary File Download
Patched in Version:: 6.15.17.1
Severity Score:: High
CVE:: 2026-3585

Plugin:: Royal Addons for Elementor – Addons and Templates Kit for Elementor
Plugin Slug:: royal-elementor-addons
Installations: 600,000+
Vulnerability:: Arbitrary File Upload
Patched in Version:: 1.7.1050
Severity Score:: High
CVE:: 2025-13067

Plugin:: Meta Box
Plugin Slug:: meta-box
Installations: 500,000+
Vulnerability:: Arbitrary File Deletion
Patched in Version:: 5.11.2
Severity Score:: High
CVE:: 2025-14675

Plugin:: PixelYourSite – Your smart PIXEL (TAG) & API Manager
Plugin Slug:: pixelyoursite
Installations: 500,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 11.2.0.1
Severity Score:: High
CVE:: 2026-1841

Plugin:: Ally – Web Accessibility & Usability
Plugin Slug:: pojo-accessibility
Installations: 500,000+
Vulnerability:: SQL Injection
Patched in Version:: 4.1.0
Severity Score:: Critical
CVE:: 2026-2413

Plugin:: Checkout Field Editor (Checkout Manager) for WooCommerce
Plugin Slug:: woo-checkout-field-editor-pro
Installations: 500,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.1.8
Severity Score:: High
CVE:: 2026-3231

Plugin:: Admin Menu Editor
Plugin Slug:: admin-menu-editor
Installations: 400,000+
Vulnerability:: Cross Site Request Forgery (CSRF)
Patched in Version:: 1.15
Severity Score:: Medium
CVE:: 2026-32456

Plugin:: Happy Addons for Elementor
Plugin Slug:: happy-elementor-addons
Installations: 400,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 3.21.1
Severity Score:: Medium
CVE:: 2026-2917

Plugin:: Happy Addons for Elementor
Plugin Slug:: happy-elementor-addons
Installations: 400,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 3.21.1
Severity Score:: Medium
CVE:: 2026-2918

Plugin:: Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
Plugin Slug:: formidable
Installations: 300,000+
Vulnerability:: Broken Authentication
Patched in Version:: 6.29
Severity Score:: Medium
CVE:: 2026-2888

Plugin:: Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
Plugin Slug:: formidable
Installations: 300,000+
Vulnerability:: Broken Access Control
Patched in Version:: 6.29
Severity Score:: High
CVE:: 2026-2890

Plugin:: ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)
Plugin Slug:: google-analytics-dashboard-for-wp
Installations: 300,000+
Vulnerability:: Privilege Escalation
Patched in Version:: 9.0.3
Severity Score:: Critical
CVE:: 2026-1993

Plugin:: ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)
Plugin Slug:: google-analytics-dashboard-for-wp
Installations: 300,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 9.0.3
Severity Score:: High
CVE:: 2026-1992

Plugin:: Unlimited Elements For Elementor
Plugin Slug:: unlimited-elements-for-elementor
Installations: 300,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.0.6
Severity Score:: High
CVE:: 2026-2724

Plugin:: Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer
Plugin Slug:: 3d-flipbook-dflip-lite
Installations: 100,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.4.27
Severity Score:: Medium
CVE:: 2026-2569

Plugin:: LatePoint – Calendar Booking Plugin for Appointments and Events
Plugin Slug:: latepoint
Installations: 100,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 5.2.8
Severity Score:: High
CVE:: 2026-2324

Plugin:: My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)
Plugin Slug:: mystickymenu
Installations: 100,000+
Vulnerability:: SQL Injection
Patched in Version:: 2.8.7
Severity Score:: Critical
CVE:: 2026-3657

Plugin:: Social Icons Widget & Block – Social Media Icons & Share Buttons
Plugin Slug:: social-icons-widget-by-wpzoom
Installations: 100,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.5.9
Severity Score:: Medium
CVE:: 2026-4063

Plugin:: Tutor LMS – eLearning and online course solution
Plugin Slug:: tutor
Installations: 100,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 3.9.5
Severity Score:: Medium
CVE:: 2025-32223

Plugin:: Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
Plugin Slug:: wp-user-avatar
Installations: 100,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 4.16.12
Severity Score:: High
CVE:: 2026-3453

Plugin:: LearnPress – WordPress LMS Plugin for Create and Sell Online Courses
Plugin Slug:: learnpress
Installations: 80,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.3.3
Severity Score:: Medium
CVE:: 2026-3226

Plugin:: GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
Plugin Slug:: getgenie
Installations: 70,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 4.3.3
Severity Score:: Medium
CVE:: 2026-2257

Plugin:: GetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools
Plugin Slug:: getgenie
Installations: 70,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 4.3.3
Severity Score:: Medium
CVE:: 2026-2879

Plugin:: Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
Plugin Slug:: simply-schedule-appointments
Installations: 60,000+
Vulnerability:: Broken Access Control
Patched in Version:: 1.6.10.0
Severity Score:: High
CVE:: 2026-3045

Plugin:: Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
Plugin Slug:: simply-schedule-appointments
Installations: 60,000+
Vulnerability:: Sensitive Data Exposure
Patched in Version:: 1.6.10.0
Severity Score:: Medium
CVE:: 2026-1704

Plugin:: Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
Plugin Slug:: simply-schedule-appointments
Installations: 60,000+
Vulnerability:: SQL Injection
Patched in Version:: 1.6.9.29
Severity Score:: Critical
CVE:: 2026-1708

Plugin:: Ultra Addons for Contact Form 7
Plugin Slug:: ultimate-addons-for-contact-form-7
Installations: 60,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 3.5.37
Severity Score:: Medium
CVE:: 2026-32460

Plugin:: WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters
Plugin Slug:: wp-google-map-plugin
Installations: 60,000+
Vulnerability:: SQL Injection
Patched in Version:: 4.9.2
Severity Score:: Critical
CVE:: 2026-3222

Plugin:: Advanced Product Fields (Product Addons) for WooCommerce
Plugin Slug:: advanced-product-fields-for-woocommerce
Installations: 50,000+
Vulnerability:: Broken Access Control
Patched in Version:: 1.6.19
Severity Score:: Medium
CVE:: 2026-32457

Plugin:: RTMKit
Plugin Slug:: rometheme-for-elementor
Installations: 50,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.0.0
Severity Score:: High
CVE:: 2025-12473

Plugin:: RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging
Plugin Slug:: wp-rss-aggregator
Installations: 50,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 5.0.12
Severity Score:: High
CVE:: 2026-2433

Plugin:: Calculated Fields Form
Plugin Slug:: calculated-fields-form
Installations: 40,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 5.4.5.1
Severity Score:: Medium
CVE:: 2026-3986

Plugin:: Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy
Plugin Slug:: dokan-lite
Installations: 40,000+
Vulnerability:: Broken Authentication
Patched in Version:: 4.2.5
Severity Score:: High
CVE:: 2026-24359

Plugin:: Modular DS: Monitor, update, and backup multiple websites
Plugin Slug:: modular-connector
Installations: 40,000+
Vulnerability:: Cross Site Request Forgery (CSRF)
Patched in Version:: 2.6.0
Severity Score:: Medium
CVE:: 2026-3903

Plugin:: Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits
Plugin Slug:: master-addons
Installations: 30,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.1.4
Severity Score:: Medium
CVE:: 2026-32462

Plugin:: NextScripts: Social Networks Auto-Poster
Plugin Slug:: social-networks-auto-poster-facebook-twitter-g
Installations: 30,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 4.4.7
Severity Score:: Medium
CVE:: 2026-3228

Plugin:: Website LLMs.txt
Plugin Slug:: website-llms-txt
Installations: 30,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 8.2.7
Severity Score:: High
CVE:: 2026-27068

Plugin:: Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder
Plugin Slug:: gutena-forms
Installations: 20,000+
Vulnerability:: Settings Change
Patched in Version:: 1.6.1
Severity Score:: Medium
CVE:: 2026-1753

Plugin:: Post Snippets – Custom WordPress Code Snippets Customizer
Plugin Slug:: post-snippets
Installations: 20,000+
Vulnerability:: Remote Code Execution (RCE)
Patched in Version:: 4.0.13
Severity Score:: High
CVE:: 2026-25001

Plugin:: Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor
Plugin Slug:: thim-elementor-kit
Installations: 20,000+
Vulnerability:: Broken Access Control
Patched in Version:: 1.3.8
Severity Score:: Medium
CVE:: 2026-1870

Plugin:: Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types
Plugin Slug:: wicked-folders
Installations: 20,000+
Vulnerability:: Insecure Direct Object References (IDOR)
Patched in Version:: 4.1.1
Severity Score:: Medium
CVE:: 2026-1883

Plugin:: User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
Plugin Slug:: wp-user-frontend
Installations: 20,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.2.9
Severity Score:: Medium
CVE:: 2026-2233

Plugin:: User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
Plugin Slug:: wp-user-frontend
Installations: 20,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.2.6
Severity Score:: Medium
CVE:: 2026-24364

Plugin:: Job Postings
Plugin Slug:: job-postings
Installations: 10,000+
Vulnerability:: Broken Access Control
Patched in Version:: 2.8.1
Severity Score:: High
CVE:: 2026-23806

Plugin:: Lead Form Builder & Contact Form
Plugin Slug:: lead-form-builder
Installations: 10,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.0.2
Severity Score:: High
CVE:: 2026-1454

Plugin:: Subscriptions for WooCommerce
Plugin Slug:: subscriptions-for-woocommerce
Installations: 10,000+
Vulnerability:: Bypass Vulnerability
Patched in Version:: 1.9.0
Severity Score:: High
CVE:: 2026-24372

Plugin:: weForms – Easy Drag & Drop Contact Form Builder For WordPress
Plugin Slug:: weforms
Installations: 10,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.6.28
Severity Score:: Medium
CVE:: 2026-2707

Plugin:: Xagio SEO – AI Powered SEO
Plugin Slug:: xagio-seo
Installations: 10,000+
Vulnerability:: Privilege Escalation
Patched in Version:: 7.1.0.31
Severity Score:: Critical
CVE:: 2026-24968

Plugin:: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Plugin Slug:: custom-registration-form-builder-with-submission-manager
Installations: 9,000+
Vulnerability:: Broken Authentication
Patched in Version:: 6.0.7.2
Severity Score:: High
CVE:: 2026-24373

Plugin:: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Plugin Slug:: custom-registration-form-builder-with-submission-manager
Installations: 9,000+
Vulnerability:: Sensitive Data Exposure
Patched in Version:: 6.0.7.2
Severity Score:: Medium
CVE:: 2025-15520

Plugin:: EventPrime – Events Calendar, Bookings and Tickets
Plugin Slug:: eventprime-event-calendar-management
Installations: 7,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.2.7.0
Severity Score:: High
CVE:: 2025-69358

Plugin:: NEX-Forms – Ultimate Forms Plugin for WordPress
Plugin Slug:: nex-forms-express-wp-form-builder
Installations: 7,000+
Vulnerability:: Broken Access Control
Patched in Version:: 9.1.10
Severity Score:: Medium
CVE:: 2026-1948

Plugin:: Reading progressbar
Plugin Slug:: reading-progress-bar
Installations: 6,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.3.1
Severity Score:: Medium
CVE:: 2026-2687

Plugin:: UpsellWP – WooCommerce Upsell and Related Products Offers
Plugin Slug:: checkout-upsell-and-order-bumps
Installations: 5,000+
Vulnerability:: SQL Injection
Patched in Version:: 2.2.5
Severity Score:: High
CVE:: 2026-32459

Plugin:: WOLF – WordPress Posts Bulk Editor and Manager Professional
Plugin Slug:: bulk-editor
Installations: 4,000+
Vulnerability:: SQL Injection
Patched in Version:: 1.0.9
Severity Score:: High
CVE:: 2026-32458

Plugin:: Responsive Blocks – Page Builder for Blocks & Patterns
Plugin Slug:: responsive-block-editor-addons
Installations: 4,000+
Vulnerability:: Broken Access Control
Patched in Version:: 2.2.1
Severity Score:: Medium
CVE:: 2026-32543

Plugin:: JS Archive List
Plugin Slug:: jquery-archive-list-widget
Installations: 3,000+
Vulnerability:: PHP Object Injection
Patched in Version:: 6.2.0
Severity Score:: High
CVE:: 2026-2020

Plugin:: Name Directory
Plugin Slug:: name-directory
Installations: 3,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.33.0
Severity Score:: High
CVE:: 2026-3178

Plugin:: Simple Ajax Chat – Add a Fast, Secure Chat Box
Plugin Slug:: simple-ajax-chat
Installations: 2,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 20260301
Severity Score:: High
CVE:: 2026-2987

Plugin:: Timetics – Appointment Booking Calendar & Scheduling System
Plugin Slug:: timetics
Installations: 2,000+
Vulnerability:: Broken Access Control
Patched in Version:: 1.0.52
Severity Score:: Medium
CVE:: 2025-15473

Plugin:: Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe
Plugin Slug:: contest-gallery
Installations: 1,000+
Vulnerability:: Server Side Request Forgery (SSRF)
Patched in Version:: 28.1.2.2
Severity Score:: Medium
CVE:: 2026-24964

Plugin:: Flexmls® IDX Plugin
Plugin Slug:: flexmls-idx
Installations: 1,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 3.15.10
Severity Score:: High
CVE:: 2026-25369

Plugin:: Active Products Tables for WooCommerce. Use constructor to create tables
Plugin Slug:: profit-products-tables-for-woocommerce
Installations: 1,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.0.8
Severity Score:: Medium
CVE:: 2026-32450

Plugin:: WP Easy Pay – Payment and Donation form Builder for Square
Plugin Slug:: wp-easy-pay
Installations: 1,000+
Vulnerability:: Broken Access Control
Patched in Version:: 4.2.12
Severity Score:: Medium
CVE:: 2026-32587

Plugin:: MDTF – Meta Data and Taxonomies Filter
Plugin Slug:: wp-meta-data-filter-and-taxonomy-filter
Installations: 1,000+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.3.6
Severity Score:: Medium
CVE:: 2026-32455

Plugin:: Booktics – Booking Calendar for Appointments and Service Businesses
Plugin Slug:: booktics
Installations: 600+
Vulnerability:: Broken Access Control
Patched in Version:: 1.0.17
Severity Score:: Medium
CVE:: 2026-1919

Plugin:: Booktics – Booking Calendar for Appointments and Service Businesses
Plugin Slug:: booktics
Installations: 600+
Vulnerability:: Broken Access Control
Patched in Version:: 1.0.17
Severity Score:: Medium
CVE:: 2026-1920

Plugin:: Datalogics Ecommerce Delivery – Datalogics
Plugin Slug:: datalogics
Installations: 400+
Vulnerability:: Privilege Escalation
Patched in Version:: 2.6.60
Severity Score:: Critical
CVE:: 2026-2631

Plugin:: PitchPrint
Plugin Slug:: pitchprint
Installations: 400+
Vulnerability:: Arbitrary File Deletion
Patched in Version:: 11.2.0
Severity Score:: High
CVE:: 2026-22448

Plugin:: CM Custom Reports – Flexible reporting to track what matters most
Plugin Slug:: cm-custom-reports
Installations: 200+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.2.8
Severity Score:: High
CVE:: 2026-2431

Plugin:: Guest posting / Frontend Posting / Front Editor – WP Front User Submit
Plugin Slug:: front-editor
Installations: 200+
Vulnerability:: Sensitive Data Exposure
Patched in Version:: 5.0.6
Severity Score:: Medium
CVE:: 2026-1867

Plugin:: Court Reservation – Manage Your Court Bookings Online
Plugin Slug:: court-reservation
Installations: 100+
Vulnerability:: Cross Site Request Forgery (CSRF)
Patched in Version:: 1.10.9
Severity Score:: Medium
CVE:: 2026-1508

Plugin:: LearnPress – Sepay Payment
Plugin Slug:: learnpress-sepay-payment
Installations: 100+
Vulnerability:: Broken Authentication
Patched in Version:: 4.0.1
Severity Score:: High
CVE:: 2026-25002

Plugin:: Pix for WooCommerce
Plugin Slug:: payment-gateway-pix-for-woocommerce
Installations: 100+
Vulnerability:: Arbitrary File Upload
Patched in Version:: 1.6.0
Severity Score:: Critical
CVE:: 2026-3891

Plugin:: Primer MyData for Woocommerce
Plugin Slug:: primer-mydata
Installations: 100+
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 4.2.2
Severity Score:: High
CVE:: 2024-11809

Plugin:: Paid Videochat Turnkey Site – HTML5 PPV Live Webcams
Plugin Slug:: ppv-live-webcams
Installations: 30+
Vulnerability:: Privilege Escalation
Patched in Version:: 7.3.21
Severity Score:: High
CVE:: 2025-8899

Plugin:: ZIP Code Based Content Protection
Plugin Slug:: zip-code-based-content-protection
Installations: 10+
Vulnerability:: SQL Injection
Patched in Version:: 1.0.3
Severity Score:: Critical
CVE:: 2025-14353

Plugin:: Divi Booster
Plugin Slug:: divi-booster
Vulnerability:: PHP Object Injection
Patched in Version:: 5.0.2
Severity Score:: Critical
CVE:: 2026-2626

Plugin:: Elated Listing
Plugin Slug:: eltd-listing
Vulnerability:: Broken Access Control
Patched in Version:: 1.5
Severity Score:: Medium
CVE:: 2026-24972

Plugin:: Fusion Builder
Plugin Slug:: fusion-builder
Vulnerability:: Broken Access Control
Patched in Version:: 3.15.0
Severity Score:: Medium
CVE:: 2026-32452

Plugin:: Fusion Builder
Plugin Slug:: fusion-builder
Vulnerability:: Broken Access Control
Patched in Version:: 3.15.0
Severity Score:: Medium
CVE:: 2026-32451

Plugin:: Avada Core
Plugin Slug:: fusion-core
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 5.15.0
Severity Score:: Medium
CVE:: 2026-32454

Plugin:: Avada Core
Plugin Slug:: fusion-core
Vulnerability:: Broken Access Control
Patched in Version:: 5.15.0
Severity Score:: Medium
CVE:: 2026-32453

Plugin:: Gravity Forms
Plugin Slug:: gravityforms
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.9.29
Severity Score:: Medium
CVE:: 2026-3492

Plugin:: JetBooking
Plugin Slug:: jet-booking
Vulnerability:: SQL Injection
Patched in Version:: 4.0.3.1
Severity Score:: Critical
CVE:: 2026-3496

Plugin:: Jobica Core
Plugin Slug:: jobica-core
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.4.2
Severity Score:: High
CVE:: 2026-24979

Plugin:: Jobica Core
Plugin Slug:: jobica-core
Vulnerability:: PHP Object Injection
Patched in Version:: 1.4.2
Severity Score:: High
CVE:: 2026-24978

Plugin:: MetForm Pro
Plugin Slug:: metform-pro
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 3.9.7
Severity Score:: High
CVE:: 2026-1261

Plugin:: Organici Library
Plugin Slug:: noo-organici-library
Vulnerability:: SQL Injection
Patched in Version:: 2.1.3
Severity Score:: High
CVE:: 2026-24977

Plugin:: Organici Library
Plugin Slug:: noo-organici-library
Vulnerability:: PHP Object Injection
Patched in Version:: 2.1.3
Severity Score:: High
CVE:: 2026-24976

Plugin:: Organici Library
Plugin Slug:: noo-organici-library
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 2.1.3
Severity Score:: High
CVE:: 2026-24975

Plugin:: Visionary Core
Plugin Slug:: noo-visionary-core
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.5.0
Severity Score:: High
CVE:: 2026-24980

Plugin:: Visionary Core
Plugin Slug:: noo-visionary-core
Vulnerability:: PHP Object Injection
Patched in Version:: 1.5.0
Severity Score:: High
CVE:: 2026-24981

Plugin:: PixelYourSite PRO
Plugin Slug:: pixelyoursite-pro
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 12.4.0.3
Severity Score:: High
CVE:: 2026-1844

Plugin:: tagDiv Composer
Plugin Slug:: td-composer
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 5.4.3
Severity Score:: High
CVE:: 2025-50001

Plugin:: tagDiv Opt-In Builder
Plugin Slug:: td-subscription
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 1.7.4
Severity Score:: High
CVE:: 2025-53222

Plugin:: Tutor LMS Pro
Plugin Slug:: tutor-pro
Vulnerability:: Broken Authentication
Patched in Version:: 3.9.6
Severity Score:: Critical
CVE:: 2026-0953

WordPress Themes — 7 Patched / 16 Unpatched

Theme:: Amfissa
Theme Slug:: amfissa
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27079

Theme:: Beelove
Theme Slug:: beelove
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-22507

Theme:: Belfort
Theme Slug:: belfort
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27075

Theme:: Buisson
Theme Slug:: buisson
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27084

Theme:: Deston
Theme Slug:: deston
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27080

Theme:: Emaurri
Theme Slug:: emaurri
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27078

Theme:: Golo
Theme Slug:: golo
Vulnerability:: Privilege Escalation
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27051

Theme:: Jannah
Theme Slug:: jannah
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-25464

Theme:: Love Story
Theme Slug:: lovestory
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27082

Theme:: LuxeDrive
Theme Slug:: luxedrive
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27076

Theme:: Melody
Theme Slug:: melodyschool
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-22510

Theme:: MultiOffice
Theme Slug:: multioffice
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27077

Theme:: Photography
Theme Slug:: photography
Vulnerability:: Arbitrary File Upload
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27043

Theme:: Rosebud
Theme Slug:: rosebud
Vulnerability:: Local File Inclusion
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2026-27081

Theme:: Work & Travel Company
Theme Slug:: work-travel-company
Vulnerability:: PHP Object Injection
Patched in Version:: No Fix
Severity Score:: Critical
CVE:: 2026-27083

Theme:: Zorka
Theme Slug:: zorka
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: No Fix
Severity Score:: High
CVE:: 2025-69096

Theme:: Astra
Theme Slug:: astra
Downloads: 21,720,242
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 4.12.4
Severity Score:: Medium
CVE:: 2026-3534

Theme:: News Magazine X
Theme Slug:: news-magazine-x
Downloads: 76,558
Vulnerability:: Broken Access Control
Patched in Version:: 1.2.51
Severity Score:: High
CVE:: 2026-24382

Theme:: Energox
Theme Slug:: energox
Vulnerability:: Arbitrary File Deletion
Patched in Version:: 1.3
Severity Score:: High
CVE:: 2026-24970

Theme:: Instant VA
Theme Slug:: instantva
Vulnerability:: Arbitrary File Deletion
Patched in Version:: 1.0.2
Severity Score:: High
CVE:: 2026-24969

Theme:: CitiLights
Theme Slug:: noo-citilights
Vulnerability:: PHP Object Injection
Patched in Version:: 3.7.2
Severity Score:: High
CVE:: 2026-24974

Theme:: CitiLights
Theme Slug:: noo-citilights
Vulnerability:: Cross Site Scripting (XSS)
Patched in Version:: 3.7.2
Severity Score:: High
CVE:: 2026-24973

Theme:: Search & Go
Theme Slug:: searchgo
Vulnerability:: Privilege Escalation
Patched in Version:: 2.8.1
Severity Score:: Critical
CVE:: 2026-24971

Solid Security is part of Solid Suite — The best foundation for WordPress websites.

Every WordPress site needs security, backups, and management tools. That’s Solid Suite — an integrated bundle of three plugins: Solid Security, Solid Backups, and Solid Central. You also get access to Solid Academy’s learning resources for WordPress professionals. Build your next WordPress website on a solid foundation with Solid Suite!

Get Solid Security

Author:

Sarah Ulmer

Sarah has been with SolidWP since 2015. Thanks to her deep connection to the brand, its products, and its users, Sarah was tapped as Solid’s primary Product Marketer in 2023. Sarah helps ensure that Solid’s product development team understands our users’ needs. When not at work, Sarah can be found at home with her husband, their three boys, and their dogs. Sarah enjoys long family walks, running with her lab, and watching her three boys play soccer. Sarah is originally from Texas and loves watching football games (Go Longhorns!)

Browse all of Sarah's articles

Sign up

Placeholder text

Thanks

Oops something went wrong, please try submitting again

Solid Suite

Protect

Repair

Manage

Free Plugins

Solid Suite

Academy

Solid Academy

Guides

Livestreams

Tutorials Academy

Resources

Blog

Vulnerability Report

Support

Documentation

Table of Contents

WordPress Core

WordPress Plugins — 100 Patched / 30 Unpatched