CVE-2026-1667: CWE-862 Missing Authorization in cifi GEO Plugin by Squirrly SEO
The GEO Plugin by Squirrly SEO for WordPress contains a missing authorization vulnerability in all versions up to and including 14.0.0. This flaw allows unauthenticated attackers to create arbitrary…
Read the full article6h agoen
You might also wanna read
Mass exploitation of Gravity SMTP WordPress plugin vulnerability steals API keys from 100,000 sites
Wordfence reported blocking 17M+ exploit attempts targeting Gravity SMTP since early May 2026, with the plugin installed on about 100,000 Wo

WAF - WAF Release - 2025-08-04
This week's highlight focuses on a series of significant vulnerabilities identified across widely adopted web platforms, from enterprise-gra
Cloudflare·11mo ago

WAF - WAF Release - 2025-09-29
This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an infor
Cloudflare·9mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.