Latest WordPress news

March 14-15 vulnerability digest: WordPress RCE, OneUptime SQL injection, D-Link zero-days

by Artem Safonov March 15, 2026

Five critical vulnerabilities lead the March 14-15 batch of 215 new CVEs. A CVSS 9.8 unauthenticated WordPress RCE, OneUptime's fourth CVSS 9.9 in six weeks, and three unpatched D-Link buffer overflows top the list.

March 11 CVE digest brings WordPress auth bypass, gas station RCE, Fortinet MFA flaw

by Artem Safonov March 11, 2026

420 new CVEs dropped on March 11, with three scoring critical. A WordPress LMS auth bypass (CVSS 9.8) threatens 30,000 sites, a gas station system has unauthenticated RCE, and Fortinet disclosed 11 flaws including an MFA bypass.

Menu

Latest WordPress news

March 14-15 vulnerability digest: WordPress RCE, OneUptime SQL injection, D-Link zero-days

March 11 CVE digest brings WordPress auth bypass, gas station RCE, Fortinet MFA flaw

Latest News

Editor's Choice

Menu

Latest WordPress news

March 14-15 vulnerability digest: WordPress RCE, OneUptime SQL injection, D-Link zero-days

March 11 CVE digest brings WordPress auth bypass, gas station RCE, Fortinet MFA flaw

Latest News

Editor's Choice

Stay informed on cybersecurity