Vulnerability Summary for the Week of January 5, 2026

2026-01-12 18:01

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source Info	Patch Info
AA-Team–Amazon Native Shopping Recommendations	Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AA-Team Amazon Native Shopping Recommendations allows SQL Injection.This issue affects Amazon Native Shopping Recommendations: from n/a through 1.3.	2026-01-05	9.3	CVE-2025-30633	https://vdp.patchstack.com/database/wordpress/plugin/woozone-contextual/vulnerability/wordpress-amazon-native-shopping-recommendations-plugin-1-3-sql-injection-vulnerability?_s_id=cve
AA-Team–Premium Age Verification / Restriction for WordPress	Incorrect Privilege Assignment vulnerability in AA-Team Premium Age Verification / Restriction for WordPress, AA-Team Responsive Coming Soon Landing Page / Holding Page for WordPress allows Privilege Escalation.This issue affects Premium Age Verification / Restriction for WordPress: from n/a through 3.0.2; Responsive Coming Soon Landing Page / Holding Page for WordPress: from n/a through 3.0.	2026-01-06	8.8	CVE-2025-29004	https://patchstack.com/database/wordpress/plugin/age-restriction/vulnerability/wordpre […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of January 5, 2026 Share this: Facebook X LinkedIn Like this: Like Loading... Related Tags: Bulletins EN Post navigation ← Executives worry most about cyber-enabled fraud, geopolitics and AI Zero-Trust Isn’t Optional Anymore—It’s Your AI Agent Fire Drill → Search for: Pages Advertising Contact Legal and Contact information Opt-out preferences Privacy Policy Social Media Apps Telegram Channel Recent Posts Minnesota Sues to Stop ICE ‘Invasion’ January 13, 2026 IT Security News Hourly Summary 2026-01-13 00h : 7 posts January 13, 2026 ‘Violence-as-a-service’ suspect arrested in Iraq, extradition underway January 13, 2026 No fire sale for firewalls as memory shortages could push prices higher January 13, 2026 Department of Know: Brightspeed investigates breach, Prompt injection woes January 13, 2026 IT Security News Daily Summary 2026-01-12 January 13, 2026 Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds January 13, 2026 Why the Start of the Year Is Prime Time for Insider Risk January 13, 2026 FBI Agent’s Sworn Testimony Contradicts Claims ICE’s Jonathan Ross Made Under Oath January 13, 2026 Why DNS Resiliency Is Critical as Outages Surge January 13, 2026 U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog January 13, 2026 Received an Instagram password reset email? Here’s what you need to know January 12, 2026 Cybersecurity conferences to attend in 2026 January 12, 2026 IT Security News Hourly Summary 2026-01-12 21h : 4 posts January 12, 2026 CISA Adds One Known Exploited Vulnerability to Catalog January 12, 2026 Attackers Probing Popular LLMs Looking for Access to APIs: Report January 12, 2026 BreachForums Data Breach Exposes Nearly 324,000 Users January 12, 2026 GoFundMe Ignores Own Rules by Hosting a Legal-Defense Fund for the ICE Agent Who Killed Renee Good January 12, 2026 Meta fixes Instagram password reset flaw, denies data breach January 12, 2026 Businesses in 2026: Maybe we should finally look into that AI security stuff January 12, 2026 Copyright © 2026 IT Security News. All Rights Reserved. The Magazine Basic Theme by bavotasan.com. Manage Consent To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions. Functional Functional Always active The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network. Preferences Preferences The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user. Statistics Statistics The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you. Marketing Marketing The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes. Manage options Manage services Manage {vendor_count} vendors Read more about these purposes View preferences {title} {title} {title}