GenerateBlocks Vulnerability – Sensitive Information Exposure – CVE-2024-1452 | WordPress Plugin Vulnerability Report
Plugin Name: GenerateBlocks Key Information: Software Type: Plugin Software Slug: generateblocks Software Status: Active Software Author: edge22 Software Downloads: 1,658,618 Active Installs: 200,000 Last Updated: March 1, 2024 Patched Versions: 1.8.3 Affected Versions: <= 1.8.2 Vulnerability Details: Name: GenerateBlocks <= 1.8.2 Title: Sensitive Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1452 CVSS Score: 4.3 Publicly Published: March…
Read MoreWP Show Posts Vulnerability – Information Exposure – CVE-2024-1479 | WordPress Plugin Vulnerability Report
Plugin Name: WP Show Posts Key Information: Software Type: Plugin Software Slug: wp-show-posts Software Status: Active Software Author: edge22 Software Downloads: 477,238 Active Installs: 90,000 Last Updated: March 1, 2024 Patched Versions: 1.1.5 Affected Versions: <= 1.1.4 Vulnerability Details: Name: WP Show Posts <= 1.1.4 Title: Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1479 CVSS Score: 5.3…
Read MoreAmelia Vulnerability – Reflected Cross-Site Scripting – CVE-2024-1484 | WordPress Plugin Vulnerability Report
Plugin Name: Booking for Appointments and Events Calendar – Amelia Key Information: Software Type: Plugin Software Slug: ameliabooking Software Status: Active Software Author: ameliabooking Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 1.0.99 Affected Versions: <= 1.0.98 Vulnerability Details: Name: Booking for Appointments and Events Calendar – Amelia <= 1.0.98 Title: Reflected Cross-Site…
Read MoreExclusive Addons for Elementor Vulnerability – Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1234 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 717,031 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 2.6.9.1 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…
Read MoreVisual Composer Vulnerability – Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2023-6880 | WordPress Plugin Vulnerability Report
Plugin Name: Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Key Information: Software Type: Plugin Software Slug: visualcomposer Software Status: Active Software Author: visualcomposer Software Downloads: 2,579,334 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: <= 45.6.0 Affected Versions: 45.7.0 Vulnerability Details: Name: Visual Composer…
Read MoreMigration, Backup, Staging Vulnerability– WPvivid – Missing Authorization – CVE-2024-1982 | WordPress Plugin Vulnerability Report
Plugin Name: Migration, Backup, Staging – WPvivid Key Information: Software Type: Plugin Software Slug: wpvivid-backuprestore Software Status: Active Software Author: wpvividplugins Software Downloads: 6,465,323 Active Installs: 400,000 Last Updated: February 28, 2024 Patched Versions: 0.9.69 Affected Versions: <= 0.9.68 Vulnerability Details: Name: WPvivid Backup and Migration <= 0.9.68 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L CVE: CVE-2024-1982…
Read MorePremium Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting – CVE-2024-1680 | WordPress Plugin Vulnerability Report
Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 29,801,020 Active Installs: 700,000 Last Updated: February 28, 2024 Patched Versions: 4.10.22 Affected Versions: <= 4.10.21 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.21 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Banner,…
Read MoreAdvanced iFrame Vulnerability- Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1341 | WordPress Plugin Vulnerability Report
Plugin Name: Advanced iFrame Key Information: Software Type: Plugin Software Slug: advanced-iframe Software Status: Active Software Author: mdempfle Software Downloads: 1,864,724 Active Installs: 60,000 Last Updated: February 28, 2024 Patched Versions: 2024.2 Affected Versions: <= 2024.1 Vulnerability Details: Name: Advanced iFrame <= 2024.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1341 CVSS Score:…
Read MoreBeaver Builder Vulnerability– WordPress Page Builder – Authenticated Contributor+ Stored Cross-Site Scripting via Audio Widget – CVE-2024-1074 | WordPress Plugin Vulnerability Report
Plugin Name: Beaver Builder – WordPress Page Builder Key Information: Software Type: Plugin Software Slug: beaver-builder-lite-version Software Status: Active Software Author: justinbusa Software Downloads: 9,601,854 Active Installs: 100,000 Last Updated: February 28, 2024 Patched Versions: 2.7.4.3 Affected Versions: <= 2.7.4.2 Vulnerability Details: Name: Beaver Builder – WordPress Page Builder <= 2.7.4.2 Title: Authenticated Contributor+ Stored…
Read MoreCustom Field Suite Vulnerability- Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-0689 | WordPress Plugin Vulnerability Report
Plugin Name: Custom Field Suite Key Information: Software Type: Plugin Software Slug: custom-field-suite Software Status: Active Software Author: mgibbs189 Software Downloads: 590,448 Active Installs: 50,000 Last Updated: February 28, 2024 Patched Versions: 2.6.5 Affected Versions: <= 2.6.4 Vulnerability Details: Name: Custom Field Suite <= 2.6.4 Title: Authenticated (Admin+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-0689…
Read More