Depicter Slider Vulnerability – Cross-Site Request Forgery via save – CVE-2023-6493 | WordPress Plugin Vulnerability Report

By Your WP Guy | January 4, 2024
WP Plugin Vulnerabilities Image - Depicter Slider Vulnerability - Cross-Site Request Forgery via save - CVE-2023-6493 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Depicter Slider Key Information: Software Type: Plugin Software Slug: depicter Software Status: Active Software Author: averta Software Downloads: 727,890 Active Installs: 80,000 Last Updated: January 4, 2024 Patched Versions: 2.0.7 Affected Versions: <= 2.0.6 Vulnerability Details: Name: Depicter Slider – Responsive Image Slider, Video Slider & Post Slider <= 2.0.6 – Cross-Site Request Forgery via save Title: Cross-Site Request Forgery via save Type: Cross-Site Request…

Read More

Pagelayer Vulnerability – Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields – CVE-2023-6738 | WordPress Plugin Vulnerability Report

By Your WP Guy | January 3, 2024
WP Plugin Vulnerabilities Image - Pagelayer Vulnerability - Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields - CVE-2023-6738 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Pagelayer Key Information: Software Type: Plugin Software Slug: pagelayer Software Status: Active Software Author: softaculous Software Downloads: 5,480,305 Active Installs: 200,000 Last Updated: January 3, 2024 Patched Versions: 1.7.9 Affected Versions: <= 1.7.8 Vulnerability Details: Name: PageLayer <= 1.7.8 – Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields Title: Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields Type: Improper Input Validation CVE: CVE-2023-6738 CVSS Score: 5.4 (Medium) Publicly Published: January…

Read More

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-7044 | WordPress Plugin Vulnerability Report

By Your WP Guy | January 3, 2024
WP Plugin Vulnerabilities Image - Essential Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2023-7044 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Essential al Addons for Elementor Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 62,990,243 Active Installs: 1,000,000 Last Updated: January 3, 2024 Patched Versions: 5.9.3 Affected Versions: <= 5.9.2 Vulnerability Details: Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders…

Read More

Complianz Vulnerability – Authenticated(Administrator+) Stored Cross-site Scripting via settings – CVE-2023-6498 | WordPress Plugin Vulnerability Report

By Your WP Guy | January 3, 2024
WP Plugin Vulnerabilities Image - Complianz Vulnerability - Authenticated(Administrator+) Stored Cross-site Scripting via settings - CVE-2023-6498 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Complianz Key Information: Software Type: Plugin Software Slug: complianz-gdpr Software Status: Active Software Author: rogierlankhorst Software Downloads: 13,636,569 Active Installs: 800,000 Last Updated: January 3, 2024 Patched Versions: 6.5.6 Affected Versions: <= 6.5.5 Vulnerability Details: Name: Complianz | GDPR/CCPA Cookie Consent <= 6.5.5 – Authenticated(Administrator+) Stored Cross-site Scripting via settings Title: Authenticated(Administrator+) Stored Cross-site Scripting via settings Type: Improper Neutralization of Input During Web Page…

Read More

Database Dangers: Why Overloaded Databases Threaten Your Website

By Your WP Guy | January 2, 2024
technicians working on a cat 5 cable bundling syst 2023 11 27 04 51 26 utc - Database Dangers: Why Overloaded Databases Threaten Your Website - Vulnerabilities

It’s a small ecommerce business’s first holiday season when disaster strikes – error messages blanket the site, pages time out under surging traffic, images and links break inexplicably. Thousands in potential revenue vanish despite desperately contacting the hosting provider for solutions. This can quickly and unexpectedly become a reality for any business on shared hosting…

Read More

Scalability and Security: How Growth Can Present New Security Challenges

By Your WP Guy | December 19, 2023
DALL·E 2023 12 20 10.41.09 A photo realistic image showing the back view of a businessman wearing a formal suit inside a rocket ship. The image focuses on him looking out of a - Scalability and Security: How Growth Can Present New Security Challenges - Vulnerabilities

Every entrepreneur dreams of the day that their business becomes a viral sensation. After all, business growth comes with more opportunities, more sales, and more loyal customers. But rapid business growth online, as encouraging as it is, inevitably comes with its share of growing pains. As your web presence expands exponentially to meet rising customer…

Read More

Simple Membership Vulnerability – Reflected Cross-Site Scripting Vulnerability via environment_mode – CVE-2023-6882 | WordPress Plugin Vulnerability Report

By Your WP Guy | December 18, 2023
WP Plugin Vulnerabilities Image - Simple Membership Vulnerability - Reflected Cross-Site Scripting Vulnerability via environment_mode - CVE-2023-6882 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,315,432 Active Installs: 50,000 Last Updated: December 18, 2023 Patched Versions: 4.3.9 Affected Versions: <= 4.3.8 Vulnerability Details: Name: Simple Membership <= 4.3.8 – Reflected Cross-Site Scripting Vulnerability via environment_mode Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2023-6882 CVSS Score: 6.1 (Medium) Publicly…

Read More

AMP for WP Vulnerability – Authenticated (Contributor+) Cross-Site Scripting via Shortcode – CVE-2023-6782 | WordPress Plugin Vulnerability Report

By Your WP Guy | December 18, 2023
WP Plugin Vulnerabilities Image - AMP for WP Vulnerability - Authenticated (Contributor+) Cross-Site Scripting via Shortcode - CVE-2023-6782 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: AMP for WP Key Information: Software Type: Plugin Software Slug: accelerated-mobile-pages Software Status: Active Software Author: mohammed_kaludi Software Downloads: 17,465,196 Active Installs: 100,000 Last Updated: December 18, 2023 Patched Versions: 1.0.92.1 Affected Versions: <= 1.0.92 Vulnerability Details: Name: AMP for WP – Accelerated Mobile Pages <= 1.0.92 – Authenticated (Contributor+) Cross-Site Scripting via Shortcode Title: Authenticated (Contributor+) Cross-Site Scripting via Shortcode Type: Improper Neutralization of…

Read More

Enable Media Replace Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6737 | WordPress Plugin Vulnerability Report

By Your WP Guy | December 18, 2023
WP Plugin Vulnerabilities Image - Enable Media Replace Vulnerability - Reflected Cross-Site Scripting - CVE-2023-6737 | WordPress Plugin Vulnerability Report - Vulnerabilities

Plugin Name: Enable Media Replace Key Information: Software Type: Plugin Software Slug: enable-media-replace Software Status: Active Software Author: shortpixel Software Downloads: 10,049,054 Active Installs: 600,000 Last Updated: December 18, 2023 Patched Versions: 4.1.5 Affected Versions: <= 4.1.4 Vulnerability Details: Name: Enable Media Replace <= 4.1.4 – Reflected Cross-Site Scripting Title: Reflected Cross-Site Scripting Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2023-6737 CVSS Score: 4.7…

Read More