Vulnerabilities
Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report
Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 67,142,962 Active Installs: 2,000,000 Last Updated: March 13, 2024 Patched Versions: 5.9.10 Affected Versions: <= 5.9.9 Vulnerability Details: Name: Essential Addons for Elementor <=…
Site Reviews Vulnerability – Authenticated Stored Cross-Site Scripting via Display Name – CVE-2024-2293 | WordPress Plugin Vulnerability Report
Plugin Name: Site Reviews Key Information: Software Type: Plugin Software Slug: site-reviews Software Status: Active Software Author: geminilabs Software Downloads: 2,210,571 Active Installs: 60,000 Last Updated: March 13, 2024 Patched Versions: 6.11.7 Affected Versions: <= 6.11.4 Vulnerability Details: Name: Site Reviews <= 6.11.4 Title: Authenticated(Subscriber+) Stored Cross-Site Scripting via Display Name Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-2293…
WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report
Plugin Name: WP Statistics Key Information: Software Type: Plugin Software Slug: wp-statistics Software Status: Active Software Author: mostafas1990 Software Downloads: 22,569,004 Active Installs: 600,000 Last Updated: March 13, 2024 Patched Versions: 14.5.1 Affected Versions: <= 14.5 Vulnerability Details: Name: WP Statistics <= 14.5 Title: Unauthenticated Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-2194 CVSS Score: 7.2…
Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report
Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software Downloads: 2,440,741 Active Installs: 100,000 Last Updated: March 13, 2024 Patched Versions: 1.0.263 Affected Versions: <= 1.0.260 Vulnerability Details: Name: Colibri Page Builder <= 1.0.260 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-1870 CVSS Score: 4.3…
Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report
Plugin Name: Easy Accordion – Best Accordion FAQ Plugin for WordPress Key Information: Software Type: Plugin Software Slug: easy-accordion-free Software Status: Active Software Author: shapedplugin Software Downloads: 735,064 Active Installs: 50,000 Last Updated: March 13, 2024 Patched Versions: 2.3.5 Affected Versions: <= 2.3.4 Vulnerability Details: Name: Easy Accordion <= 2.3.4 – Authenticated Stored Cross-Site Scripting…
Ultimate Member Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2123 |WordPress Plugin Vulnerability Report
Plugin Name: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Key Information: Software Type: Plugin Software Slug: ultimate-member Software Status: Active Software Author: ultimatemember Software Downloads: 9,871,019 Active Installs: 200,000 Last Updated: March 12, 2024 Patched Versions: 2.8.4 Affected Versions: <= 2.8.3 Vulnerability Details: Name: Ultimate Member <= 2.8.3…
Metform Elementor Contact Form Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1585 |WordPress Plugin Vulnerability Report
Plugin Name: Metform Elementor Contact Form Builder Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author: xpeedstudio Software Downloads: 3,185,155 Active Installs: 300,000 Last Updated: March 12, 2024 Patched Versions: 3.8.4 Affected Versions: <= 3.8.3 Vulnerability Details: Name: Metform Elementor Contact Form Builder <= 3.8.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting…
Orbit Fox by ThemeIsle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget – CVE-2024-2126 |WordPress Plugin Vulnerability Report
Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: ThemeIsle Software Downloads: 11,445,655 Active Installs: 200,000 Last Updated: March 12, 2024 Patched Versions: 2.10.33 Affected Versions: <= 2.10.32 Vulnerability Details: Name: Orbit Fox by ThemeIsle <= 2.10.32 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Registration…
Page Builder: Pagelayer Vulnerability– Drag and Drop website builder – Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes – CVE-2024-2127 |WordPress Plugin Vulnerability Report
Plugin Name: Page Builder: Pagelayer – Drag and Drop website builder Key Information: Software Type: Plugin Software Slug: pagelayer Software Status: Active Software Author: softaculous Software Downloads: 5,791,472 Active Installs: 200,000 Last Updated: March 12, 2024 Patched Versions: 1.8.4 Affected Versions: <= 1.8.3 Vulnerability Details: Name: Page Builder: Pagelayer – Drag and Drop website builder…
WP-Members Membership Plugin – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1987 | WordPress Plugin Vulnerability Report
Plugin Name: WP-Members Membership Plugin Key Information: Software Type: Plugin Software Slug: wp-members Software Status: Active Software Author: cbutlerjr Software Downloads: 3,443,217 Active Installs: 60,000 Last Updated: March 12, 2024 Patched Versions: 3.4.9.2 Affected Versions: <= 3.4.9.1 Vulnerability Details: Name: WP-Members Membership Plugin <= 3.4.9.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…