admin security

WPvivid Backup & Migration Plugin Vulnerability – Authenticated (Admin+) PHAR Deserialization – CVE-2024-3054 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 11, 2024

Plugin Name: WPvivid Backup & Migration Plugin Key Information: Software Type: Plugin Software Slug: wpvivid-backuprestore Software Status: Active Software Author: wpvividplugins Software Downloads: 7,313,881 Active Installs: 400,000 Last Updated: April 25, 2024 Patched Versions: 0.9.100 Affected Versions: <= 0.9.99 Vulnerability Details: Name: WPvivid Backup & Migration Plugin <= 0.9.99 Title: Authenticated (Admin+) PHAR Deserialization Type:…

Read More

Simple Share Buttons Adder Vulnerability- Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings – CVE-2024-0621 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 14, 2024

Plugin Name: Simple Share Buttons Adder Key Information: Software Type: Plugin Software Slug: simple-share-buttons-adder Software Status: Active Software Author: davidoffneal Software Downloads: 4,036,990 Active Installs: 70,000 Last Updated: February 16, 2024 Patched Versions: 8.4.12 Affected Versions: <= 8.4.11 Vulnerability Details: Name: Simple Share Buttons Adder <= 8.4.11 Title: Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings…

Read More

Insert PHP Code Snippet Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-0658 |WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 9, 2024

Plugin Name: Insert PHP Code Snippet Key Information: Software Type: Plugin Software Slug: insert-php-code-snippet Software Status: Active Software Author: f1logic Software Downloads: 890,439 Active Installs: 100,000 Last Updated: February 16, 2024 Patched Versions: 1.3.5 Affected Versions: <= 1.3.4 Vulnerability Details: Name: Insert PHP Code Snippet <= 1.3.4 Title: Authenticated (Admin+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N…

Read More

Shariff Wrapper Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-1106 |WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 5, 2024

Plugin Name: Shariff Wrapper Key Information: Software Type: Plugin Software Slug: shariff Software Status: Active Software Author: 3uu Software Downloads: 848,443 Active Installs: 50,000 Last Updated: February 8, 2024 Patched Versions: 4.6.10 Affected Versions: <= 4.6.9 Vulnerability Details: Name: Shariff Wrapper <= 4.6.9 Title: Authenticated (Admin+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1106 CVSS Score:…

Read More