Cross-Site Scripting
GiveWP Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3714 | WordPress Plugin Vulnerability Report
Plugin Name: GiveWP Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 7,298,288 Active Installs: 100,000 Last Updated: May 17, 2024 Patched Versions: 3.11.0 Affected Versions: <= 3.10.0 Vulnerability Details: Name: GiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…
Happy Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5088, CVE-2024-4865 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,974,697 Active Installs: 400,000 Last Updated: May 17, 2024 Patched Versions: 3.10.9 Affected Versions: <= 3.10.8 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.8 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…
Essential Blocks Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4891 | WordPress Plugin Vulnerability Report
Plugin Name: Essential Blocks Key Information: Software Type: Plugin Software Slug: essential-blocks Software Status: Active Software Author: wpdevteam Software Downloads: 3,418,922 Active Installs: 100,000 Last Updated: May 16, 2024 Patched Versions: 4.5.13 Affected Versions: <= 4.5.12 Vulnerability Details: Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 – Authenticated (Contributor+) Stored…
Menu Icons by ThemeIsle Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload – CVE-2024-4635 | WordPress Plugin Vulnerability Report
Plugin Name: Menu Icons by ThemeIsle Key Information: Software Type: Plugin Software Slug: menu-icons Software Status: Active Software Author: themeisle Software Downloads: 3,529,569 Active Installs: 200,000 Last Updated: May 15, 2024 Patched Versions: 0.13.14 Affected Versions: <= 0.13.13 Vulnerability Details: Name: Menu Icons by ThemeIsle <= 0.13.13 – Authenticated (Author+) Stored Cross-Site Scripting via SVG…
Post and Page Builder by BoldGrid Vulnerability – Authenticated (Contributer+) Stored Cross-Site Scripting – CVE-2024-4400 | WordPress Plugin Vulnerability Report
Plugin Name: Post and Page Builder by BoldGrid Key Information: Software Type: Plugin Software Slug: post-and-page-builder Software Status: Active Software Author: boldgrid Software Downloads: 1,446,399 Active Installs: 80,000 Last Updated: May 15, 2024 Patched Versions: 1.26.5 Affected Versions: <= 1.26.4 Vulnerability Details: Name: Post and Page Builder by BoldGrid – Visual Drag and Drop Editor…
Royal Elementor Addons and Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder Widget – CVE-2024-3887 | WordPress Plugin Vulnerability Report
Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 5,453,490 Active Installs: 300,000 Last Updated: May 15, 2024 Patched Versions: 1.3.975 Affected Versions: <= 1.3.974 Vulnerability Details: Name: Royal Elementor Addons and Templates <= 1.3.974 – Authenticated (Contributor+) Stored Cross-Site Scripting…
Sina Extension for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-site Scriping via ‘Sina Particle Layer’ – CVE-2024-4373 | WordPress Plugin Vulnerability Report
Plugin Name: Sina Extension for Elementor Key Information: Software Type: Plugin Software Slug: sina-extension-for-elementor Software Status: Active Software Author: shaonsina Software Downloads: 550,459 Active Installs: 50,000 Last Updated: May 14, 2024 Patched Versions: 3.5.4 Affected Versions: <= 3.5.3 Vulnerability Details: Name: Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor…
Exclusive Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget – CVE-2024-4618 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 870,318 Active Installs: 60,000 Last Updated: May 14, 2024 Patched Versions: 2.6.9.7 Affected Versions: <= 2.6.9.6 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9.6 – Authenticated (Contributor+) Stored Cross-Site Scripting via Team…
Import and export users and customers Vulnerability – Authenticated (Administrator+) Stored Cross-Site Scripting – CVE-2024-4656, CVE-2024-4734 | WordPress Plugin Vulnerability Report
Plugin Name: Import and export users and customers Key Information: Software Type: Plugin Software Slug: import-users-from-csv-with-meta Software Status: Active Software Author: carazo Software Downloads: 4,320,707 Active Installs: 80,000 Last Updated: May 14, 2024 Patched Versions: 1.26.7 Affected Versions: <= 1.26.6.1 Vulnerability Details: Name: Import and export users and customers <= 1.26.6.1 – Authenticated (Administrator+) Stored…
Visual Portfolio, Photo Gallery & Post Grid Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via title_tag Parameter – CVE-2024-4363 | WordPress Plugin Vulnerability Report
Plugin Name: Visual Portfolio, Photo Gallery & Post Grid Key Information: Software Type: Plugin Software Slug: visual-portfolio Software Status: Active Software Author: nko Software Downloads: 1,687,003 Active Installs: 70,000 Last Updated: May 14, 2024 Patched Versions: 3.3.3 Affected Versions: <= 3.3.2 Vulnerability Details: Name: Visual Portfolio, Photo Gallery & Post Grid <= 3.3.2 – Authenticated…