The Post Grid Vulnerability – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid – Missing Authorization – CVE-2024-3936 | WordPress Plugin Vulnerability Report

Plugin Name: The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Key Information: Software Type: Plugin Software Slug: the-post-grid Software Status: Active Software Author: techlabpro1 Software Downloads: 1,704,748 Active Installs: 90,000 Last Updated: May 10, 2024 Patched Versions: 7.7.0 Affected Versions: <= 7.6.1 Vulnerability Details: Name: The Post Grid – Shortcode,…

Read More

Bold Page Builder Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-2736, CVE-2024-2735, CVE-2024-2734, CVE-2024-2733 | WordPress Vulnerability Report 

Plugin Name: Bold Page Builder Key Information: Software Type: Plugin Software Slug: bold-page-builder Software Status: Active Software Author: boldthemes Software Downloads: 1,754,649 Active Installs: 50,000 Last Updated: April 16, 2024 Patched Versions: 4.8.9 Affected Versions: <= 4.8.8 Vulnerability Details: Name: Bold Page Builder <= 4.8.8 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags Type:…

Read More

Carousel, Slider, Gallery by WP Carousel Vulnerability Vulnerability – Authenticated (Admin+) PHP Object Injection – CVE-2024-3020 | WordPress Plugin Vulnerability Report

Plugin Name: Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce Key Information: Software Type: Plugin Software Slug: wp-carousel-free Software Status: Active Software Author: shapedplugin Software Downloads: 1,322,070 Active Installs: 60,000 Last Updated: April 16, 2024 Patched Versions: 2.6.4 Affected…

Read More