Elementor Website Builder Vulnerability – Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting – CVE-2024-4619 | WordPress Plugin Vulnerability Report

Plugin Name: Elementor Website Builder Key Information: Software Type: Plugin Software Slug: elementor Software Status: Active Software Author: elemntor Software Downloads: 443,549,337 Active Installs: 10,000,000 Last Updated: May 20, 2024 Patched Versions: 3.21.6 Affected Versions: <= 3.21.5 Vulnerability Details: Name: Elementor Website Builder – More than Just a Page Builder <= 3.21.5 – Authenticated (Contributor+)…

Read More

WP Table Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4700 | WordPress Plugin Vulnerability Report

Plugin Name: WP Table Builder Key Information: Software Type: Plugin Software Slug: wp-table-builder Software Status: Active Software Author: wptb Software Downloads: 60,000 Active Installs: 1,060,392 Last Updated: May 20, 2024 Patched Versions: 1.4.15 Affected Versions: <= 1.4.14 Vulnerability Details: Name: WP Table Builder – WordPress Table Plugin <= 1.4.14 – Authenticated (Contributor+) Stored Cross-Site Scripting…

Read More

Royal Elementor Addons and Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder Widget – CVE-2024-3887 | WordPress Plugin Vulnerability Report

Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 5,453,490 Active Installs: 300,000 Last Updated: May 15, 2024 Patched Versions: 1.3.975 Affected Versions: <= 1.3.974 Vulnerability Details: Name: Royal Elementor Addons and Templates <= 1.3.974 – Authenticated (Contributor+) Stored Cross-Site Scripting…

Read More

Sina Extension for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-site Scriping via ‘Sina Particle Layer’ – CVE-2024-4373 | WordPress Plugin Vulnerability Report

Plugin Name: Sina Extension for Elementor Key Information: Software Type: Plugin Software Slug: sina-extension-for-elementor Software Status: Active Software Author: shaonsina Software Downloads: 550,459 Active Installs: 50,000 Last Updated: May 14, 2024 Patched Versions: 3.5.4 Affected Versions: <= 3.5.3 Vulnerability Details: Name: Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor…

Read More

Content Views Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via pagingType Parameter – CVE-2024-4446 | WordPress Plugin Vulnerability Report

Plugin Name: Content Views Key Information: Software Type: Plugin Software Slug: content-views-query-and-display-post-page Software Status: Active Software Author: pt-guy Software Downloads: 4,327,206 Active Installs: 100,000 Last Updated: May 6, 2024 Vulnerability Details: Name: Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) <= 3.7.1 – Authenticated (Contributor+) Stored…

Read More

Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Sina Fancy Text Widget – CVE-2024-3988 | WordPress Plugin Vulnerability Report

Plugin Name: Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) Key Information: Software Type: Plugin Software Slug: sina-extension-for-elementor Software Status: Active Software Author: shaonsina Software Downloads: 529,922 Active Installs: 50,000 Last Updated: May 9, 2024 Patched Versions: 3.5.3 Affected Versions: <= 3.5.2 Vulnerability Details: Name:…

Read More

Tutor LMS Vulnerability – eLearning and online course solution – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘tutor_instructor_list’ Shortcode – CVE-2024-3994 | WordPress Plugin Vulnerability Report

Plugin Name: Tutor LMS – eLearning and online course solution Key Information: Software Type: Plugin Software Slug: tutor Software Status: Active Software Author: themeum Software Downloads: 2,051,836 Active Installs: 80,000 Last Updated: May 9, 2024 Patched Versions: 2.7.0 Affected Versions: <= 2.6.2 Vulnerability Details: Name: Tutor LMS – eLearning and online course solution <= 2.6.2…

Read More

Gutenberg Vulnerability – Unauthenticated & Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block | WordPress Plugin Vulnerability Report

Plugin Name: Gutenberg Key Information: Software Type: Plugin Software Slug: gutenberg Software Status: Active Software Author: matveb Software Downloads: 41,476,476 Active Installs: 300,000 Last Updated: April 16, 2024 Patched Versions: 18.01 Affected Versions: 12.9.0 – 18.0.0 Vulnerability Details: Name: Gutenberg 12.9.0 – 18.0.0 Title: Unauthenticated & Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block Type:…

Read More

Photo Gallery by 10Web Vulnerability – Mobile-Friendly Image Gallery – Authenticated (Admin+) Stored Cross-Site Scripting via SVG – CVE-2024-2296 | WordPress Plugin Vulnerability Report

Plugin Name: Photo Gallery by 10Web – Mobile-Friendly Image Gallery Key Information: Software Type: Plugin Software Slug: photo-gallery Software Status: Active Software Author: 10web Software Downloads: 17,757,662 Active Installs: 200,000 Last Updated: April 10, 2024 Patched Versions: 1.8.22 Affected Versions: <= 1.8.21 Vulnerability Details: Name: Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.21…

Read More