cybersecurity for small business

Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 26, 2024

Plugin Name: Print Invoice & Delivery Notes for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-delivery-notes Software Status: Active Software Author: tychesoftwares Software Downloads: 999,558 Active Installs: 40,000 Last Updated: May 10, 2024 Patched Versions: 4.9.0 Affected Versions: <= 4.8.1 Vulnerability Details: Name: Multiple Plugins by tychesoftwares <= 4.8.1 Title: Missing Authorization to Notice…

Read More

ElementsKit Elementor addons and Templates Library Vulnerability – Authenticated Local File Inclusion via Onepage Scroll Module – CVE-2024-3499 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 22, 2024

Plugin Name: ElementsKit Elementor addons and Templates Library Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xpeedstudio Software Downloads: 19,188,614 Active Installs: 1,000,000 Last Updated: May 8, 2024 Patched Versions: 3.1.1 Affected Versions: <= 3.1.0 Vulnerability Details: Name: ElementsKit Elementor addons <= 3.1.0 Title: Authenticated (Contributor+) Local File Inclusion via…

Read More

Real Media Library: Media Library Folder & File Manager Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting – CVE-2024-2328 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 15, 2024

Plugin Name: Real Media Library: Media Library Folder & File Manager Key Information: Software Type: Plugin Software Slug: real-media-library-lite Software Status: Active Software Author: devowl Software Downloads: 2,483,272 Active Installs: 80,000 Last Updated: April 25, 2024 Patched Versions: 4.11.12 Affected Versions: <= 4.22.11 Vulnerability Details: Name: Real Media Library <= 4.22.11 Title: Authenticated (Author+) Stored…

Read More

Best WordPress Gallery Plugin Vulnerability – FooGallery – Authenticated Stored Cross-Site Scripting – CVE-2024-2081 & CVE-2024-247 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 5, 2024

Plugin Name: Best WordPress Gallery Plugin – FooGallery Key Information: Software Type: Plugin Software Slug: foogallery Software Status: Active Software Author: bradvin Software Downloads: 4,914,021 Active Installs: 100,000 Last Updated: April 16, 2024 Patched Versions: 2.4.15 Affected Versions: <= 2.4.14 Vulnerability 1 Details: Name: FooGallery <= 2.4.14 Title: Authenticated (Author+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More

Jeg Elementor Kit Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 2, 2024

Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,029,705 Active Installs: 200,000 Last Updated: April 2, 2024 Patched Versions: 2.6.4 Affected Versions: <= 2.6.3 Vulnerability 1 Details: Name: Jeg Elementor Kit <= 2.6.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box…

Read More

Ultimate Addons for Beaver Builder Vulnerability – Lite – Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget – CVE-2024-2144 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: Ultimate Addons for Beaver Builder – Lite Key Information: Software Type: Plugin Software Slug: ultimate-addons-for-beaver-builder-lite Software Status: Active Software Author: brainstormforce Software Downloads: 499,391 Active Installs: 30,000 Last Updated: April 1, 2024 Patched Versions: 1.5.8 Affected Versions: <= 1.5.7 Vulnerability Details: Name: Ultimate Addons for Beaver Builder – Lite <= 1.5.7 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More

Event Tickets and Registration Vulnerability – Improper Authorization to Information Disclosure – CVE-2024-2261 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 26, 2024

Plugin Name: Event Tickets and Registration Key Information: Software Type: Plugin Software Slug: event-tickets Software Status: Active Software Author: theeventscalendar Software Downloads: 3,490,727 Active Installs: 80,000 Last Updated: March 27, 2024 Patched Versions: 5.8.3 Affected Versions: <= 5.8.2 Vulnerability Details: Name: Event Tickets and Registration <= 5.8.2 Title: Improper Authorization to Information Disclosure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N…

Read More

Contact Form Plugin by Fluent Forms Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6957 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Mar 5, 2024

Plugin Name: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder Key Information: Software Type: Plugin Software Slug: fluentform Software Status: Active Software Author: techjewel Software Downloads: 5,973,827 Active Installs: 400,000 Last Updated: March 7, 2024 Patched Versions: 5.1.10 Affected Versions: <= 5.1.9 Vulnerability Details: Name: Fluent Forms…

Read More

Insert PHP Code Snippet Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-0658 |WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 9, 2024

Plugin Name: Insert PHP Code Snippet Key Information: Software Type: Plugin Software Slug: insert-php-code-snippet Software Status: Active Software Author: f1logic Software Downloads: 890,439 Active Installs: 100,000 Last Updated: February 16, 2024 Patched Versions: 1.3.5 Affected Versions: <= 1.3.4 Vulnerability Details: Name: Insert PHP Code Snippet <= 1.3.4 Title: Authenticated (Admin+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N…

Read More