Posts Tagged ‘Cybersecurity Updates’
Rank Math SEO with AI Best SEO Tools Vulnerability – Authenticated Stored Cross-Site Scripting via ‘titleWrapper’ – CVE-2024-3665 | WordPress Plugin Vulnerability Report
Plugin Name: Rank Math SEO with AI Best SEO Tools Key Information: Software Type: Plugin Software Slug: seo-by-rank-math Software Status: Active Software Author: rankmath Software Downloads: 94,115,243 Active Installs: 2,000,000 Last Updated: May 6, 2024 Patched Versions: 1.0.217 Affected Versions: <= 1.0.216 Vulnerability Details: Name: Rank Math SEO with AI SEO Tools <= 1.0.216 Title:…
Read MoreComplianz Vulnerability – GDPR/CCPA Cookie Consent – Cross-Site Request Forgery to Data Request Deletion – CVE-2024-1592 | WordPress Plugin Vulnerability Report
Plugin Name: Complianz – GDPR/CCPA Cookie Consent Key Information: Software Type: Plugin Software Slug: complianz-gdpr Software Status: Active Software Author: rogierlankhorst Software Downloads: 14,458,989 Active Installs: 900,000 Last Updated: March 1, 2024 Patched Versions: 7.0.0 Affected Versions: <= 6.5.6 Vulnerability Details: Name: Complianz – GDPR/CCPA Cookie Consent <= 6.5.6 Title: Cross-Site Request Forgery to Data…
Read MoreAdvanced iFrame Vulnerability- Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1341 | WordPress Plugin Vulnerability Report
Plugin Name: Advanced iFrame Key Information: Software Type: Plugin Software Slug: advanced-iframe Software Status: Active Software Author: mdempfle Software Downloads: 1,864,724 Active Installs: 60,000 Last Updated: February 28, 2024 Patched Versions: 2024.2 Affected Versions: <= 2024.1 Vulnerability Details: Name: Advanced iFrame <= 2024.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1341 CVSS Score:…
Read MorePage scroll to id – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1445 |WordPress Plugin Vulnerability Report
Plugin Name: Page scroll to id Key Information: Software Type: Plugin Software Slug: page-scroll-to-id Software Status: Active Software Author: malihu Software Downloads: 1,684,219 Active Installs: 100,000 Last Updated: February 27, 2024 Patched Versions: 1.7.9 Affected Versions: <= 1.7.8 Vulnerability Details: Name: Page scroll to id <= 1.7.8 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode…
Read MoreSimple Share Buttons Adder Vulnerability- Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings – CVE-2024-0621 | WordPress Plugin Vulnerability Report
Plugin Name: Simple Share Buttons Adder Key Information: Software Type: Plugin Software Slug: simple-share-buttons-adder Software Status: Active Software Author: davidoffneal Software Downloads: 4,036,990 Active Installs: 70,000 Last Updated: February 16, 2024 Patched Versions: 8.4.12 Affected Versions: <= 8.4.11 Vulnerability Details: Name: Simple Share Buttons Adder <= 8.4.11 Title: Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings…
Read MoreEmail Encoder Vulnerability– Protect Email Addresses and Phone Numbers – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1282 |WordPress Plugin Vulnerability Report
Plugin Name: Email Encoder – Protect Email Addresses and Phone Numbers Key Information: Software Type: Plugin Software Slug: email-encoder-bundle Software Status: Active Software Author: ironikus Software Downloads: 1,058,847 Active Installs: 80,000 Last Updated: February 27, 2024 Patched Versions: 2.2.1 Affected Versions: <= 2.2.0 Vulnerability Details: Name: Email Encoder – Protect Email Addresses and Phone Numbers…
Read MoreGetwid – Gutenberg Blocks – Missing Authorization & Captcha Bypass – CVE-2023-6959 & CVE-2023-6963 | WordPress Plugin Vulnerability Report
Plugin Name: Getwid – Gutenberg Blocks Key Information: Software Type: Plugin Software Slug: getwid Software Status: Active Software Author: jetmonsters Software Downloads: 1,066,235 Active Installs: 50,000 Last Updated: January 25, 2024 Patched Versions: 2.0.5 Affected Versions: <= 2.0.4 Vulnerability Details – Section 1: Name: Getwid – Gutenberg Blocks <= 2.0.4 Title: Missing Authorization to Recaptcha…
Read MoreEssential Addons for Elementor Vulnerabilities- Authenticated Stored Cross-Site Scripting – CVE-2024-0586 & CVE-2024-0585 | WordPress Plugin Vulnerability Report
Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 64,711,817 Active Installs: 2,000,000 Last Updated: January 17, 2024 Patched Versions: 5.9.5 Affected Versions: <= 5.9.4 Vulnerability Details – Section 1: Name: Essential Addons…
Read MoreUser Profile Builder Vulnerability – Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update – CVE-2024-0324 | WordPress Plugin Vulnerability Report
Plugin Name: User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Key Information: Software Type: Plugin Software Slug: profile-builder Software Status: Active Software Author: reflectionmedia Software Downloads: 4,133,093 Active Installs: 50,000 Last Updated: January 23, 2024 Patched Versions: 3.10.9 Affected Versions: <= 3.10.8 Vulnerability Details: Name: User Profile Builder <=…
Read More