Cybersecurity

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1055 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 6, 2024

Plugin Name: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status: Active Software Author: ideaboxcreations Software Downloads: 2,129,545 Active Installs: 100,000 Last Updated: February 13, 2024 Patched Versions: 2.7.15 Affected Versions: <= 2.7.14 Vulnerability Details: Name: PowerPack Addons for Elementor <= 2.7.14 Title: Authenticated (Contributor+)…

Read More

Shield Security Vulnerability– Smart Bot Blocking & Intrusion Prevention Security – Unauthenticated Local File Inclusion – CVE-2023-6989 |WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 5, 2024

Plugin Name: Shield Security – Smart Bot Blocking & Intrusion Prevention Security Key Information: Software Type: Plugin Software Slug: wp-simple-firewall Software Status: Active Software Author: paultgoodchild Software Downloads: 11,714,137 Active Installs: 50,000 Last Updated: February 8, 2024 Patched Versions: 18.5.10 Affected Versions: <= 18.5.9 Vulnerability Details: Name: Shield Security – Smart Bot Blocking & Intrusion…

Read More

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0834 |WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 5, 2024

Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software Downloads: 2,364,972 Active Installs: 100,000 Last Updated: February 8, 2024 Patched Versions: 1.12.12 Affected Versions: 1.12.11 – 1.12.11 Vulnerability Details: Name: Elementor Addon Elements <= 1.12.11 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE:…

Read More

Easy Digital Downloads Vulnerability– Sell Digital Files (eCommerce Store & Payments Made Easy) – Authenticated (Shop Manager+) Stored Cross-Site Scripting – CVE-2024-0659 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 2, 2024

Plugin Name: Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) Key Information: Software Type: Plugin Software Slug: easy-digital-downloads Software Status: Active Software Author: smub Software Downloads: 4,802,741 Active Installs: 50,000 Last Updated: February 8, 2024 Patched Versions: 3.2.7 Affected Versions: <= 3.2.6 Vulnerability Details: Name: Easy Digital Downloads <= 3.2.6…

Read More

PDF Flipbook, 3D Flipbook Vulnerability– DearFlip – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0895 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 2, 2024

Plugin Name: PDF Flipbook, 3D Flipbook – DearFlip Key Information: Software Type: Plugin Software Slug: 3d-flipbook-dflip-lite Software Status: Active Software Author: dearhive Software Downloads: 1,178,266 Active Installs: 100,000 Last Updated: February 8, 2024 Patched Versions: 2.2.27 Affected Versions: <= 2.2.26 Vulnerability Details: Name: PDF Flipbook, 3D Flipbook – DearFlip <= 2.2.26 Title: Authenticated (Contributor+) Stored…

Read More

Essential Addons for Elementor Vulnerability– Best Elementor Templates, Widgets, Kits & WooCommerce Builders – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0954 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 1, 2024

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 66,002,609 Active Installs: 2,000,000 Last Updated: February 12, 2024 Patched Versions: 5.9.8 Affected Versions: <= 5.9.7 Vulnerability Details: Name: Essential Addons for Elementor –…

Read More

Advanced iFrame Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-7069 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 31, 2024

 Plugin Name: Advanced iFrame Key Information: Software Type: Plugin Software Slug: advanced-iframe Software Status: Active Software Author: mdempfle Software Downloads: 1,840,037 Active Installs: 60,000 Last Updated: February 1, 2024 Patched Versions: 2024.0 Affected Versions: <= 2023.10 Vulnerability Details: Name: Advanced iFrame <= 2023.10 Title: Authenticated (Contributor+) Stored Cross-Site Scripting (XSS) Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2023-7069 CVSS…

Read More

Website Builder by SeedProd Vulnerability – Missing Authorization via seedprod_lite_new_lpage – CVE-2024-1072 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 31, 2024

Plugin Name: Website Builder by SeedProd – Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Key Information: Software Type: Plugin Software Slug: coming-soon Software Status: Active Software Author: seedprod Software Downloads: 23,816,722 Active Installs: 900,000 Last Updated: February 1, 2024 Patched Versions: 6.15.23 Affected Versions: <= 6.15.21 Vulnerability Details: Name: Website Builder by…

Read More

Cookie Information | Free GDPR Consent Solution Vulnerability – Authenticated (Subscriber+) Arbitrary Options Update – CVE-2023-6700 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 29, 2024

Plugin Name: Cookie Information | Free GDPR Consent Solution Key Information: Software Type: Plugin Software Slug: wp-gdpr-compliance Software Status: Active Software Author: cookieinformation Software Downloads: 3,745,212 Active Installs: 100,000 Last Updated: February 2, 2024 Patched Versions: 2.0.23 Affected Versions: <= 2.0.22 Vulnerability Details: Name: Cookie Information | Free GDPR Consent Solution <= 2.0.22 Title: Authenticated…

Read More