Cybersecurity
Loco Translate Vulnerability – Cross-Site Request Forgery – CVE-2024-37236 | WordPress Plugin Vulnerability Report
Plugin Name: Loco Translate Key Information: Software Type: Plugin Software Slug: loco-translate Software Status: Active Software Author: timwhitlock Software Downloads: 26,085,928 Active Installs: 1,000,000 Last Updated: July 16, 2024 Patched Versions: 2.6.10 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Loco Translate <= 2.6.9 Type: Cross-Site Request Forgery CVE: CVE-2024-37236 CVSS Score: 4.3 Publicly Published: June…
Solid Security – Password, Two Factor Authentication, and Brute Force Protection Vulnerability – IP Address Spoofing to Denial of Service – CVE-2022-44593 | WordPress Plugin Vulnerability Report
Plugin Name: Solid Security – Password, Two Factor Authentication, and Brute Force Protection Key Information: Software Type: Plugin Software Slug: better-wp-security Software Status: Active Software Author: ithemes Software Downloads: 31,710,465 Active Installs: 900,000 Last Updated: July 22, 2024 Patched Versions: 9.3.2 Affected Versions: <= 9.3.1 Vulnerability Details: Name: Solid Security <= 9.3.1 Title: IP Address…
Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN Vulnerability – Missing Authorization to Resmush List Deletion – CVE-2023-3352 | WordPress Plugin Vulnerability Report
Plugin Name: Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN Key Information: Software Type: Plugin Software Slug: wp-smushit Software Status: Active Software Author: wpmudev Software Downloads: 54,994,090 Active Installs: 1,000,000 Last Updated: July 22, 2024 Patched Versions: 3.16.5 Affected Versions: <= 3.16.4 Vulnerability Details: Name:…
Easy Table of Contents Vulnerability- Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2024-6334 |WordPress Plugin Vulnerability Report
Plugin Name: Easy Table of Contents Key Information: Software Type: Plugin Software Slug: easy-table-of-contents Software Status: Active Software Author: magazine3 Software Downloads: 12,901,982 Active Installs: 500,000 Last Updated: July 26, 2024 Patched Versions: 2.0.67.1 Affected Versions: <= 2.0.67 Vulnerability Details: Name: Easy Table of Contents <= 2.0.67 Title: Authenticated (Editor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N…
Jeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs and JKit – Accordion Widgets – CVE-2024-4479 | WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,393,902 Active Installs: 200,000 Last Updated: July 2, 2024 Patched Versions: 2.6.6 Affected Versions: <= 2.6.5 Vulnerability Details: Name: Jeg Elementor Kit <= 2.6.5 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs…
Simple Sitemap Vulnerability – Cross-Site Request Forgery via admin_notices – CVE-2023-6492 | WordPress Plugin Vulnerability Report
Plugin Name: Simple Sitemap – Create a Responsive HTML Sitemap Key Information: Software Type: Plugin Software Slug: simple-sitemap Software Status: Active Software Author: dgwyer Software Downloads: 1,541,369 Active Installs: 90,000 Last Updated: July 2, 2024 Patched Versions: 3.5.14 Affected Versions: <= 3.5.13 Vulnerability Details: Name: Simple Sitemap <= 3.5.13 Title: Cross-Site Request Forgery via admin_notices…
PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget – CVE-2024-5787 | WordPress Plugin Vulnerability Report
Plugin Name:PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status: Active Software Author: ideaboxcreations Software Downloads: 2,434,102 Active Installs: 100,000 Last Updated: July 2, 2024 Patched Versions: 2.7.21 Affected Versions: <= 2.7.20 Vulnerability Details: Name: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <=…
WP Go Maps (formerly WP Google Maps) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5994 | WordPress Plugin Vulnerability Report
Plugin Name:WP Go Maps (formerly WP Google Maps) Key Information: Software Type: Plugin Software Slug: wp-google-maps Software Status: Active Software Author: wpgmaps Software Downloads: 23,828,563 Active Installs: 300,000 Last Updated: July 2, 2024 Patched Versions: 9.0.39 Affected Versions: <= 9.0.38 Vulnerability Details: Name: WP Go Maps (formerly WP Google Maps) <= 9.0.38 Title: Authenticated (Contributor+)…
Gutenberg Blocks with AI by Kadence WP – Page Builder Features Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter – CVE-2024-4863 | WordPress Plugin Vulnerability Report
Plugin Name:Gutenberg Blocks with AI by Kadence WP – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks Software Status: Active Software Author: britner Software Downloads: 20,652,980 Active Installs: 400,000 Last Updated: July 2, 2024 Patched Versions: 3.2.39 Affected Versions: <= 3.2.38 Vulnerability Details: Name: Gutenberg Blocks by Kadence Blocks – Page Builder…
Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Vulnerability – Exposure of Sensitive Information via the UI – CVE-2024-3073 | WordPress Plugin Vulnerability Report
Plugin Name:Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Key Information: Software Type: Plugin Software Slug: easy-wp-smtp Software Status: Active Software Author: smub Software Downloads: 9,862,613 Active Installs: 600,000 Last Updated: July 2, 2024 Patched Versions: 2.3.1 Affected Versions: <= 2.3.0 Vulnerability Details: Name: Easy WP SMTP by SendLayer <= 2.3.0…