data protection

WP Plugin Vulnerabilities Image - WPvivid Backup & Migration Plugin Vulnerability - Authenticated (Admin+) PHAR Deserialization - CVE-2024-3054 | WordPress Plugin Vulnerability Report - data protection

WPvivid Backup & Migration Plugin Vulnerability – Authenticated (Admin+) PHAR Deserialization – CVE-2024-3054 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 11, 2024

Plugin Name: WPvivid Backup & Migration Plugin Key Information: Software Type: Plugin Software Slug: wpvivid-backuprestore Software Status: Active Software Author: wpvividplugins Software Downloads: 7,313,881 Active Installs: 400,000 Last Updated: April 25, 2024 Patched Versions: 0.9.100 Affected Versions: <= 0.9.99 Vulnerability Details: Name: WPvivid Backup & Migration Plugin <= 0.9.99 Title: Authenticated (Admin+) PHAR Deserialization Type:…

Read More
WP Plugin Vulnerabilities Image - Booking for Appointments and Events Calendar Vulnerability – Amelia - Cross-Site Request Forgery - CVE-2024-31425 | WordPress Plugin Vulnerability Report - data protection

Booking for Appointments and Events Calendar Vulnerability – Amelia – Cross-Site Request Forgery – CVE-2024-31425 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Booking for Appointments and Events Calendar – Amelia Key Information: Software Type: Plugin Software Slug: ameliabooking Software Status: Active Software Author: ameliabooking Software Downloads: 602,133 Active Installs: 60,000 Last Updated: April 24, 2024 Patched Versions: 1.0.96 Affected Versions: <= 1.0.95 Vulnerability Details: Name: Amelia <= 1.0.95 Title: Cross-Site Request Forgery Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE:…

Read More
WP Plugin Vulnerabilities Image - Clone Vulnerability - Missing Authorization - CVE-2024-31435 | WordPress Plugin Vulnerability Report - data protection

Clone Vulnerability – Missing Authorization – CVE-2024-31435 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Clone Key Information: Software Type: Plugin Software Slug: wp-clone-by-wp-academy Software Status: Active Software Author: migrate Software Downloads: 3,222,101 Active Installs: 80,000 Last Updated: April 24, 2024 Patched Versions: 2.4.4 Affected Versions: <= 2.4.3 Vulnerability Details: Name: Inisev Analyst Module <= 2.4.3 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-31435 CVSS Score: 4.3 Publicly Published:…

Read More
WP Plugin Vulnerabilities Image - Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Vulnerability - Sensitive Information Exposure - CVE-2024-2966 | WordPress Plugin Vulnerability Report - data protection

Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Vulnerability – Sensitive Information Exposure – CVE-2024-2966 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Key Information: Software Type: Plugin Software Slug: bdthemes-element-pack-lite Software Status: Active Software Author: bdthemes Software Downloads: 2,021,948 Active Installs: 100,000 Last Updated: April 24, 2024 Patched Versions: 5.6.0 Affected Versions: <= 5.5.6 Vulnerability Details: Name: Element Pack Elementor Addons…

Read More
WP Plugin Vulnerabilities Image - File Manager Vulnerability - Authenticated Directory Traversal - CVE-2024-2654 | WordPress Plugin Vulnerability Report - data protection

File Manager Vulnerability – Authenticated Directory Traversal – CVE-2024-2654 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 3, 2024

Plugin Name: File Manager Key Information: Software Type: Plugin Software Slug: wp-file-manager Software Status: Active Software Author: mndpsingh287 Software Downloads: 21,240,440 Active Installs: 1,000,000 Last Updated: April 3, 2024 Patched Versions: 7.2.6 Affected Versions: <= 7.2.5 Vulnerability Details: Name: File Manager <= 7.2.5 Title: Authenticated (Administrator+) Directory Traversal Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N CVE: CVE-2024-2654 CVSS Score: 6.4…

Read More
WP Plugin Vulnerabilities Image - Easy Digital Downloads Vulnerability - Sensitive Information Exposure - CVE-2024-2302 | WordPress Plugin Vulnerability Report  - data protection

Easy Digital Downloads Vulnerability – Sensitive Information Exposure – CVE-2024-2302 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 3, 2024

Plugin Name: Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) Key Information: Software Type: Plugin Software Slug: easy-digital-downloads Software Status: Active Software Author: smub Software Downloads: 4,925,252 Active Installs: 50,000 Last Updated: April 4, 2024 Patched Versions: 3.2.10 Affected Versions: <= 3.2.9 Vulnerability Details: Name: Easy Digital Downloads…

Read More
WP Plugin Vulnerabilities Image - Ultimate Addons for Beaver Builder Vulnerability – Lite - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget - CVE-2024-2144 | WordPress Plugin Vulnerability Report - data protection

Ultimate Addons for Beaver Builder Vulnerability – Lite – Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget – CVE-2024-2144 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: Ultimate Addons for Beaver Builder – Lite Key Information: Software Type: Plugin Software Slug: ultimate-addons-for-beaver-builder-lite Software Status: Active Software Author: brainstormforce Software Downloads: 499,391 Active Installs: 30,000 Last Updated: April 1, 2024 Patched Versions: 1.5.8 Affected Versions: <= 1.5.7 Vulnerability Details: Name: Ultimate Addons for Beaver Builder – Lite <= 1.5.7 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More
WP Plugin Vulnerabilities Image - Forminator Vulnerability - Unauthenticated Stored Cross-Site Scripting via File Upload - CVE-2024-1794 | WordPress Plugin Vulnerability Report - data protection

Forminator Vulnerability – Unauthenticated Stored Cross-Site Scripting via File Upload – CVE-2024-1794 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: Forminator Key Information: Software Type: Plugin Software Slug: forminator Software Status: Active Software Author: wpmudev Software Downloads: 6,543,744 Active Installs: 500,000 Last Updated: March 29, 2024 Patched Versions: 1.29.1 Affected Versions: <= 1.29.0 Vulnerability Details: Name: Forminator <= 1.29.0 – Unauthenticated Stored Cross-Site Scripting via File Upload Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2024-1794 CVSS Score: 7.2 (High) Publicly Published: March…

Read More
WP Plugin Vulnerabilities Image - PowerPack Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-2491, CVE-2024-2492 | WordPress Plugin Vulnerability Report - data protection

PowerPack Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2491, CVE-2024-2492 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: PowerPack Addons for Elementor Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status: Active Software Author: ideaboxcreations Software Downloads: 2,280,809 Active Installs: 100,000 Last Updated: March 29, 2024 Patched Versions: 2.7.19 Affected Versions: <= 2.7.18 Vulnerability Details: Name: PowerPack Addons for Elementor <= 2.7.18 – Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget, PowerPack Addons for Elementor <= 2.7.17 – Authenticated…

Read More