digital asset protection
FileBird Vulnerability – WordPress Media Library Folders & File Manager – Authenticated Insecure Direct Object Reference – CVE-2024-2346 | WordPress Plugin Vulnerability Report
Plugin Name: FileBird – WordPress Media Library Folders & File Manager Key Information: Software Type: Plugin Software Slug: filebird Software Status: Active Software Author: ninjateam Software Downloads: 4,220,916 Active Installs: 200,000 Last Updated: April 25, 2024 Patched Versions: 5.6.4 Affected Versions: <= 5.6.3 Vulnerability Details: Name: FileBird – WordPress Media Library Folders & File Manager…
Read MoreJeg Elementor Kit Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,029,705 Active Installs: 200,000 Last Updated: April 2, 2024 Patched Versions: 2.6.4 Affected Versions: <= 2.6.3 Vulnerability 1 Details: Name: Jeg Elementor Kit <= 2.6.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box…
Read MorePods Vulnerability – Custom Content Types and Fields – Authenticated (Contributor+) SQL Injection via Shortcode – CVE-2023-6967 | WordPress Plugin Vulnerability Report
Plugin Name: Pods – Custom Content Types and Fields Key Information: Software Type: Plugin Software Slug: pods Software Status: Active Software Author: sc0ttkclark Software Downloads: 4,033,656 Active Installs: 100,000 Last Updated: April 1, 2024 Patched Versions: 2.7.31.2, 2.8.23.2, 2.9.19.2, 3.0.10.2 Affected Versions: < 2.7.31, 3 – 3.0.10, 2.8 – 2.8.23 Vulnerability Details: Name: Pods –…
Read MoreSydney Toolbox Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via _id – CVE-2024-2936 |WordPress Plugin Vulnerability Report
Plugin Name: Sydney Toolbox Key Information: Software Type: Plugin Software Slug: sydney-toolbox Software Status: Active Software Author: athemes Software Downloads: 2,161,148 Active Installs: 80,000 Last Updated: April 1, 2024 Patched Versions: 1.27 Affected Versions: <= 1.26 Vulnerability Details: Name: Sydney Toolbox <= 1.26 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via _id Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-2936…
Read MoreHappy Addons for Elementor Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting via Archive Title Widget – CVE-2024-1366 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,213,235 Active Installs: 400,000 Last Updated: March 8, 2024 Patched Versions: 3.10.4 Affected Versions: <= 3.10.3 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Archive…
Read MoreCalculated Fields Form Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2020 | WordPress Plugin Vulnerability Report
Plugin Name: Calculated Fields Form Key Information: Software Type: Plugin Software Slug: calculated-fields-form Software Status: Active Software Author: codepeople Software Downloads: 6,626,617 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 5.1.57 Affected Versions: <= 5.1.56 Vulnerability Details: Name: Calculated Fields Form Professional <= 5.1.56 Title: Unauthenticated Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-2020…
Read MoreGenerateBlocks Vulnerability – Sensitive Information Exposure – CVE-2024-1452 | WordPress Plugin Vulnerability Report
Plugin Name: GenerateBlocks Key Information: Software Type: Plugin Software Slug: generateblocks Software Status: Active Software Author: edge22 Software Downloads: 1,658,618 Active Installs: 200,000 Last Updated: March 1, 2024 Patched Versions: 1.8.3 Affected Versions: <= 1.8.2 Vulnerability Details: Name: GenerateBlocks <= 1.8.2 Title: Sensitive Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1452 CVSS Score: 4.3 Publicly Published: March…
Read MoreWP Show Posts Vulnerability – Information Exposure – CVE-2024-1479 | WordPress Plugin Vulnerability Report
Plugin Name: WP Show Posts Key Information: Software Type: Plugin Software Slug: wp-show-posts Software Status: Active Software Author: edge22 Software Downloads: 477,238 Active Installs: 90,000 Last Updated: March 1, 2024 Patched Versions: 1.1.5 Affected Versions: <= 1.1.4 Vulnerability Details: Name: WP Show Posts <= 1.1.4 Title: Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1479 CVSS Score: 5.3…
Read MoreExclusive Addons for Elementor Vulnerability – Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1234 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 717,031 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 2.6.9.1 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…
Read More