digital safety.

WP Plugin Vulnerabilities Image - User Registration Vulnerability– Custom Registration Form, Login Form, and User Profile WordPress Plugin - Unauthenticated Stored Self-Based Cross-Site Scripting - CVE-2024-1720 | WordPress Plugin Vulnerability Report - digital safety.

User Registration Vulnerability– Custom Registration Form, Login Form, and User Profile WordPress Plugin – Unauthenticated Stored Self-Based Cross-Site Scripting – CVE-2024-1720 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 6, 2024

Plugin Name: User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin Key Information: Software Type: Plugin Software Slug: user-registration Software Status: Active Software Author: wpeverest Software Downloads: 2,562,763 Active Installs: 60,000 Last Updated: March 8, 2024 Patched Versions: 3.1.5 Affected Versions: <= 3.1.4 Vulnerability Details: Name: User Registration – Custom Registration…

Read More
WP Plugin Vulnerabilities Image - Insert PHP Code Snippet Vulnerability - Authenticated (Admin+) Stored Cross-Site Scripting - CVE-2024-0658 |WordPress Plugin Vulnerability Report  - digital safety.

Insert PHP Code Snippet Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-0658 |WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 9, 2024

Plugin Name: Insert PHP Code Snippet Key Information: Software Type: Plugin Software Slug: insert-php-code-snippet Software Status: Active Software Author: f1logic Software Downloads: 890,439 Active Installs: 100,000 Last Updated: February 16, 2024 Patched Versions: 1.3.5 Affected Versions: <= 1.3.4 Vulnerability Details: Name: Insert PHP Code Snippet <= 1.3.4 Title: Authenticated (Admin+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N…

Read More
WP Plugin Vulnerabilities Image - WP Booking Calendar Vulnerability- Unauthenticated SQL Injection - CVE-2024-1207 | WordPress Plugin Vulnerability Report - digital safety.

WP Booking Calendar Vulnerability- Unauthenticated SQL Injection – CVE-2024-1207 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 7, 2024

Plugin Name: WP Booking Calendar Key Information: Software Type: Plugin Software Slug: booking Software Status: Active Software Author: wpdevelop Software Downloads: 3,262,200 Active Installs: 60,000 Last Updated: February 12, 2024 Patched Versions: 9.9.1 Affected Versions: <= 9.9 Vulnerability Details: Name: Booking Calendar <= 9.9 Title: Unauthenticated SQL Injection Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE: CVE-2024-1207 CVSS Score: 9.8…

Read More
WP Plugin Vulnerabilities Image - WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate - Authenticated Stored Cross-Site Scripting via shortcode - CVE-2024-0792 |WordPress Plugin Vulnerability Report  - digital safety.

WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate – Authenticated Stored Cross-Site Scripting via shortcode – CVE-2024-0792 |WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 7, 2024

Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,460,707 Active Installs: 600,000 Last Updated: February 12, 2024 Patched Versions: 7.0.2 Affected Versions: <= 7.0.1 Vulnerability Details: Name: WP Shortcodes Plugin – Shortcodes Ultimate <= 7.0.1 Title: Authenticated(Contributor+) Stored Cross-Site…

Read More
WP Plugin Vulnerabilities Image -  Customer Reviews for WooCommerce Vulnerability - Improper Authorization via submit_review - CVE-2024-1044 | WordPress Plugin Vulnerability Report - digital safety.

 Customer Reviews for WooCommerce Vulnerability – Improper Authorization via submit_review – CVE-2024-1044 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 6, 2024

Plugin Name: Customer Reviews for WooCommerce Key Information: Software Type: Plugin Software Slug: customer-reviews-woocommerce Software Status: Active Software Author: ivole Software Downloads: 3,898,158 Active Installs: 60,000 Last Updated: February 13, 2024 Patched Versions: 5.39.0 Affected Versions: <= 5.38.12 Vulnerability Details: Name: Customer Reviews for WooCommerce <= 5.38.12 Title: Improper Authorization via submit_review Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE:…

Read More
WP Plugin Vulnerabilities Image - BEAR Vulnerability– Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net - Missing Authorization via Several Functions - CVE-2024-24835 | WordPress Plugin Vulnerability Report - digital safety.

BEAR Vulnerability– Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net – Missing Authorization via Several Functions – CVE-2024-24835 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 2, 2024

Plugin Name: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net Key Information: Software Type: Plugin Software Slug: woo-bulk-editor Software Status: Active Software Author: realmag777 Software Downloads: 545,399 Active Installs: 30,000 Last Updated: February 8, 2024 Patched Versions: 1.1.4.1 Affected Versions: <= 1.1.4 Vulnerability Details: Name: BEAR <= 1.1.4 Title: Missing Authorization…

Read More
WP Plugin Vulnerabilities Image - Easy Digital Downloads Vulnerability– Sell Digital Files (eCommerce Store & Payments Made Easy) - Authenticated (Shop Manager+) Stored Cross-Site Scripting - CVE-2024-0659 | WordPress Plugin Vulnerability Report - digital safety.

Easy Digital Downloads Vulnerability– Sell Digital Files (eCommerce Store & Payments Made Easy) – Authenticated (Shop Manager+) Stored Cross-Site Scripting – CVE-2024-0659 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 2, 2024

Plugin Name: Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) Key Information: Software Type: Plugin Software Slug: easy-digital-downloads Software Status: Active Software Author: smub Software Downloads: 4,802,741 Active Installs: 50,000 Last Updated: February 8, 2024 Patched Versions: 3.2.7 Affected Versions: <= 3.2.6 Vulnerability Details: Name: Easy Digital Downloads <= 3.2.6…

Read More
WP Plugin Vulnerabilities Image - PDF Flipbook, 3D Flipbook Vulnerability– DearFlip - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-0895 | WordPress Plugin Vulnerability Report  - digital safety.

PDF Flipbook, 3D Flipbook Vulnerability– DearFlip – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0895 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 2, 2024

Plugin Name: PDF Flipbook, 3D Flipbook – DearFlip Key Information: Software Type: Plugin Software Slug: 3d-flipbook-dflip-lite Software Status: Active Software Author: dearhive Software Downloads: 1,178,266 Active Installs: 100,000 Last Updated: February 8, 2024 Patched Versions: 2.2.27 Affected Versions: <= 2.2.26 Vulnerability Details: Name: PDF Flipbook, 3D Flipbook – DearFlip <= 2.2.26 Title: Authenticated (Contributor+) Stored…

Read More
WP Plugin Vulnerabilities Image - Orbit Fox by ThemeIsle Vulnerability - Cross-Site Request Forgery - CVE-2024-1162 | WordPress Plugin Vulnerability Report - digital safety.

Orbit Fox by ThemeIsle Vulnerability – Cross-Site Request Forgery – CVE-2024-1162 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 1, 2024

Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: ThemeIsle Software Downloads: 11,093,244 Active Installs: 200,000 Last Updated: February 1, 2024 Patched Versions: 2.10.230 Affected Versions: <= 2.10.29 Vulnerability Details: Name: Orbit Fox by ThemeIsle <= 2.10.29 Title: Cross-Site Request Forgery (CSRF) Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE:…

Read More