digital security best practices

EmbedPress Vulnerability – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3244 & CVE-2024-3245 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 5, 2024

Plugin Name: EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor Key Information: Software Type: Plugin Software Slug: embedpress Software Status: Active Software Author: wpdevteam Software Downloads: 2,444,164 Active Installs: 90,000 Last Updated: April 10, 2024 Patched Versions: 3.9.15 Affected Versions: <= 3.9.14…

Read More

SecuPress Free Vulnerability — WordPress Security – Cross-Site Request Forgery to Banned IP Address – CVE-2024-1504 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 1, 2024

Plugin Name: SecuPress Free – WordPress Security Key Information: Software Type: Plugin Software Slug: secupress Software Status: Active Software Author: SecuPress Software Downloads: 623,070 Active Installs: 40,000 Last Updated: April 2, 2024 Patched Versions: 2.2.5.2 Affected Versions: <= 2.2.5.1 Vulnerability Details: Name: SecuPress Free – WordPress Security <= 2.2.5.1 Title: Cross-Site Request Forgery to Banned…

Read More

WP 404 Auto Redirect to Similar Post Vulnerability- Reflected Cross-Site Scripting via request – CVE-2024-0509 |WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 5, 2024

Plugin Name: WP 404 Auto Redirect to Similar Post Key Information: Software Type: Plugin Software Slug: wp-404-auto-redirect-to-similar-post Software Status: Active Software Author: hwk-fr Software Downloads: 266,878 Active Installs: 40,000 Last Updated: February 8, 2024 Patched Versions: 1.0.4 Affected Versions: <= 1.0.3 Vulnerability Details: Name: WP 404 Auto Redirect to Similar Post <= 1.0.3 Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N…

Read More

Instant Images Vulnerability– One Click Image Uploads from Unsplash, Openverse, Pixabay, and Pexels – Authenticated (Author+) Arbitrary Options Update – CVE-2024-0869 |WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 29, 2024

Plugin Name: Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay, and Pexels Key Information: Software Type: Plugin Software Slug: instant-images Software Status: Active Software Author: connekthq Software Downloads: 1,803,436 Active Installs: 100,000 Last Updated: February 2, 2024 Patched Versions: 6.1.1 Affected Versions: <= 6.1.0 Vulnerability Details: Name: Instant Images <= 6.1.0 Title:…

Read More