Blog2Social: Social Media Auto Post & Scheduler Vulnerability – Information Exposure – CVE-2024-3678 | WordPress Plugin Vulnerability Report 

Plugin Name: Blog2Social: Social Media Auto Post & Scheduler Key Information: Software Type: Plugin Software Slug: blog2social Software Status: Active Software Author: pr-gateway Software Downloads: 3,487,933 Active Installs: 60,000 Last Updated: May 10, 2024 Patched Versions: 7.5.0 Affected Versions: <= 7.4.2 Vulnerability Details: Name: Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 Title: Information…

Read More

BoldGrid Easy SEO Vulnerability – Simple and Effective SEO – Information Exposure – CVE-2024-2950 | WordPress Plugin Vulnerability Report

Plugin Name: BoldGrid Easy SEO – Simple and Effective SEO Key Information: Software Type: Plugin Software Slug: boldgrid-easy-seo Software Status: Active Software Author: BoldGrid Software Downloads: 737,899 Active Installs: 70,000 Last Updated: April 15, 2024 Patched Versions: 1.6.15 Affected Versions: <= 1.6.14 Vulnerability Details: Name: BoldGrid Easy SEO – Simple and Effective SEO <= 1.6.14…

Read More

WPFront User Role Editor Vulnerability – Limited Information Exposure – CVE-2024-2931 | WordPress Plugin Vulnerability Report

Plugin Name: WPFront User Role Editor Key Information: Software Type: Plugin Software Slug: wpfront-user-role-editor Software Status: Active Software Author: syammohanm Software Downloads: 787,036 Active Installs: 50,000 Last Updated: April 2, 2024 Patched Versions: 4.1.0 Affected Versions: <= 3.2.1.11184 Vulnerability Details: Name: WPFront User Role Editor <= 3.2.1.11184 Title: Limited Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-2931…

Read More

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

Plugin Name: Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks Key Information: Software Type: Plugin Software Slug: post-grid Software Status: Active Software Author: pickplugins Software Downloads: 2,751,180 Active Installs: 50,000 Last Updated: March 13, 2024 Patched Versions: 2.2.69 Affected Versions: <= 2.2.68 Vulnerability Details: Name: Post Grid Combo…

Read More

GenerateBlocks Vulnerability – Sensitive Information Exposure – CVE-2024-1452 | WordPress Plugin Vulnerability Report

Plugin Name: GenerateBlocks Key Information: Software Type: Plugin Software Slug: generateblocks Software Status: Active Software Author: edge22 Software Downloads: 1,658,618 Active Installs: 200,000 Last Updated: March 1, 2024 Patched Versions: 1.8.3 Affected Versions: <= 1.8.2 Vulnerability Details: Name: GenerateBlocks <= 1.8.2 Title: Sensitive Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1452 CVSS Score: 4.3 Publicly Published: March…

Read More

WP Show Posts Vulnerability – Information Exposure – CVE-2024-1479 | WordPress Plugin Vulnerability Report

Plugin Name: WP Show Posts Key Information: Software Type: Plugin Software Slug: wp-show-posts Software Status: Active Software Author: edge22 Software Downloads: 477,238 Active Installs: 90,000 Last Updated: March 1, 2024 Patched Versions: 1.1.5 Affected Versions: <= 1.1.4 Vulnerability Details: Name: WP Show Posts <= 1.1.4 Title: Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1479 CVSS Score: 5.3…

Read More

WP Maintenance Vulnerability – Information Exposure – CVE-2024-1472 | WordPress Plugin Vulnerability Report

Plugin Name: WP Maintenance Key Information: Software Type: Plugin Software Slug: wp-maintenance Software Status: Active Software Author: florent73 Software Downloads: 903,892 Active Installs: 50,000 Last Updated: February 27, 2024 Patched Versions: 6.1.7 Affected Versions: <= 6.1.6 Vulnerability Details: Name: WP Maintenance <= 6.1.6 Title: Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1472 CVSS Score: 5.3 Publicly Published:…

Read More

WordPress Plugin Vulnerability Report – Social Media Share Buttons & Social Sharing Icons – Cross-Site Request Forgery – CVE-2023-5602 – Information Exposure – CVE-2023-5070

Plugin Name: Social Media Share Buttons & Social Sharing Icons Key Information: Software Type: Plugin Software Slug: ultimate-social-media-icons Software Status: Active Software Author: socialdude Software Downloads: 10,654,500 Active Installs: 100,000 Last Updated: October 16, 2023 Patched Versions: 2.8.6 Affected Versions: <=2.8.5 Vulnerability 1 Details: Name: Social Media Share Buttons & Social Sharing Icons <= 2.8.5 – Cross-Site Request Forgery Type: Cross-Site…

Read More

WordPress Plugin Vulnerability Report – Ad Inserter – Unauthenticated Sensitive Information Exposure – CVE-2023-4668, CVE-2023-4645

Plugin Name: Ad Inserter Key Information: Software Type: Plugin Software Slug: ad-inserter Software Status: Active Software Author: Spacetime Software Downloads: 13,908,300 Active Installs: 300,000 Last Updated: September 22, 2023 Patched Versions: 2.7.31 Affected Versions: 2.7.30 Vulnerability Details: Name: Ad Inserter <= 2.7.30 – Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe Type: Missing Authorization CVE: CVE-2023-4668 CVSS…

Read More

WordPress Plugin Vulnerability Report: EWWW Image Optimizer – Sensitive Information Exposure

Plugin Name: EWWW Image Optimizer Key Information: Software Type: Plugin Software Slug: ewww-image-optimizer Software Status: Active Software Author: nosilver4u Software Downloads: 33,159,954 Active Installs: 1,000,000 Last Updated: September 7, 2023 Patched Versions: 7.2.1 Affected Versions: <7.2.1 Vulnerability Details: Name: EWWW Image Optimizer <= 7.2.0 – Sensitive Information Exposure Type: Information Exposure CVSS Score: 5.3 (medium)…

Read More