Online Presence

Gutenberg Blocks Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4057, CVE-2024-3189, CVE-2024-4208 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 14, 2024

Plugin Name: Gutenberg Blocks Key Information: Software Type: Plugin Software Slug: kadence-blocks Software Status: Active Software Author: britner Software Downloads: 19,473,277 Active Installs: 400,000 Last Updated: May 14, 2024 Patched Versions: 3.2.38 Affected Versions: <= 3.2.37 Vulnerability Details: Name: Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 – Authenticated (Contributor+) Stored Cross-Site…

Read More

RSS Aggregator Vulnerability – Reflected Cross-Site Scripting – CVE-2024-4860 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 14, 2024

Plugin Name: RSS Aggregator Key Information: Software Type: Plugin Software Slug: wp-rss-aggregator Software Status: Active Software Author: jeangalea Software Downloads: 2,771,177 Active Installs: 50,000 Last Updated: May 14, 2024 Patched Versions: 4.23.9 Affected Versions: <= 4.23.8 Vulnerability Details: Name: RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.8 – Reflected…

Read More

Yoast SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4984 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 14, 2024

Plugin Name: Yoast SEO Key Information: Software Type: Plugin Software Slug: wordpress-seo Software Status: Active Software Author: yoast Software Downloads: 678,383,360 Active Installs: 10,000,000 Last Updated: May 14, 2024 Patched Versions: 22.7 Affected Versions: <= 22.6 Vulnerability Details: Name: Yoast SEO <= 22.6 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During…

Read More

Forminator Vulnerability – Unauthenticated Stored Cross-Site Scripting via File Upload – CVE-2024-1794 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: Forminator Key Information: Software Type: Plugin Software Slug: forminator Software Status: Active Software Author: wpmudev Software Downloads: 6,543,744 Active Installs: 500,000 Last Updated: March 29, 2024 Patched Versions: 1.29.1 Affected Versions: <= 1.29.0 Vulnerability Details: Name: Forminator <= 1.29.0 – Unauthenticated Stored Cross-Site Scripting via File Upload Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2024-1794 CVSS Score: 7.2 (High) Publicly Published: March…

Read More

PowerPack Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2491, CVE-2024-2492 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: PowerPack Addons for Elementor Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status: Active Software Author: ideaboxcreations Software Downloads: 2,280,809 Active Installs: 100,000 Last Updated: March 29, 2024 Patched Versions: 2.7.19 Affected Versions: <= 2.7.18 Vulnerability Details: Name: PowerPack Addons for Elementor <= 2.7.18 – Authenticated (Contributor+) Stored Cross-Site Scripting via Twitter Tweet Widget, PowerPack Addons for Elementor <= 2.7.17 – Authenticated…

Read More

What Are the Benefits of WordPress Maintenance?

By Your WP Guy / Jul 11, 2023

You’ve made the choice to build your website through WordPress. *Hold for applause.* You’ve made an excellent choice! As the world’s most popular content management system, WordPress is known for its flexibility, user-friendly interface, and extensive customization options. Seems like you did your research! But now what? Well, a WordPress website is a living being.…

Read More

What is an Alias Domain or Domain Alias?

By Your WordPress Guy / Jul 12, 2022

We’ve all done it – logged onto our computer to visit a website that we were so sure we knew the URL of. We confidently typed idefinitelyknowmystuff.com into the URL bar, only to find the “site can’t be reached.” The site we were so sure of was actually idefinitelyDONTknowmystuff.com. Face Palm. Or, perhaps we’ve typed…

Read More