proactive security measures

WP Shortcodes Plugin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode – CVE-2024-4553 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 20, 2024

Plugin Name: WP Shortcodes Plugin Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 20,236,762 Active Installs: 600,000 Last Updated: May 20, 2024 Patched Versions: 7.1.6 Affected Versions: <= 7.1.5 Vulnerability Details: Name: WP Shortcodes Plugin – Shortcodes Ultimate <= 7.1.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via…

Read More

MetForm Vulnerability – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor – Authenticated Stored Cross-Site Scripting via Widgets – CVE-2024-2791 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 1, 2024

Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author: XpeedStudio Software Downloads: 3,334,058 Active Installs: 300,000 Last Updated: April 4, 2024 Patched Versions: 3.8.6 Affected Versions: <= 3.8.5 Vulnerability Details: Name: Metform Elementor Contact Form Builder <=…

Read More

Booster for WooCommerce Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1534 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 6, 2024

Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software Downloads: 3,585,523 Active Installs: 50,000 Last Updated: March 8, 2024 Patched Versions: 7.1.8 Affected Versions: <= 7.1.7 Vulnerability Details: Name: Booster for WooCommerce <= 7.1.7 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More