Master Slider – Responsive Touch Slider Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6382 | WordPress Plugin Vulnerability Report

Plugin Name: Master Slider – Responsive Touch Slider Key Information: Software Type: Plugin Software Slug: master-slider Software Status: Active Software Author: averta Software Downloads: 2,830,772 Active Installs: 90,000 Last Updated: June 12, 2024 Patched Versions: 3.9.10 Affected Versions: <= 3.9.9 Vulnerability Details: Name: Master Slider – Responsive Touch Slider <= 3.9.9 Title: Authenticated (Contributor+) Stored…

Read More

Yoast SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4984 | WordPress Plugin Vulnerability Report

Plugin Name: Yoast SEO Key Information: Software Type: Plugin Software Slug: wordpress-seo Software Status: Active Software Author: yoast Software Downloads: 678,383,360 Active Installs: 10,000,000 Last Updated: May 14, 2024 Patched Versions: 22.7 Affected Versions: <= 22.6 Vulnerability Details: Name: Yoast SEO <= 22.6 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During…

Read More

WordPress Plugin Vulnerability Report – Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce – Authenticated Directory Traversal – CVE-2023-5414

Plugin Name: Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce Key Information: Software Type: Plugin Software Slug: email-subscribers Software Status: Active Software Author: icegram Software Downloads: 9,788,187 Active Installs: 100,000 Last Updated: October 11, 2023 Patched Versions: 5.6.24 Affected Versions: <= 5.6.23 Vulnerability Details: Name: Icegram Express <= 5.6.23 – Authenticated (Administrator+) Directory Traversal to Arbitrary File Read Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVE: CVE-2023-5414 CVSS…

Read More