secure WordPress installation
Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report
Plugin Name: Print Invoice & Delivery Notes for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-delivery-notes Software Status: Active Software Author: tychesoftwares Software Downloads: 999,558 Active Installs: 40,000 Last Updated: May 10, 2024 Patched Versions: 4.9.0 Affected Versions: <= 4.8.1 Vulnerability Details: Name: Multiple Plugins by tychesoftwares <= 4.8.1 Title: Missing Authorization to Notice…
Read MoreSpectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Path Traversal – CVE-2024-3107 | WordPress Plugin Vulnerability Report
Plugin Name: Spectra – WordPress Gutenberg Blocks Key Information: Software Type: Plugin Software Slug: ultimate-addons-for-gutenberg Software Status: Active Software Author: brainstormforce Software Downloads: 21,536,049 Active Installs: 700,000 Last Updated: May 12, 2024 Patched Versions: 2.12.7 Affected Versions: <= 2.12.6 Vulnerability Details: Name: Spectra – WordPress Gutenberg Blocks <= 2.12.6 Title: Authenticated (Contributor+) Path Traversal Type:…
Read MoreTutor LMS Vulnerability – eLearning and online course solution – Missing Authorization to Unauthenticated Limited Options Update – CVE-2024-3553 | WordPress Plugin Vulnerability Report
Plugin Name: Tutor LMS – eLearning and online course solution Key Information: Software Type: Plugin Software Slug: tutor Software Status: Active Software Author: themeum Software Downloads: 2,052,510 Active Installs: 80,000 Last Updated: May 10, 2024 Patched Versions: 2.7.0 Affected Versions: <= 2.6.2 Vulnerability Details: Name: Tutor LMS <= 2.6.2 Title: Missing Authorization to Unauthenticated Limited…
Read MoreFileOrganizer Vulnerability – Manage WordPress and Website Files – Authenticated Stored Cross-Site Scripting – CVE-2024-2324 | WordPress Plugin Vulnerability Report
Plugin Name: FileOrganizer – Manage WordPress and Website Files Key Information: Software Type: Plugin Software Slug: fileorganizer Software Status: Active Software Author: softaculous Software Downloads: 653,721 Active Installs: 100,000 Last Updated: May 9, 2024 Patched Versions: 1.0.7 Affected Versions: <= 1.0.6 Vulnerability Details: Name: FileOrganizer and FileOrganizer Pro <= 1.0.6 Title: Authenticated Stored Cross-Site Scripting…
Read MoreComments – wpDiscuz Vulnerability – Authenticated Stored Cross-Site Scripting via Uploaded Image Alternative Text – CVE-2024-2477 | WordPress Plugin Vulnerability Report
Plugin Name: Comments – wpDiscuz Key Information: Software Type: Plugin Software Slug: wpdiscuz Software Status: Active Software Author: advancedcoding Software Downloads: 3,284,736 Active Installs: 80,000 Last Updated: May 9, 2024 Patched Versions: 7.6.16 Affected Versions: <= 7.6.15 Vulnerability Details: Name: wpDiscuz <= 7.6.15 Title: Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Image Alternative Text Type:…
Read MoreUser Registration Vulnerability – Custom Registration Form, Login Form, and User Profile – Missing Authorization to Authenticated (Subscriber+) Privilege Escalation – CVE-2024-2417 | WordPress Plugin Vulnerability Report
Plugin Name: User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin Key Information: Software Type: Plugin Software Slug: user-registration Software Status: Active Software Author: wpeverest Software Downloads: 2,655,257 Active Installs: 70,000 Last Updated: May 2, 2024 Patched Versions: 3.2.0 Affected Versions: <=3.1.5 Vulnerability Details: Name: User Registration – Custom Registration Form,…
Read More