secure WordPress installations

WP Plugin Vulnerabilities Image - MainWP Child Reports Vulnerability - Cross-Site Request Forgery - CVE-2024-33680 | WordPress Plugin Vulnerability Report - secure WordPress installations

MainWP Child Reports Vulnerability – Cross-Site Request Forgery – CVE-2024-33680 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 26, 2024

Plugin Name: MainWP Child Reports Key Information: Software Type: Plugin Software Slug: mainwp-child-reports Software Status: Active Software Author: mainwp Software Downloads: 943,776 Active Installs: 80,000 Last Updated: May 10, 2024 Patched Versions: 2.2 Affected Versions: <= 2.1.1 Vulnerability Details: Name: MainWP Child Reports <= 2.1.1 Title: Cross-Site Request Forgery Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE: CVE-2024-33680 CVSS Score:…

Read More
WP Plugin Vulnerabilities Image - NextGEN Gallery Vulnerability - Authenticated Stored Cross-Site Scripting - CVE-2024-2744 | WordPress Plugin Vulnerability Report  - secure WordPress installations

NextGEN Gallery Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2744 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 26, 2024

Plugin Name: NextGEN Gallery – Create an Amazing Photo Gallery in Seconds Key Information: Software Type: Plugin Software Slug: nextgen-gallery Software Status: Active Software Author: smub Software Downloads: 40,372,789 Active Installs: 500,000 Last Updated: May 12, 2024 Patched Versions: 3.59.1 Affected Versions: <= 3.59 Vulnerability Details: Name: NextGEN Gallery <= 3.59 Title: Authenticated (Administrator+) Stored…

Read More
WP Plugin Vulnerabilities Image - Template Kit – Import Vulnerability - Authenticated Stored Cross-Site Scripting via Template Upload - CVE-2024-2334 | WordPress Plugin Vulnerability Report - secure WordPress installations

Template Kit – Import Vulnerability – Authenticated Stored Cross-Site Scripting via Template Upload – CVE-2024-2334 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 1, 2024

Plugin Name: Template Kit – Import Key Information: Software Type: Plugin Software Slug: template-kit-import Software Status: Active Software Author: Envato Software Downloads: 548,134 Active Installs: 100,000 Last Updated: April 2, 2024 Patched Versions: 1.0.15 Affected Versions: <= 1.0.14 Vulnerability Details: Name: Template Kit – Import <= 1.0.14 Title: Authenticated (Author+) Stored Cross-Site Scripting via Template…

Read More
WP Plugin Vulnerabilities Image - WP Chat App Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Image Attribute - CVE-2024-2513 |WordPress Plugin Vulnerability Report - secure WordPress installations

WP Chat App Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Block Image Attribute – CVE-2024-2513 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 29, 2024

Plugin Name: WP Chat App Key Information: Software Type: Plugin Software Slug: wp-whatsapp Software Status: Active Software Author: ninjateam Software Downloads: 950,913 Active Installs: 100,000 Last Updated: April 1, 2024 Patched Versions: 3.6.3 Affected Versions: <= 3.6.2 Vulnerability Details: Name: WP Chat App <= 3.6.2 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Image Attribute…

Read More