Site Protection

Prime Slider – Addons For Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Pacific Widget – CVE-2024-5640 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jun 6, 2024

Plugin Name: Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) Key Information: Software Type: Plugin Software Slug: bdthemes-prime-slider-lite Software Status: Active Software Author: bdthemes Software Downloads: 2,491,843 Active Installs: 100,000 Last Updated: June 20, 2024 Patched Versions: 3.14.8 Affected Versions: <= 3.14.7 Vulnerability Details: Name: Prime Slider – Addons…

Read More

Burst Statistics Vulnerability – Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count – CVE-2024-1894 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 12, 2024

Plugin Name: Burst Statistics – Privacy-Friendly Analytics for WordPress Key Information: Software Type: Plugin Software Slug: burst-statistics Software Status: Active Software Author: rogierlankhorst Software Downloads: 1,792,011 Active Installs: 100,000 Last Updated: March 14, 2024 Patched Versions: 1.5.7 Affected Versions: <= 1.5.6.1 Vulnerability Details: Name: Burst Statistics <= 1.5.6.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via…

Read More

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 12, 2024

Plugin Name: Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks Key Information: Software Type: Plugin Software Slug: post-grid Software Status: Active Software Author: pickplugins Software Downloads: 2,751,180 Active Installs: 50,000 Last Updated: March 13, 2024 Patched Versions: 2.2.69 Affected Versions: <= 2.2.68 Vulnerability Details: Name: Post Grid Combo…

Read More

Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 11, 2024

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 67,142,962 Active Installs: 2,000,000 Last Updated: March 13, 2024 Patched Versions: 5.9.10 Affected Versions: <= 5.9.9 Vulnerability Details: Name: Essential Addons for Elementor <=…

Read More

WordPress Plugin Vulnerability Report – Ad Inserter – Unauthenticated Sensitive Information Exposure – CVE-2023-4668, CVE-2023-4645

By Your WP Guy / Sep 22, 2023

Plugin Name: Ad Inserter Key Information: Software Type: Plugin Software Slug: ad-inserter Software Status: Active Software Author: Spacetime Software Downloads: 13,908,300 Active Installs: 300,000 Last Updated: September 22, 2023 Patched Versions: 2.7.31 Affected Versions: 2.7.30 Vulnerability Details: Name: Ad Inserter <= 2.7.30 – Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe Type: Missing Authorization CVE: CVE-2023-4668 CVSS…

Read More

WordPress Plugin Vulnerability Report: User Feedback – Unauthenticated Stored Cross-Site Scripting – CVE-2023-39308

By Your WP Guy / Sep 8, 2023

Plugin Name: User Feedback Key Information: Software Type: Plugin Software Slug: userfeedback-lite Software Status: Active Software Author: smub Software Downloads: 348,588 Active Installs: 100,000 Last Updated: September 7, 2023 Patched Versions: 1.0.8 Affected Versions: <=1.0.7 Vulnerability Details: Name: User Feedback <= 1.0.7 – Unauthenticated Stored Cross-Site Scripting Type: Improper Neutralization of Input During Web Page…

Read More