SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1723 | WordPress Plugin Vulnerability Report

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 38,486,908 Active Installs: 600,000 Last Updated: March 7, 2024 Patched Versions: 1.58.8 Affected Versions: <= 1.58.7 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.58.7 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1723…

Read More

SiteOrigin Widgets Bundle Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1058 | WordPress Plugin Vulnerability Report

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 37,808,389 Active Installs: 600,000 Last Updated: February 16, 2024 Patched Versions: 1.58.4 Affected Versions: <= 1.58.3 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.58.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1058…

Read More

SiteOrigin Widgets Bundle Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0961 |WordPress Plugin Vulnerability Report

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 37,152,267 Active Installs: 600,000 Last Updated: February 1, 2024 Patched Versions: 1.58.2 Affected Versions: <= 1.58.1 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.58.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-0961…

Read More

WordPress Plugin Vulnerability Report – SiteOrigin Widgets Bundle – Authenticated (Admin+) Local File Inclusion – CVE-2023-6295

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 36,509,376 Active Installs: 600,000 Last Updated: November 27, 2023 Patched Versions: 1.51.0 Affected Versions: <= 1.50.1 Vulnerability Details: Name: SiteOrigin Widgets Bundle < 1.51.0 – Authenticated (Admin+) Local File Inclusion Title: Authenticated (Admin+) Local File Inclusion Type: Improper Control of Filename for Include/Require Statement in PHP…

Read More