small business cybersecurity
BackUpWordPress Vulnerability – Authenticated (Admin+) Directory Traversal – CVE-2024-3034 | WordPress Plugin Vulnerability Report
Plugin Name: BackUpWordPress Key Information: Software Type: Plugin Software Slug: backupwordpress Software Status: Active Software Author: willmot Software Downloads: 4,796,104 Active Installs: 100,000 Last Updated: May 10, 2024 Patched Versions: 3.14 Affected Versions: <= 3.13 Vulnerability Details: Name: BackUpWordPress <= 3.13 Title: Authenticated (Admin+) Directory Traversal Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-3034 CVSS Score: 2.7 Publicly Published:…
Read MoreWP-Members Membership Plugin Vulnerability – Unprotected Storage of Potentially Sensitive Files – CVE-2024-2920 | WordPress Plugin Vulnerability Report
Plugin Name: WP-Members Membership Plugin Key Information: Software Type: Plugin Software Slug: wp-members Software Status: Active Software Author: cbutlerjr Software Downloads: 3,498,751 Active Installs: 60,000 Last Updated: May 10, 2024 Patched Versions: 3.4.9.4 Affected Versions: <= 3.4.9.3 Vulnerability Details: Name: WP-Members Membership Plugin <= 3.4.9.3 Title: Unprotected Storage of Potentially Sensitive Files Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE:…
Read MoreContent Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Post Overlay – CVE-2024-3929 | WordPress Plugin Vulnerability Report –
Plugin Name: Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) Key Information: Software Type: Plugin Software Slug: content-views-query-and-display-post-page Software Status: Active Software Author: pt-guy Software Downloads: 4,315,608 Active Installs: 100,000 Last Updated: May 10, 2024 Patched Versions: 3.7.1 Affected Versions: <= 3.7.0 Vulnerability Details: Name: Content…
Read MoreCollapse-O-Matic Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-7030| WordPress Plugin Vulnerability Report
Plugin Name: Collapse-O-Matic Key Information: Software Type: Plugin Software Slug: jquery-collapse-o-matic Software Status: Active Software Author: baden03 Software Downloads: 1,284,998 Active Installs: 50,000 Last Updated: May 9, 2024 Patched Versions: 1.8.5.6 Affected Versions: <= 1.8.5.5 Vulnerability Details: Name: Collapse-O-Matic <= 1.8.5.5 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2023-7030 CVSS Score:…
Read MoreExclusive Addons for Elementor Vulnerability – Multiple Stored XSS Vulnerabilities – Multiple CVEs | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 841,164 Active Installs: 60,000 Last Updated: May 6, 2024 Patched Versions: 2.6.9.5, 2.6.9.4 Affected Versions: <= 2.6.9.4, <= 2.6.9.3 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9.4 Title: Authenticated (Contributor+) Stored Cross-Site…
Read MoreElement Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Price List Widget – CVE-2024-1426 | WordPress Plugin Vulnerability Report
Plugin Name: Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Key Information: Software Type: Plugin Software Slug: bdthemes-element-pack-lite Software Status: Active Software Author: bdthemes Software Downloads: 2,072,488 Active Installs: 100,000 Last Updated: May 2, 2024 Patched Versions: 5.6.1 Affected Versions: <= 5.6.0 Vulnerability Details: Name: Element Pack Elementor Addons…
Read MoreContent Control Vulnerability – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More – Missing Authorization to Sensitive Information Exposure – CVE-2024-0615 | WordPress Plugin Vulnerability Report
Plugin Name: Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More Key Information: Software Type: Plugin Software Slug: content-control Software Status: Active Software Author: codeatlantic Software Downloads: 548,038 Active Installs: 40,000 Last Updated: April 29, 2024 Patched Versions: 2.2.0 Affected Versions: <= 2.1.0 Vulnerability Details: Name: Content Control <=…
Read MoreThe Events Calendar Vulnerability – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-31433 | WordPress Plugin Vulnerability Report
Plugin Name: The Events Calendar Key Information: Software Type: Plugin Software Slug: the-events-calendar Software Status: Active Software Author: theeventscalendar Software Downloads: 56,148,469 Active Installs: 700,000 Last Updated: April 22, 2024 Patched Versions: 6.3.1 Affected Versions: <= 6.3.0 Vulnerability Details: Name: The Events Calendar <= 6.3.0 Title: Cross-Site Request Forgery to Notice Dismissal Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE:…
Read More