BetterDocs Vulnerability – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer for Elementor & Gutenberg – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-2845 | WordPress Plugin Vulnerability Report

Plugin Name: BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer for Elementor & Gutenberg Key Information: Software Type: Plugin Software Slug: betterdocs Software Status: Active Software Author: wpdevteam Software Downloads: 1,219,559 Active Installs: 30,000 Last Updated: March 26, 2024 Patched Versions: 3.5.0 Affected Versions: <= 3.4.2 Vulnerability Details:…

Read More

Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url – CVE-2024-1812 | WordPress Plugin Vulnerability Report

Plugin Name: Everest Forms – Build Contact Forms, Surveys, Polls, Quizzes, Newsletter & Application Forms, and Many More with Ease! Key Information: Software Type: Plugin Software Slug: everest-forms Software Status: Active Software Author: wpeverest Software Downloads: 5,605,349 Active Installs: 100,000 Last Updated: March 19, 2024 Patched Versions: 2.0.8 Affected Versions: <= 2.0.7 Vulnerability Details: Name:…

Read More

SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1723 | WordPress Plugin Vulnerability Report

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 38,486,908 Active Installs: 600,000 Last Updated: March 7, 2024 Patched Versions: 1.58.8 Affected Versions: <= 1.58.7 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.58.7 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1723…

Read More

Happy Addons for Elementor Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0438 |WordPress Plugin Vulnerability Report

Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 5,986,507 Active Installs: 400,000 Last Updated: February 27, 2024 Patched Versions: 3.10.2 Affected Versions: <= 3.10.1 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More

Bold Page Builder Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Link – CVE-2024-1160 |WordPress Plugin Vulnerability Report

Plugin Name: Bold Page Builder Key Information: Software Type: Plugin Software Slug: bold-page-builder Software Status: Active Software Author: boldthemes Software Downloads: 1,662,907 Active Installs: 50,000 Last Updated: February 27, 2024 Patched Versions: 4.8.1 Affected Versions: <= 4.8.0 Vulnerability Details: Name: Bold Page Builder <= 4.8.0 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Link Type:…

Read More

Essential Addons for Elementor Vulnerability– Best Elementor Templates, Widgets, Kits & WooCommerce Builders – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0954 | WordPress Plugin Vulnerability Report

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 66,002,609 Active Installs: 2,000,000 Last Updated: February 12, 2024 Patched Versions: 5.9.8 Affected Versions: <= 5.9.7 Vulnerability Details: Name: Essential Addons for Elementor –…

Read More

SiteOrigin Widgets Bundle Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0961 |WordPress Plugin Vulnerability Report

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 37,152,267 Active Installs: 600,000 Last Updated: February 1, 2024 Patched Versions: 1.58.2 Affected Versions: <= 1.58.1 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.58.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-0961…

Read More