small business website
Elementor Header & Footer Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget – CVE-2024-5757 | WordPress Plugin Vulnerability Report
Plugin Name:Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author: brainstormforce Software Downloads: 29,757,187 Active Installs: 2,000,000 Last Updated: July 2, 2024 Patched Versions: 1.6.36 Affected Versions: <= 1.6.35 Vulnerability Details: Name: Elementor Header & Footer Builder <= 1.6.35 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via…
Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5189 | WordPress Plugin Vulnerability Report
Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 76,299,572 Active Installs: 2,000,000 Last Updated: July 2, 2024 Patched Versions: 5.9.24 Affected Versions: <= 5.9.23 Vulnerability Details: Name: Essential Addons for Elementor –…
Post SMTP Vulnerability – Authenticated (Administrator+) SQL Injection – CVE-2024-5207 | WordPress Plugin Vulnerability Report
Plugin Name: Post SMTP Key Information: Software Type: Plugin Software Slug: post-smtp Software Status: Active Software Author: wpexpertsio Software Downloads: 12,562,258 Active Installs: 400,000 Last Updated: May 22, 2024 Patched Versions: 2.9.4 Affected Versions: <=2.9.3 Vulnerability Details: Name: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3…
Contact Form Plugin Vulnerability – PHP Object Injection via extractDynamicValues – CVE-2024-4157 | WordPress Plugin Vulnerability Report
Plugin Name: Contact Form Plugin Key Information: Software Type: Plugin Software Slug: fluentform Software Status: Active Software Author: techjewel Software Downloads: 7,048,138 Active Installs: 400,000 Last Updated: May 21, 2024 Patched Versions: 5.1.16 Affected Versions: <= 5.1.15 Vulnerability Details: Name: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form…
Happy Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5088, CVE-2024-4865 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,974,697 Active Installs: 400,000 Last Updated: May 17, 2024 Patched Versions: 3.10.9 Affected Versions: <= 3.10.8 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.8 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…
Rank Math SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4617 | WordPress Plugin Vulnerability Report
Plugin Name: Rank Math SEO Key Information: Software Type: Plugin Software Slug: seo-by-rank-math Software Status: Active Software Author: rankmath Software Downloads: 95,765,382 Active Installs: 2,000,000 Last Updated: May 15, 2024 Patched Versions: 1.0.219-beta Affected Versions: <= 1.0.218 Vulnerability Details: Name: Rank Math SEO with AI Best SEO Tools <= 1.0.218 – Authenticated (Contributor+) Stored Cross-Site…
Sydney Toolbox Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via aThemes: Portfolio Widget – CVE-2024-4473 | WordPress Plugin Vulnerability Report
Plugin Name: Sydney Toolbox Key Information: Software Type: Plugin Software Slug: sydney-toolbox Software Status: Active Software Author: athemes Software Downloads: 2,286,558 Active Installs: 80,000 Last Updated: May 13, 2024 Patched Versions: 1.32 Affected Versions: <= 1.31 Vulnerability Details: Name: Sydney Toolbox <= 1.31 – Authenticated (Contributor+) Stored Cross-Site Scripting via aThemes: Portfolio Widget Type: Improper…
Easy Digital Downloads Vulnerability – Cross-Site Request Forgery – CVE-2024-31113 | WordPress Plugin Vulnerability Report
Plugin Name: Easy Digital Downloads Key Information: Software Type: Plugin Software Slug: easy-digital-downloads Software Status: Active Software Author: smub Software Downloads: 4,985,103 Active Installs: 50,000 Last Updated: May 9, 2024 Patched Versions: 3.2.12 Affected Versions: <= 3.2.11 Vulnerability Details: Name: Easy Digital Downloads <= 3.2.11 – Cross-Site Request Forgery Type: Cross-Site Request Forgery (CSRF) CVE:…
WP ULike Vulnerability– Most Advanced WordPress Marketing Toolkit – Multiple Vulnerabilities – Multiple CVEs | WordPress Plugin Vulnerability Report
Plugin Name: WP ULike – Most Advanced WordPress Marketing Toolkit Key Information: Software Type: Plugin Software Slug: wp-ulike Software Status: Active Software Author: alimir Software Downloads: 1,709,226 Active Installs: 80,000 Last Updated: May 10, 2024 Patched Versions: 4.7.0 Affected Versions: <= 4.6.9 Vulnerability Details: Name: WP ULike <= 4.6.9 Title: Authenticated (Subscriber+) Stored Cross-Site Scripting…
Ocean Extra Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3167 | WordPress Plugin Vulnerability Report
Plugin Name: Ocean Extra Key Information: Software Type: Plugin Software Slug: ocean-extra Software Status: Active Software Author: oceanwp Software Downloads: 20,664,296 Active Installs: 700,000 Last Updated: April 16, 2024 Patched Versions: 2.2.7 Affected Versions: <= 2.2.6 Vulnerability Details: Name: Ocean Extra <= 2.2.6 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-3167 CVSS Score:…