Software Vulnerability
Ninja Forms Contact Form Vulnerability– The Drag and Drop Form Builder for WordPress – Unauthenticated Second Order SQL Injection – CVE-2024-0685 | WordPress Plugin Vulnerability Report
Plugin Name: Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Key Information: Software Type: Plugin Software Slug: ninja-forms Software Status: Active Software Author: kstover Software Downloads: 42,568,387 Active Installs: 800,000 Last Updated: February 12, 2024 Patched Versions: 3.7.2 Affected Versions: <= 3.7.1 Vulnerability Details: Name: Ninja Forms Contact Form <=…
Read More
WordPress Plugin Vulnerability Report – Essential Addons for Elementor – Authenticated (Contributor+) Privilege Escalation
Plugin Name: Essential Addons for Elementor Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 55,164,924 Active Installs: 1,000,000 Last Updated: September 14, 2023 Patched Versions: 5.8.9 Affected Versions: <=5.8.8 Vulnerability Details: Name: Essential Addons for Elementor <= 5.8.8 – Authenticated (Contributor+) Privilege Escalation Type: Missing Authorization CVSS…
Read More
WordPress Plugin Vulnerability Report: Duplicate Post Page Menu & Custom Post Type – Missing Authorization to Post Duplication – CVE-2023-4792
Plugin Name: Duplicate Post Page Menu & Custom Post Type Key Information: Software Type: Plugin Software Slug: duplicate-post-page-menu-custom-post-type Software Status: Removed Software Author: inqsys Software Downloads: 300,152 Active Installs: 30,000 Last Updated: September 7, 2023 Patched Versions: 2.4.0 Affected Versions: <=2.3.1 Vulnerability Details: Name: Duplicate Post Page Menu & Custom Post Type <= 2.3.1 –…
Read More