Rank Math SEO with AI Best SEO Tools Vulnerability – Authenticated Stored Cross-Site Scripting via ‘titleWrapper’ – CVE-2024-3665 | WordPress Plugin Vulnerability Report

Plugin Name: Rank Math SEO with AI Best SEO Tools Key Information: Software Type: Plugin Software Slug: seo-by-rank-math Software Status: Active Software Author: rankmath Software Downloads: 94,115,243 Active Installs: 2,000,000 Last Updated: May 6, 2024 Patched Versions: 1.0.217 Affected Versions: <= 1.0.216 Vulnerability Details: Name: Rank Math SEO with AI SEO Tools <= 1.0.216 Title:…

Read More

Otter Blocks Vulnerability – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE – Authenticated Stored Cross-Site Scripting via ‘titleTag’ – CVE-2024-3725 | WordPress Plugin Vulnerability Report

Plugin Name: Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE Key Information: Software Type: Plugin Software Slug: otter-blocks Software Status: Active Software Author: themeisle Software Downloads: 7,631,372 Active Installs: 300,000 Last Updated: April 25, 2024 Patched Versions: 2.6.10 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Otter Blocks <= 2.6.9 Title: Authenticated…

Read More

Genesis Blocks – Authenticated Stored Cross-Site Scripting via Block Content – CVE-2024-1946 | WordPress Plugin Vulnerability Report 

Plugin Name: Genesis Blocks Key Information: Software Type: Plugin Software Slug: genesis-blocks Software Status: Active Software Author: StudioPress Software Downloads: 1,333,603 Active Installs: 100,000 Last Updated: April 2, 2024 Patched Versions: 3.1.3 Affected Versions: <= 3.1.2 Vulnerability Details: Name: Genesis Blocks <= 3.1.2 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Content Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE:…

Read More

Media Library Assistant Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via mla_gallery Shortcode – CVE-2024-2475 |WordPress Plugin Vulnerability Report 

Plugin Name: Media Library Assistant Key Information: Software Type: Plugin Software Slug: media-library-assistant Software Status: Active Software Author: dglingren Software Downloads: 1,901,312 Active Installs: 70,000 Last Updated: April 1, 2024 Patched Versions: 3.14 Affected Versions: <= 3.13 Vulnerability Details: Name: Media Library Assistant <= 3.13 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via mla_gallery Shortcode Type:…

Read More

Otter Blocks Vulnerability – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2841 | WordPress Plugin Vulnerability Report

Plugin Name: Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE Key Information: Software Type: Plugin Software Slug: otter-blocks Software Status: Active Software Author: themeisle Software Downloads: 7,072,421 Active Installs: 300,000 Last Updated: April 1, 2024 Patched Versions: 2.6.6 Affected Versions: <= 2.6.5 Vulnerability Details: Name: Otter Blocks – Gutenberg Blocks, Page…

Read More

Essential Blocks Vulnerability – Page Builder Gutenberg Blocks, Patterns & Templates – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2255 |WordPress Plugin Vulnerability Report

Plugin Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates Key Information: Software Type: Plugin Software Slug: essential-blocks Software Status: Active Software Author: wpdevteam Software Downloads: 2,747,397 Active Installs: 100,000 Last Updated: March 19, 2024 Patched Versions: 4.5.4 Affected Versions: <= 4.5.2 Vulnerability Details: Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns…

Read More

GiveWP Vulnerability– Donation Plugin and Fundraising Platform – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1424 | WordPress Plugin Vulnerability Report

Plugin Name: GiveWP – Donation Plugin and Fundraising Platform Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 6,822,276 Active Installs: 100,000 Last Updated: March 19, 2024 Patched Versions: 3.6.0 Affected Versions: <= 3.5.1 Vulnerability Details: Name: GiveWP – Donation Plugin and Fundraising Platform <= 3.5.1 Title: Authenticated…

Read More

Elementor Addons by Livemesh Vulnerability – Authenticated Stored Cross-Site Scripting via Posts Multislider Widget – CVE-2024-1466 | WordPress Plugin Vulnerability Report 

Plugin Name: Elementor Addons by Livemesh Key Information: Software Type: Plugin Software Slug: addons-for-elementor Software Status: Active Software Author: livemesh Software Downloads: 3,775,245 Active Installs: 70,000 Last Updated: March 14, 2024 Patched Versions: 8.3.6 Affected Versions: <= 8.3.4 Vulnerability Details: Name: Elementor Addons by Livemesh <= 8.3.4 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Posts…

Read More

 Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report 

Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software Downloads: 2,440,741 Active Installs: 100,000 Last Updated: March 13, 2024 Patched Versions: 1.0.263 Affected Versions: <= 1.0.260 Vulnerability Details: Name: Colibri Page Builder <= 1.0.260 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-1870 CVSS Score: 4.3…

Read More

Visual Composer Vulnerability – Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2023-6880 | WordPress Plugin Vulnerability Report

Plugin Name: Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages Key Information: Software Type: Plugin Software Slug: visualcomposer Software Status: Active Software Author: visualcomposer Software Downloads: 2,579,334 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: <= 45.6.0 Affected Versions: 45.7.0 Vulnerability Details: Name: Visual Composer…

Read More