WPC Smart Quick View for WooCommerce Vulnerability – Authenticated (Administrator+) Stored Cross-Site Scripting – CVE-2023-6494 | WordPress Plugin Vulnerability Report

Plugin Name: WPC Smart Quick View for WooCommerce Key Information: Software Type: Plugin Software Slug: woo-smart-quick-view Software Status: Active Software Author: wpclever Software Downloads: 1,038,524 Active Installs: 60,000 Last Updated: April 25, 2024 Patched Versions: 4.0.3 Affected Versions: <= 4.0.2 Vulnerability Details: Name: WPC Smart Quick View for WooCommerce <= 4.0.2 Title: Authenticated (Administrator+) Stored…

Read More

Best WordPress Gallery Plugin Vulnerability – FooGallery – Authenticated Stored Cross-Site Scripting – CVE-2024-2081 & CVE-2024-247 | WordPress Plugin Vulnerability Report

Plugin Name: Best WordPress Gallery Plugin – FooGallery Key Information: Software Type: Plugin Software Slug: foogallery Software Status: Active Software Author: bradvin Software Downloads: 4,914,021 Active Installs: 100,000 Last Updated: April 16, 2024 Patched Versions: 2.4.15 Affected Versions: <= 2.4.14 Vulnerability 1 Details: Name: FooGallery <= 2.4.14 Title: Authenticated (Author+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…

Read More

WordPress Tag and Category Manager Vulnerability – AI Autotagger – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-2830 | WordPress Plugin Vulnerability Report

Plugin Name: WordPress Tag and Category Manager – AI Autotagger Key Information: Software Type: Plugin Software Slug: simple-tags Software Status: Active Software Author: stevejburge Software Downloads: 4,604,554 Active Installs: 60,000 Last Updated: April 3, 2024 Patched Versions: 3.20.0 Affected Versions: <= 3.13.0 Vulnerability Details: Name: WordPress Tag and Category Manager – AI Autotagger <= 3.13.0…

Read More

Spectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Cross-Site Scripting via Custom CSS – CVE-2023-6486 | WordPress Plugin Vulnerability Report

Plugin Name: Spectra – WordPress Gutenberg Blocks Key Information Software Type: Plugin Software Slug: ultimate-addons-for-gutenberg Software Status: Active Software Author: brainstormforce Software Downloads: 20,112,321 Active Installs: 600,000 Last Updated: April 3, 2024 Patched Versions: 2.10.4 Affected Versions: <= 2.10.3 Vulnerability Details Name: Spectra – WordPress Gutenberg Blocks <= 2.10.3 Title: Authenticated(Contributor+) Cross-Site Scripting via Custom…

Read More

Template Kit – Import Vulnerability – Authenticated Stored Cross-Site Scripting via Template Upload – CVE-2024-2334 | WordPress Plugin Vulnerability Report

Plugin Name: Template Kit – Import Key Information: Software Type: Plugin Software Slug: template-kit-import Software Status: Active Software Author: Envato Software Downloads: 548,134 Active Installs: 100,000 Last Updated: April 2, 2024 Patched Versions: 1.0.15 Affected Versions: <= 1.0.14 Vulnerability Details: Name: Template Kit – Import <= 1.0.14 Title: Authenticated (Author+) Stored Cross-Site Scripting via Template…

Read More

MetForm Vulnerability – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor – Authenticated Stored Cross-Site Scripting via Widgets – CVE-2024-2791 | WordPress Plugin Vulnerability Report

Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author: XpeedStudio Software Downloads: 3,334,058 Active Installs: 300,000 Last Updated: April 4, 2024 Patched Versions: 3.8.6 Affected Versions: <= 3.8.5 Vulnerability Details: Name: Metform Elementor Contact Form Builder <=…

Read More

Gutenberg Block Editor Toolkit Vulnerability – EditorsKit – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2794 | WordPress Plugin Vulnerability Report

Plugin Name: Gutenberg Block Editor Toolkit – EditorsKit Key Information: Software Type: Plugin Software Slug: block-options Software Status: Active Software Author: munirkamal Software Downloads: 725,563 Active Installs: 30,000 Last Updated: April 1, 2024 Patched Versions: 1.40.5 Affected Versions: <= 1.40.4 Vulnerability Details: Name: Gutenberg Block Editor Toolkit – EditorsKit <= 1.40.4 Title: Authenticated (Contributor+) Stored…

Read More

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

Plugin Name: Easy Accordion – Best Accordion FAQ Plugin for WordPress Key Information: Software Type: Plugin Software Slug: easy-accordion-free Software Status: Active Software Author: shapedplugin Software Downloads: 735,064 Active Installs: 50,000 Last Updated: March 13, 2024 Patched Versions: 2.3.5 Affected Versions: <= 2.3.4 Vulnerability Details: Name: Easy Accordion <= 2.3.4 – Authenticated Stored Cross-Site Scripting…

Read More

WP Chat App Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes – CVE-2024-1761 |WordPress Plugin Vulnerability Report

Plugin Name: WP Chat App Key Information: Software Type: Plugin Software Slug: wp-whatsapp Software Status: Active Software Author: ninjateam Software Downloads: 880,497 Active Installs: 100,000 Last Updated: March 8, 2024 Patched Versions: 3.6.2 Affected Versions: <= 3.6.1 Vulnerability Details: Name: WP Chat App <= 3.6.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes Type:…

Read More

AI Engine Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-0378 | WordPress Plugin Vulnerability Report

Plugin Name: AI Engine Key Information: Software Type: Plugin Software Slug: ai-engine Software Status: Active Software Author: tigroumeow Software Downloads: 1,820,267 Active Installs: 60,000 Last Updated: March 1, 2024 Patched Versions: 2.2.1 Affected Versions: <= 2.2.0 Vulnerability Details: Name: AI Engine <= 2.2.0 Title: Unauthenticated Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE: CVE-2024-0378 CVSS Score: 6.5…

Read More