wpDataTables Vulnerability – Missing Authorization to DataTable Access & Modification – CVE-2024-3821 | WordPress Plugin Vulnerability Report

Plugin Name: wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin Key Information: Software Type: Plugin Software Slug: wpdatatables Software Status: Active Software Author: wpdatatables Software Downloads: 1,479,590 Active Installs: 70,000 Last Updated: June 12, 2024 Patched Versions: 6.4 Affected Versions: <= 6.3.2 Vulnerability Details: Name: wpDataTables – Tables & Table Charts (Premium)…

Read More

Password Protected Vulnerability – Missing Authorization to Sensitive Information Exposure – CVE-2024-0437 | WordPress Plugin Vulnerability Report

Plugin Name: Password Protected Key Information: Software Type: Plugin Software Slug: password-protected Software Status: Active Software Author: wpexpertsio Software Downloads: 4,907,933 Active Installs: 400,000 Last Updated: May 14, 2024 Patched Versions: 2.6.7 Affected Versions: <= 2.6.6 Vulnerability Details: Name: Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease <= 2.6.6 -…

Read More

WP Show Posts Vulnerability – Improper Authorization to Information Exposure – CVE-2023-6731 | WordPress Plugin Vulnerability Report

Plugin Name: WP Show Posts Key Information: Software Type: Plugin Software Slug: wp-show-posts Software Status: Active Software Author: edge22 Software Downloads: 534,403 Active Installs: 90,000 Last Updated: April 25, 2024 Patched Versions: 1.1.6 Affected Versions: <= 1.1.5 Vulnerability Details: Name: WP Show Posts <= 1.1.5 Title: Improper Authorization to Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2023-6731…

Read More

Clone Vulnerability – Missing Authorization – CVE-2024-31435 | WordPress Plugin Vulnerability Report

Plugin Name: Clone Key Information: Software Type: Plugin Software Slug: wp-clone-by-wp-academy Software Status: Active Software Author: migrate Software Downloads: 3,222,101 Active Installs: 80,000 Last Updated: April 24, 2024 Patched Versions: 2.4.4 Affected Versions: <= 2.4.3 Vulnerability Details: Name: Inisev Analyst Module <= 2.4.3 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-31435 CVSS Score: 4.3 Publicly Published:…

Read More

Image Watermark Vulnerability – Missing Authorization to Authenticated (Subscriber+) Watermark Modification – CVE-2024-1994 | WordPress Plugin Vulnerability Report

Plugin Name: Image Watermark Key Information: Software Type: Plugin Software Slug: image-watermark Software Status: Active Software Author: dfactory Software Downloads: 842,453 Active Installs: 50,000 Last Updated: April 10, 2024 Patched Versions: 1.7.4 Affected Versions: <= 1.7.3 Vulnerability Details: Name: Image Watermark <= 1.7.3 Title: Missing Authorization to Authenticated (Subscriber+) Watermark Modification Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2024-1994…

Read More

Download Manager Vulnerability- Missing Authorization – CVE-2023-6785 | WordPress Plugin Vulnerability Report

Plugin Name: Download Manager Key Information: Software Type: Plugin Software Slug: download-manager Software Status: Active Software Author: codename065 Software Downloads: 8,301,669 Active Installs: 100,000 Last Updated: March 1, 2024 Patched Versions: 3.2.85 Affected Versions: <=3.2.84 Vulnerability Details: Name: Download Manager <= 3.2.84 Title: Missing Authorization Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2023-6785 CVSS Score: 5.3 Publicly Published: February…

Read More

WP Dashboard Notes Vulnerability- Missing Authorization to Arbitrary Private Notes Update – CVE-2023-7239 |WordPress Plugin Vulnerability Report

Plugin Name: WP Dashboard Notes Key Information: Software Type: Plugin Software Slug: wp-dashboard-notes Software Status: Active Software Author: sormano Software Downloads: 176,276 Active Installs: 30,000 Last Updated: January 30, 2024 Patched Versions: 1.0.10 Affected Versions: <= 1.0.10 Vulnerability Details: Name: WP Dashboard Notes <= 1.0.10 Title: Missing Authorization to Arbitrary Private Notes Update Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N…

Read More

Ninja Tables Vulnerability – Missing Authorization – CVE-2024-23504 | WordPress Plugin Vulnerability Report

Plugin Name: Ninja Tables Key Information: Software Type: Plugin Software Slug: ninja-tables Software Status: Active Software Author: techjewel Software Downloads: 1,636,926 Active Installs: 80,000 Last Updated: January 19, 2024 Patched Versions: 5.0.6 Affected Versions: <= 5.0.5 Vulnerability Details: Name: Ninja Tables <= 5.0.5 – Missing Authorization Title: Missing Authorization Type: Missing Authorization CVE: CVE-2024-23504 CVSS Score: 5.3 (Medium) Publicly Published: January 19, 2024 Researcher: emad Description: The Ninja Tables plugin for WordPress…

Read More

SpeedyCache Vulnerability – Missing Authorization to Plugin Options Update – CVE-2023-6598 | WordPress Plugin Vulnerability Report

Plugin Name: SpeedyCache Key Information: Software Type: Plugin Software Slug: speedycache Software Status: Active Software Author: softaculous Software Downloads: 861,450 Active Installs: 100,000 Last Updated: December 16, 2023 Patched Versions: 1.1.4 Affected Versions: <= 1.1.3 Vulnerability Details: Name: SpeedyCache <= 1.1.3 – Missing Authorization to Plugin Options Update Type: Missing Authorization CVE: CVE-2023-6598 CVSS Score: 4.3 (Medium) Publicly Published: December 16, 2023 Researcher: Lucio Sá Description: The SpeedyCache plugin for WordPress…

Read More