TablePress – Tables in WordPress made easy Vulnerability – Authenticated (Author+) Server-Side Request Forgery via DNS Rebind – CVE-2024-4354 | WordPress Plugin Vulnerability Report

Plugin Name: TablePress – Tables in WordPress made easy Key Information: Software Type: Plugin Software Slug: tablepress Software Status: Active Software Author: tobiasbg Software Downloads: 15,366,391 Active Installs: 800,000 Last Updated: June 18, 2024 Patched Versions: 2.3.2 Affected Versions: <= 2.3.1 Vulnerability Details: Name: TablePress – Tables in WordPress made easy <= 2.3 Title: Authenticated…

Read More

Royal Elementor Addons and Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting, Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads – CVE-2024-4488, CVE-2024-4489 | WordPress Plugin Vulnerability Report

Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 5,750,699 Active Installs: 300,000 Last Updated: June 19, 2024 Patched Versions: 1.3.977 Affected Versions: <= 1.3.976 Vulnerability 1 Details: Name: Royal Elementor Addons and Templates <= 1.3.976 Title: Authenticated (Contributor+) Stored Cross-Site…

Read More

Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report

Plugin Name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Key Information: Software Type: Plugin Software Slug: optinmonster Software Status: Active Software Author: optinmonster Software Downloads: 103,821,350 Active Installs: 1,000,000 Last Updated: May 10, 2024 Patched Versions: 2.16.0 Affected Versions: <= 2.15.3 Vulnerability Details: Name: Popup Builder by OptinMonster…

Read More

Qi Addons For Elementor Vulnerability – Authenticated Stored Cross-Site Scripting via Countdown Widget – CVE-2024-3309 | WordPress Plugin Vulnerability Report

Plugin Name: Qi Addons For Elementor Key Information: Software Type: Plugin Software Slug: qi-addons-for-elementor Software Status: Active Software Author: qodeinteractive Software Downloads: 1,882,207 Active Installs: 200,000 Last Updated: May 10, 2024 Patched Versions: 1.7.1 Affected Versions: <= 1.7.0 Vulnerability Details: Name: Qi Addons For Elementor <= 1.7.0 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown…

Read More

Cornerstone Vulnerability – Reflected Cross-Site Scripting – CVE-2024-28002 | WordPress Plugin Vulnerability Report 

Plugin Name: Cornerstone Key Information: Software Type: Plugin Software Slug: cornerstone Software Status: Active Software Author: archetyped Software Downloads: 57,853 Active Installs: 60,000 Last Updated: May 10, 2024 Patched Versions: 0.8.1 Affected Versions: <= 0.8.0 Vulnerability Details: Name: Cornerstone <= 0.8.0 Title: Reflected Cross-Site Scripting (XSS) Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-28002 CVSS Score: 6.1 Publicly Published:…

Read More

Form Maker by 10Web Vulnerability – Mobile-Friendly Drag & Drop Contact Form Builder – Authenticated Stored Self-Based Cross-Site Scripting – CVE-2024-2258 | WordPress Plugin Vulnerability Report 

Plugin Name: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder Key Information: Software Type: Plugin Software Slug: form-maker Software Status: Active Software Author: 10web Software Downloads: 4,737,462 Active Installs: 50,000 Last Updated: May 13, 2024 Patched Versions: 1.15.25 Affected Versions: 1.15.24 Vulnerability Details: Name: Form Maker by 10Web <= 1.15.24 Title:…

Read More

Happy Addons for Elementor Vulnerability – Authenticated Stored Cross-Site Scripting via Calendly Widget – CVE-2024-3890 | WordPress Plugin Vulnerability Report 

Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,800,239 Active Installs: 400,000 Last Updated: May 10, 2024 Patched Versions: 3.10.7 Affected Versions: <= 3.10.6 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.6 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly…

Read More

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’ – CVE-2024-3647 | WordPress Plugin Vulnerability Report

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 31,878,013 Active Installs: 700,000 Last Updated: May 9, 2024 Patched Versions: 4.10.29 Affected Versions: <= 4.10.28 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.28 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’…

Read More

Database for Contact Form 7, WPforms, Elementor forms Vulnrability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-3715 | WordPress Plugin Vulnerability Report

Plugin Name: Database for Contact Form 7, WPforms, Elementor forms Key Information: Software Type: Plugin Software Slug: contact-form-entries Software Status: Active Software Author: crmperks Software Downloads: 661,856 Active Installs: 70,000 Last Updated: May 8, 2024 Patched Versions: 1.3.9 Affected Versions: <= 1.3.8 Vulnerability Details: Name: Database for Contact Form 7, WPforms, Elementor forms <= 1.3.8…

Read More

Rank Math SEO with AI Best SEO Tools Vulnerability – Authenticated Stored Cross-Site Scripting via ‘titleWrapper’ – CVE-2024-3665 | WordPress Plugin Vulnerability Report

Plugin Name: Rank Math SEO with AI Best SEO Tools Key Information: Software Type: Plugin Software Slug: seo-by-rank-math Software Status: Active Software Author: rankmath Software Downloads: 94,115,243 Active Installs: 2,000,000 Last Updated: May 6, 2024 Patched Versions: 1.0.217 Affected Versions: <= 1.0.216 Vulnerability Details: Name: Rank Math SEO with AI SEO Tools <= 1.0.216 Title:…

Read More