Posts Tagged ‘Website Maintenance’
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability – Unauthenticated Double-Extension Arbitrary File Upload – CVE-2023-0714 | WordPress Plugin Vulnerability Report
Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author: xpeedstudio Software Downloads: 3,995,704 Active Installs: 400,000 Last Updated: August 19, 2024 Patched Versions: 3.3.0 Affected Versions: <= 3.2.4 Vulnerability Details: Name: Metform Elementor Contact Form Builder <=…
Read MoreSlider & Popup Builder by Depicter Vulnerability – Authenticated (Contributor+) Arbitrary File Upload – CVE-2024-4389 | WordPress Plugin Vulnerability Report
Plugin Name: Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel Key Information: Software Type: Plugin Software Slug: depicter Software Status: Active Software Author: averta Software Downloads: 1,314,164 Active Installs: 100,000 Last Updated: August 19, 2024 Patched Versions: 3.1.2 Affected Versions: <=…
Read MoreMedia Library Assistant Vulnerability- Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action – CVE-2024-6823 | WordPress Plugin Vulnerability Report
Plugin Name: Media Library Assistant Key Information: Software Type: Plugin Software Slug: media-library-assistant Software Status: Active Software Author: dglingren Software Downloads: 2,044,116 Active Installs: 70,000 Last Updated: August 18, 2024 Patched Versions: 3.19 Affected Versions: <= 3.18 Vulnerability Details: Name: Media Library Assistant <= 3.18 Title: Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action…
Read MoreFile Manager Vulnerability – Missing Authorization – CVE-2024-37254 | WordPress Plugin Vulnerability Report
Plugin Name: File Manager Key Information: Software Type: Plugin Software Slug: wp-file-manager Software Status: Active Software Author: mndpsingh287 Software Downloads: 24,013,163 Active Installs: 1,000,000 Last Updated: July 19, 2024 Patched Versions: 7.2.8 Affected Versions: <= 7.2.7 Vulnerability Details: Name: File Manager <= 7.2.7 Type: Missing Authorization CVE: CVE-2024-37254 CVSS Score: 4.3 Publicly Published: June 27,…
Read MoreJeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs and JKit – Accordion Widgets – CVE-2024-4479 | WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,393,902 Active Installs: 200,000 Last Updated: July 2, 2024 Patched Versions: 2.6.6 Affected Versions: <= 2.6.5 Vulnerability Details: Name: Jeg Elementor Kit <= 2.6.5 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs…
Read MoreSimple Sitemap Vulnerability – Cross-Site Request Forgery via admin_notices – CVE-2023-6492 | WordPress Plugin Vulnerability Report
Plugin Name: Simple Sitemap – Create a Responsive HTML Sitemap Key Information: Software Type: Plugin Software Slug: simple-sitemap Software Status: Active Software Author: dgwyer Software Downloads: 1,541,369 Active Installs: 90,000 Last Updated: July 2, 2024 Patched Versions: 3.5.14 Affected Versions: <= 3.5.13 Vulnerability Details: Name: Simple Sitemap <= 3.5.13 Title: Cross-Site Request Forgery via admin_notices…
Read MorePowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget – CVE-2024-5787 | WordPress Plugin Vulnerability Report
Plugin Name:PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status: Active Software Author: ideaboxcreations Software Downloads: 2,434,102 Active Installs: 100,000 Last Updated: July 2, 2024 Patched Versions: 2.7.21 Affected Versions: <= 2.7.20 Vulnerability Details: Name: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <=…
Read MoreWP Go Maps (formerly WP Google Maps) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5994 | WordPress Plugin Vulnerability Report
Plugin Name:WP Go Maps (formerly WP Google Maps) Key Information: Software Type: Plugin Software Slug: wp-google-maps Software Status: Active Software Author: wpgmaps Software Downloads: 23,828,563 Active Installs: 300,000 Last Updated: July 2, 2024 Patched Versions: 9.0.39 Affected Versions: <= 9.0.38 Vulnerability Details: Name: WP Go Maps (formerly WP Google Maps) <= 9.0.38 Title: Authenticated (Contributor+)…
Read MoreGutenberg Blocks with AI by Kadence WP – Page Builder Features Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter – CVE-2024-4863 | WordPress Plugin Vulnerability Report
Plugin Name:Gutenberg Blocks with AI by Kadence WP – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks Software Status: Active Software Author: britner Software Downloads: 20,652,980 Active Installs: 400,000 Last Updated: July 2, 2024 Patched Versions: 3.2.39 Affected Versions: <= 3.2.38 Vulnerability Details: Name: Gutenberg Blocks by Kadence Blocks – Page Builder…
Read MoreEasy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Vulnerability – Exposure of Sensitive Information via the UI – CVE-2024-3073 | WordPress Plugin Vulnerability Report
Plugin Name:Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Key Information: Software Type: Plugin Software Slug: easy-wp-smtp Software Status: Active Software Author: smub Software Downloads: 9,862,613 Active Installs: 600,000 Last Updated: July 2, 2024 Patched Versions: 2.3.1 Affected Versions: <= 2.3.0 Vulnerability Details: Name: Easy WP SMTP by SendLayer <= 2.3.0…
Read More