Website Protection
WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report
Plugin Name: WP Statistics Key Information: Software Type: Plugin Software Slug: wp-statistics Software Status: Active Software Author: mostafas1990 Software Downloads: 22,569,004 Active Installs: 600,000 Last Updated: March 13, 2024 Patched Versions: 14.5.1 Affected Versions: <= 14.5 Vulnerability Details: Name: WP Statistics <= 14.5 Title: Unauthenticated Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-2194 CVSS Score: 7.2…
Page Builder: Pagelayer Vulnerability– Drag and Drop website builder – Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes – CVE-2024-2127 |WordPress Plugin Vulnerability Report
Plugin Name: Page Builder: Pagelayer – Drag and Drop website builder Key Information: Software Type: Plugin Software Slug: pagelayer Software Status: Active Software Author: softaculous Software Downloads: 5,791,472 Active Installs: 200,000 Last Updated: March 12, 2024 Patched Versions: 1.8.4 Affected Versions: <= 1.8.3 Vulnerability Details: Name: Page Builder: Pagelayer – Drag and Drop website builder…
WP Chat App Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes – CVE-2024-1761 |WordPress Plugin Vulnerability Report
Plugin Name: WP Chat App Key Information: Software Type: Plugin Software Slug: wp-whatsapp Software Status: Active Software Author: ninjateam Software Downloads: 880,497 Active Installs: 100,000 Last Updated: March 8, 2024 Patched Versions: 3.6.2 Affected Versions: <= 3.6.1 Vulnerability Details: Name: WP Chat App <= 3.6.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes Type:…
Royal Elementor Addons and Templates – Authenticated (Contributor+) Stored Cross-Site Scripting via Logo Widget – CVE-2024-1500 | WordPress Plugin Vulnerability Report
Plugin Name: Royal Elementor Addons and Templates Key Information: Software Type: Plugin Software Slug: royal-elementor-addons Software Status: Active Software Author: wproyal Software Downloads: 4,248,687 Active Installs: 300,000 Last Updated: March 8, 2024 Patched Versions: Information not provided Affected Versions: <= 1.3.91 Vulnerability Details: Name: Royal Elementor Addons and Templates <= 1.3.91 Title: Authenticated (Contributor+) Stored…
Prime Slider Addons For Elementor Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting via Fiestar Widget – CVE-2024-1506 |WordPress Plugin Vulnerability Report
Plugin Name: Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) Key Information: Software Type: Plugin Software Slug: bdthemes-prime-slider-lite Software Status: Active Software Author: bdthemes Software Downloads: 1,987,618 Active Installs: 100,000 Last Updated: March 8, 2024 Patched Versions: 3.13.2 Affected Versions: <= 3.13.1 Vulnerability Details: Name: Prime Slider – Addons…
Simple Membership Vulnerability- Unauthenticated Stored Self-Based Cross-Site Scripting – CVE-2024-1985 |WordPress Plugin Vulnerability Report
Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,421,375 Active Installs: 50,000 Last Updated: March 7, 2024 Patched Versions: 4.4.3 Affected Versions: <= 4.4.2 Vulnerability Details: Name: Simple Membership <= 4.4.2 Title: Unauthenticated Stored Self-Based Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-1985 CVSS Score:…
Contact Form Plugin by Fluent Forms Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6957 | WordPress Plugin Vulnerability Report
Plugin Name: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder Key Information: Software Type: Plugin Software Slug: fluentform Software Status: Active Software Author: techjewel Software Downloads: 5,973,827 Active Installs: 400,000 Last Updated: March 7, 2024 Patched Versions: 5.1.10 Affected Versions: <= 5.1.9 Vulnerability Details: Name: Fluent Forms…
File Manager Vulnerability- Directory Traversal – CVE-2023-6825 | WordPress Plugin Vulnerability Report
Plugin Name: File Manager Key Information: Software Type: Plugin Software Slug: wp-file-manager Software Status: Active Software Author: mndpsingh287 Software Downloads: 20,544,237 Active Installs: 1,000,000 Last Updated: March 7, 2024 Patched Versions: 7.2.2 Affected Versions: <= 7.2.1 Vulnerability Details: Name: File Manager And File Manager Pro (Multiple Versions) Type: Directory Traversal CVE: CVE-2023-6825 CVSS Score: 9.9…
Essential Blocks Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1854 | WordPress Plugin Vulnerability Report
Plugin Name: Essential Blocks Key Information: Software Type: Plugin Software Slug: essential-blocks Software Status: Active Software Author: wpdevteam Software Downloads: 2,615,695 Active Installs: 100,000 Last Updated: February 28, 2024 Patched Versions: <= 4.5.1 Affected Versions: 4.5.2 Vulnerability Details: Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.1 Title: Authenticated (Contributor+) Stored…
WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1808 | WordPress Plugin Vulnerability Report
Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,807,873 Active Installs: 600,000 Last Updated: February 28, 2024 Patched Versions: 7.0.4 Affected Versions: <= 7.0.3 Vulnerability Details: Name: WP Shortcodes Plugin – Shortcodes Ultimate <= 7.0.3 Title: Authenticated (Contributor+) Stored…