WordPress for business

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’ – CVE-2024-3647 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 24, 2024

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 31,878,013 Active Installs: 700,000 Last Updated: May 9, 2024 Patched Versions: 4.10.29 Affected Versions: <= 4.10.28 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.28 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via ‘arrow_style’…

Read More

Carousel Slider Vulnerability – Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2024-3703 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 12, 2024

Plugin Name: Carousel Slider Key Information: Software Type: Plugin Software Slug: carousel-slider Software Status: Active Software Author: sayful Software Downloads: 908,916 Active Installs: 40,000 Last Updated: April 25, 2024 Patched Versions: 2.2.10 Affected Versions: <= 2.2.9 Vulnerability Details: Name: Carousel Slider <= 2.2.9 Title: Authenticated (Editor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-3703 CVSS Score:…

Read More

BEAR Vulnerability – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-31430 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net Key Information: Software Type: Plugin Software Slug: woo-bulk-editor Software Status: Active Software Author: realmag777 Software Downloads: 580,051 Active Installs: 30,000 Last Updated: April 25, 2024 Patched Versions: 1.1.4.2 Affected Versions: <= 1.1.4.1 Vulnerability Details: Name: BEAR <= 1.1.4.1 Title: Cross-Site Request…

Read More

Database for Contact Form 7, WPforms, Elementor forms Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-2030 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 6, 2024

Plugin Name: Database for Contact Form 7, WPforms, Elementor forms Key Information: Software Type: Plugin Software Slug: contact-form-entries Software Status: Active Software Author: crmperks Software Downloads: 537,257 Active Installs: 60,000 Last Updated: March 8, 2024 Patched Versions: 1.3.4 Affected Versions: <= 1.3.3 Vulnerability Details: Name: Database for Contact Form 7, WPforms, Elementor forms <= 1.3.3…

Read More