WordPress Maintenance
WP Reset – Most Advanced WordPress Reset Tool Vulnerability – Missing Authorization to License Key Modification – CVE-2024-4661 | WordPress Plugin Vulnerability Report
Plugin Name: WP Reset – Most Advanced WordPress Reset Tool Key Information: Software Type: Plugin Software Slug: wp-reset Software Status: Active Software Author: webfactory Software Downloads: 7,859,387 Active Installs: 300,000 Last Updated: June 20, 2024 Patched Versions: 2.03 Affected Versions: <= 2.01 Vulnerability Details: Name: WP Reset <= 2.02 Title: Missing Authorization to License Key…
Strong Testimonials Vulnerability – Authenticated(Contributor+) Improper Authorization to Views Modification – CVE-2023-6491 | WordPress Plugin Vulnerability Report
Plugin Name: Strong Testimonials Key Information: Software Type: Plugin Software Slug: strong-testimonials Software Status: Active Software Author: wpchill Software Downloads: 3,337,363 Active Installs: 100,000 Last Updated: June 18, 2024 Patched Versions: 3.1.13 Affected Versions: <= 3.1.12 Vulnerability Details: Name: Strong Testimonials <= 3.1.12 Title: Authenticated(Contributor+) Improper Authorization to Views Modification Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE: CVE-2023-6491 CVSS…
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Vulnerability – Authenticated (Contributor+) Information Exposure, Blind SQL Injection – CVE-2024-35674, CVE-2024-5329 | WordPress Plugin Vulnerability Report
Plugin Name: Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Key Information: Software Type: Plugin Software Slug: unlimited-elements-for-elementor Software Status: Active Software Author: unitecms Software Downloads: 8,821,358 Active Installs: 200,000 Last Updated: June 20, 2024 Patched Versions: 1.5.110 Affected Versions: <= 1.5.109 Vulnerability 1 Details: Name: Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <=…
Advanced iFrame Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4365 | WordPress Plugin Vulnerability Report
Plugin Name: Advanced iFrame Key Information: Software Type: Plugin Software Slug: advanced-iframe Software Status: Active Software Author: mdempfle Software Downloads: 1,950,020 Active Installs: 60,000 Last Updated: May 22, 2024 Patched Versions: 2024.4 Affected Versions: <= 2024.3 Vulnerability Details: Name: Advanced iFrame <= 2024.3 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During…
Post SMTP Vulnerability – Authenticated (Administrator+) SQL Injection – CVE-2024-5207 | WordPress Plugin Vulnerability Report
Plugin Name: Post SMTP Key Information: Software Type: Plugin Software Slug: post-smtp Software Status: Active Software Author: wpexpertsio Software Downloads: 12,562,258 Active Installs: 400,000 Last Updated: May 22, 2024 Patched Versions: 2.9.4 Affected Versions: <=2.9.3 Vulnerability Details: Name: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3…
WP Table Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4700 | WordPress Plugin Vulnerability Report
Plugin Name: WP Table Builder Key Information: Software Type: Plugin Software Slug: wp-table-builder Software Status: Active Software Author: wptb Software Downloads: 60,000 Active Installs: 1,060,392 Last Updated: May 20, 2024 Patched Versions: 1.4.15 Affected Versions: <= 1.4.14 Vulnerability Details: Name: WP Table Builder – WordPress Table Plugin <= 1.4.14 – Authenticated (Contributor+) Stored Cross-Site Scripting…
Jetpack Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via wpvideo Shortcode – CVE-2024-4392 | WordPress Plugin Vulnerability Report
Plugin Name: Jetpack Key Information: Software Type: Plugin Software Slug: jetpack Software Status: Active Software Author: automattic Software Downloads: 407,764,904 Active Installs: 4,000,000 Last Updated: May 13, 2024 Patched Versions: 13.4 Affected Versions: <= 13.3.1 Vulnerability Details: Name: Jetpack – WP Security, Backup, Speed, & Growth <= 13.3.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via…
The Post Grid Vulnerability – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid – Missing Authorization – CVE-2024-3936 | WordPress Plugin Vulnerability Report
Plugin Name: The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Key Information: Software Type: Plugin Software Slug: the-post-grid Software Status: Active Software Author: techlabpro1 Software Downloads: 1,704,748 Active Installs: 90,000 Last Updated: May 10, 2024 Patched Versions: 7.7.0 Affected Versions: <= 7.6.1 Vulnerability Details: Name: The Post Grid – Shortcode,…
Jeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget – CVE-2024-3161 | WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,207,029 Active Installs: 200,000 Last Updated: May 10, 2024 Patched Versions: 2.6.5 Affected Versions: <= 2.6.4 Vulnerability Details: Name: Jeg Elementor Kit <= 2.6.4 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget Type:…
Exclusive Addons for Elementor Vulnerability – Missing Authorization to Post Duplication – CVE-2024-33914 | WordPress Plugin Vulnerability Report
Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 859,237 Active Installs: 60,000 Last Updated: May 13, 2024 Patched Versions: 2.6.9.2 Affected Versions: <= 2.6.9.1 Vulnerability Details: Name: Exclusive Addons Elementor <= 2.6.9.1 Title: Missing Authorization to Post Duplication Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVE:…