WordPress Plugin Safety
Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report
Plugin Name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Key Information: Software Type: Plugin Software Slug: optinmonster Software Status: Active Software Author: optinmonster Software Downloads: 103,821,350 Active Installs: 1,000,000 Last Updated: May 10, 2024 Patched Versions: 2.16.0 Affected Versions: <= 2.15.3 Vulnerability Details: Name: Popup Builder by OptinMonster…
Read MoreGiveWP Vulnerability – Donation Plugin and Fundraising Platform – Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode – CVE-2024-1957 | WordPress Plugin Vulnerability Report
Plugin Name: GiveWP – Donation Plugin and Fundraising Platform Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 7,093,144 Active Installs: 100,000 Last Updated: April 25, 2024 Patched Versions: 3.7.0 Affected Versions: <= 3.6.1 Vulnerability Details: Name: GiveWP – Donation Plugin and Fundraising Platform <= 3.6.1 Title: Authenticated…
Read MoreFavicon by RealFaviconGenerator Vulnerability – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-31422 | WordPress Plugin Vulnerability Report
Plugin Name: Favicon by RealFaviconGenerator Key Information: Software Type: Plugin Software Slug: favicon-by-realfavicongenerator Software Status: Active Software Author: phbernard Software Downloads: 3,235,128 Active Installs: 300,000 Last Updated: April 24, 2024 Patched Versions: 1.3.30 Affected Versions: <= 1.3.29 Vulnerability Details: Name: Favicon <= 1.3.29 Title: Cross-Site Request Forgery to Notice Dismissal Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE: CVE-2024-31422 CVSS…
Read MoreElement Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1428 & CVE-2024-0837 | WordPress Plugin Vulnerability Report
Plugin Name: Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) Key Information: Software Type: Plugin Software Slug: bdthemes-element-pack-lite Software Status: Active Software Author: bdthemes Software Downloads: 1,990,743 Active Installs: 100,000 Last Updated: April 15, 2024 Patched Versions: 5.5.4 Affected Versions: <= 5.5.3 Vulnerability Details: Name: Element Pack Elementor Addons…
Read MoreGutenberg Blocks by Kadence Blocks Vulnerability – Page Builder Features – Multiple Vulnerabilities – CVE-2024-0598 & CVE-2024-2919 | WordPress Plugin Vulnerability Report
Plugin Name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks Software Status: Active Software Author: britner Software Downloads: 17,837,802 Active Installs: 400,000 Last Updated: April 3, 2024 Patched Versions: 3.2.18 Affected Versions: <= 3.2.17 for CVE-2024-0598 and <= 3.2.31 for CVE-2024-2919 Vulnerability 1 Details: Name: Gutenberg…
Read MoreGutenberg Block Editor Toolkit Vulnerability – EditorsKit – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2794 | WordPress Plugin Vulnerability Report
Plugin Name: Gutenberg Block Editor Toolkit – EditorsKit Key Information: Software Type: Plugin Software Slug: block-options Software Status: Active Software Author: munirkamal Software Downloads: 725,563 Active Installs: 30,000 Last Updated: April 1, 2024 Patched Versions: 1.40.5 Affected Versions: <= 1.40.4 Vulnerability Details: Name: Gutenberg Block Editor Toolkit – EditorsKit <= 1.40.4 Title: Authenticated (Contributor+) Stored…
Read MoreUltimate Addons for Beaver Builder Vulnerability – Lite – Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget – CVE-2024-2144 | WordPress Plugin Vulnerability Report
Plugin Name: Ultimate Addons for Beaver Builder – Lite Key Information: Software Type: Plugin Software Slug: ultimate-addons-for-beaver-builder-lite Software Status: Active Software Author: brainstormforce Software Downloads: 499,391 Active Installs: 30,000 Last Updated: April 1, 2024 Patched Versions: 1.5.8 Affected Versions: <= 1.5.7 Vulnerability Details: Name: Ultimate Addons for Beaver Builder – Lite <= 1.5.7 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…
Read MoreEssential Blocks Vulnerability – Page Builder Gutenberg Blocks, Patterns & Templates – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-2255 |WordPress Plugin Vulnerability Report
Plugin Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates Key Information: Software Type: Plugin Software Slug: essential-blocks Software Status: Active Software Author: wpdevteam Software Downloads: 2,747,397 Active Installs: 100,000 Last Updated: March 19, 2024 Patched Versions: 4.5.4 Affected Versions: <= 4.5.2 Vulnerability Details: Name: Essential Blocks – Page Builder Gutenberg Blocks, Patterns…
Read MoreBackuply Vulnerability– Backup, Restore, Migrate and Clone – Authenticated (Admin+) Directory Traversal – CVE-2024-2294 | WordPress Plugin Vulnerability Report
Plugin Name: Backuply – Backup, Restore, Migrate and Clone Key Information: Software Type: Plugin Software Slug: backuply Software Status: Active Software Author: softaculous Software Downloads: 2,266,088 Active Installs: 200,000 Last Updated: March 19, 2024 Patched Versions: 1.2.8 Affected Versions: <= 1.2.7 Vulnerability Details: Name: Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 Title: Authenticated…
Read More