WordPress plugin updates

Featured Image from URL Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via fifu_input_url – CVE-2024-1496 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 19, 2024

Plugin Name: Featured Image from URL Key Information: Software Type: Plugin Software Slug: featured-image-from-url Software Status: Active Software Author: marceljm Software Downloads: 4,896,915 Active Installs: 100,000 Last Updated: February 19, 2024 Patched Versions: 4.6.3 Affected Versions: <= 4.6.2 Vulnerability Details: Name: Featured Image from URL (FIFU) <= 4.6.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via…

Read More

Email Encoder Vulnerability– Protect Email Addresses and Phone Numbers – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1282 |WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 13, 2024

Plugin Name: Email Encoder – Protect Email Addresses and Phone Numbers Key Information: Software Type: Plugin Software Slug: email-encoder-bundle Software Status: Active Software Author: ironikus Software Downloads: 1,058,847 Active Installs: 80,000 Last Updated: February 27, 2024 Patched Versions: 2.2.1 Affected Versions: <= 2.2.0 Vulnerability Details: Name: Email Encoder – Protect Email Addresses and Phone Numbers…

Read More

Contact Form Plugin – Authenticated(Administrator+) Stored Cross-Site Scripting via imported form title – CVE-2024-0618 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 18, 2024

Plugin Name: Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Key Information: Software Type: Plugin Software Slug: fluentform Software Status: Active Software Author: techjewel Software Downloads: 5,679,069 Active Installs: 400,000 Last Updated: January 18, 2024 Patched Versions: 5.1.7 Affected Versions: <= 5.1.5 Vulnerability Details: Name: Fluent Forms <= 5.1.5…

Read More

Paid Memberships Pro Vulnerability – Information Exposure in Debug Logs |WordPress Plugin Vulnerability Report 

By Your WP Guy / Jan 12, 2024

Plugin Name: Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions Key Information: Software Type: Plugin Software Slug: paid-memberships-pro Software Status: Active Software Author: strangerstudios Software Downloads: 5,525,093 Active Installs: 90,000 Last Updated: January 12, 2024 Patched Versions: 2.12.7 Affected Versions: <= 2.12.6 Vulnerability Details: Name: Paid Memberships Pro <= 2.12.6 Title: Information…

Read More