wordpress plugins

WP Plugin Vulnerabilities Image - Link Whisper Free Vulnerability - Cross-Site Request Forgery - CVE-2024-31934 | WordPress Plugin Vulnerability Report - wordpress plugins

Link Whisper Free Vulnerability – Cross-Site Request Forgery – CVE-2024-31934 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Link Whisper Free Key Information: Software Type: Plugin Software Slug: link-whisper Software Status: Active Software Author: linkwhspr Software Downloads: 480,622 Active Installs: 30,000 Last Updated: April 24, 2024 Patched Versions: 0.7.0 Affected Versions: <= 0.6.9 Vulnerability Details: Name: Link Whisper Free <= 0.6.9 Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE: CVE-2024-31934 CVSS Score: 4.3 Publicly Published: April…

Read More
WP Plugin Vulnerabilities Image -  Advanced Cron Manager Vulnerability – debug & control - Authenticated (Admin+) Stored Cross-Site Scripting - CVE-2024-31926 | WordPress Plugin Vulnerability Report - wordpress plugins

 Advanced Cron Manager Vulnerability – debug & control – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-31926 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Advanced Cron Manager – debug & control Key Information: Software Type: Plugin Software Slug: advanced-cron-manager Software Status: Active Software Author: kubitomakita Software Downloads: 573,600 Active Installs: 30,000 Last Updated: April 25, 2024 Patched Versions: 2.5.3 Affected Versions: <= 2.5.2 Vulnerability Details: Name: Advanced Cron Manager – debug & control <= 2.5.2 Title: Authenticated…

Read More
WP Plugin Vulnerabilities Image - Newsletter Vulnerability - Cross-Site Request Forgery - CVE-2024-31434 | WordPress Plugin Vulnerability Report - wordpress plugins

Newsletter Vulnerability – Cross-Site Request Forgery – CVE-2024-31434 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 10, 2024

Plugin Name: Newsletter – Send awesome emails from WordPress Key Information: Software Type: Plugin Software Slug: newsletter Software Status: Active Software Author: satollo Software Downloads: 25,010,511 Active Installs: 300,000 Last Updated: April 24, 2024 Patched Versions: 8.0.7 Affected Versions: <= 8.0.6 Vulnerability Details: Name: Newsletter <= 8.0.6 Title: Cross-Site Request Forgery Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE: CVE-2024-31434…

Read More
WP Plugin Vulnerabilities Image - Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url - CVE-2024-1812 | WordPress Plugin Vulnerability Report - wordpress plugins

Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url – CVE-2024-1812 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 15, 2024

Plugin Name: Everest Forms – Build Contact Forms, Surveys, Polls, Quizzes, Newsletter & Application Forms, and Many More with Ease! Key Information: Software Type: Plugin Software Slug: everest-forms Software Status: Active Software Author: wpeverest Software Downloads: 5,605,349 Active Installs: 100,000 Last Updated: March 19, 2024 Patched Versions: 2.0.8 Affected Versions: <= 2.0.7 Vulnerability Details: Name:…

Read More
WP Plugin Vulnerabilities Image - Contact Form 7 Vulnerability - Reflected Cross-Site Scripting - CVE-2024-2242 | WordPress Plugin Vulnerability Report - wordpress plugins

Contact Form 7 Vulnerability – Reflected Cross-Site Scripting – CVE-2024-2242 | WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 13, 2024

Plugin Name: Contact Form 7 Key Information: Software Type: Plugin Software Slug: contact-form-7 Software Status: Active Software Author: takayukister Software Downloads: 318,916,329 Active Installs: 5,000,000 Last Updated: March 14, 2024 Patched Versions: 5.9.2 Affected Versions: <= 5.9 Vulnerability Details: Name: Contact Form 7 <= 5.9 Title: Reflected Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-2242 CVSS Score:…

Read More

 Elementor Header & Footer Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1237 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Mar 11, 2024

Plugin Name: Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author: brainstormforce Software Downloads: 24,612,698 Active Installs: 1,000,000 Last Updated: March 13, 2024 Patched Versions: 1.6.25 Affected Versions: <= 1.6.24 Vulnerability Details: Name: Elementor Header & Footer Builder <= 1.6.24 Title: Authenticated (Contributor+) Stored Cross-Site Scripting…

Read More
WP Plugin Vulnerabilities Image - Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress - Authenticated Stored Cross-Site Scripting - CVE-2024-1363 |WordPress Plugin Vulnerability Report - wordpress plugins

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

By Your WP Guy / Mar 8, 2024

Plugin Name: Easy Accordion – Best Accordion FAQ Plugin for WordPress Key Information: Software Type: Plugin Software Slug: easy-accordion-free Software Status: Active Software Author: shapedplugin Software Downloads: 735,064 Active Installs: 50,000 Last Updated: March 13, 2024 Patched Versions: 2.3.5 Affected Versions: <= 2.3.4 Vulnerability Details: Name: Easy Accordion <= 2.3.4 – Authenticated Stored Cross-Site Scripting…

Read More
WP Plugin Vulnerabilities Image - 3D FlipBook Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Bookmarks - CVE-2024-1081 | WordPress Plugin Vulnerability Report - wordpress plugins

3D FlipBook Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Bookmarks – CVE-2024-1081 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 20, 2024

Plugin Name: 3D FlipBook Key Information: Software Type: Plugin Software Slug: interactive-3d-flipbook-powered-physics-engine Software Status: Active Software Author: iberezansky Software Downloads: 1,524,371 Active Installs: 70,000 Last Updated: February 20, 2024 Patched Versions: 1.15.4 Affected Versions: <= 1.15.3 Vulnerability Details: Name: 3D FlipBook – PDF Flipbook WordPress <= 1.15.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Bookmarks Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Bookmarks Type: Improper Neutralization of…

Read More
WP Plugin Vulnerabilities Image - WP Maintenance Vulnerability - Information Exposure - CVE-2024-1472 | WordPress Plugin Vulnerability Report - wordpress plugins

WP Maintenance Vulnerability – Information Exposure – CVE-2024-1472 | WordPress Plugin Vulnerability Report

By Your WP Guy / Feb 16, 2024

Plugin Name: WP Maintenance Key Information: Software Type: Plugin Software Slug: wp-maintenance Software Status: Active Software Author: florent73 Software Downloads: 903,892 Active Installs: 50,000 Last Updated: February 27, 2024 Patched Versions: 6.1.7 Affected Versions: <= 6.1.6 Vulnerability Details: Name: WP Maintenance <= 6.1.6 Title: Information Exposure Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE: CVE-2024-1472 CVSS Score: 5.3 Publicly Published:…

Read More
WP Plugin Vulnerabilities Image - Paid Memberships Pro Vulnerability - Cross-Site Request Forgery to Level Orders Update - CVE-2024-0624 | WordPress Plugin Vulnerability Report - wordpress plugins

Paid Memberships Pro Vulnerability – Cross-Site Request Forgery to Level Orders Update – CVE-2024-0624 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jan 24, 2024

Plugin Name: Paid Memberships Pro Key Information: Software Type: Plugin Software Slug: paid-memberships-pro Software Status: Active Software Author: strangerstudios Software Downloads: 5,532,954 Active Installs: 90,000 Last Updated: January 24, 2024 Patched Versions: 2.12.8 Affected Versions: <= 2.12.7 Vulnerability Details: Name: Paid Memberships Pro <= 2.12.7 – Cross-Site Request Forgery to Level Orders Update Type: Cross-Site Request Forgery (CSRF) CVE: CVE-2024-0624 CVSS Score: 5.3 (Medium) Publicly Published: January 24, 2024…

Read More