wordpress plugins

WP Plugin Vulnerabilities Image - iframe Vulnerability - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode - CVE-2023-6844 | WordPress Plugin Vulnerability Report - wordpress plugins

iframe Vulnerability – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode – CVE-2023-6844 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 22, 2024

Plugin Name: iframe Key Information: Software Type: Plugin Software Slug: iframe Software Status: Active Software Author: webvitaly Software Downloads: 1,680,907 Active Installs: 90,000 Last Updated: May 22, 2024 Patched Versions: 5.1 Affected Versions: <= 5.0 Vulnerability Details: Name: iframe <= 5.0 – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode Type: Improper Neutralization of Input During Web…

Read More
WP Plugin Vulnerabilities Image - Prime Slider Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Pagepiling Widget - CVE-2024-3997 | WordPress Plugin Vulnerability Report - wordpress plugins

Prime Slider Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Pagepiling Widget – CVE-2024-3997 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 22, 2024

Plugin Name: Prime Slider Key Information: Software Type: Plugin Software Slug: bdthemes-prime-slider-lite Software Status: Active Software Author: bdthemes Software Downloads: 2,413,655 Active Installs: 100,000 Last Updated: May 22, 2024 Patched Versions: 3.14.2 Affected Versions: <= 3.14.1 Vulnerability Details: Name: Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.1…

Read More
WP Plugin Vulnerabilities Image - Contact Form Plugin Vulnerability - PHP Object Injection via extractDynamicValues - CVE-2024-4157 | WordPress Plugin Vulnerability Report - wordpress plugins

Contact Form Plugin Vulnerability – PHP Object Injection via extractDynamicValues – CVE-2024-4157 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 21, 2024

Plugin Name: Contact Form Plugin Key Information: Software Type: Plugin Software Slug: fluentform Software Status: Active Software Author: techjewel Software Downloads: 7,048,138 Active Installs: 400,000 Last Updated: May 21, 2024 Patched Versions: 5.1.16 Affected Versions: <= 5.1.15 Vulnerability Details: Name: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form…

Read More
WP Plugin Vulnerabilities Image - SiteOrigin Widgets Bundle Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode - CVE-2024-4362 | WordPress Plugin Vulnerability Report - wordpress plugins

SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘siteorigin_widget’ Shortcode – CVE-2024-4362 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 21, 2024

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software Downloads: 39,647,522 Active Installs: 600,000 Last Updated: May 21, 2024 Patched Versions: 1.61.0 Affected Versions: <= 1.60.0 Vulnerability Details: Name: SiteOrigin Widgets Bundle <= 1.60.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘siteorigin_widget’ Shortcode Type:…

Read More
WP Plugin Vulnerabilities Image - Page Builder by SiteOrigin Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode - CVE-2024-4361 | WordPress Plugin Vulnerability Report - wordpress plugins

Page Builder by SiteOrigin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘siteorigin_widget’ Shortcode – CVE-2024-4361 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 20, 2024

Plugin Name: Page Builder by SiteOrigin Key Information: Software Type: Plugin Software Slug: siteorigin-panels Software Status: Active Software Author: gpriday Software Downloads: 51,387,711 Active Installs: 700,000 Last Updated: May 20, 2024 Patched Versions: 2.29.16 Affected Versions: <= 2.29.15 Vulnerability Details: Name: Page Builder by SiteOrigin <= 2.29.15 – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘siteorigin_widget’…

Read More
WP Plugin Vulnerabilities Image - WP Shortcodes Plugin Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode - CVE-2024-4553 | WordPress Plugin Vulnerability Report - wordpress plugins

WP Shortcodes Plugin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode – CVE-2024-4553 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 20, 2024

Plugin Name: WP Shortcodes Plugin Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 20,236,762 Active Installs: 600,000 Last Updated: May 20, 2024 Patched Versions: 7.1.6 Affected Versions: <= 7.1.5 Vulnerability Details: Name: WP Shortcodes Plugin – Shortcodes Ultimate <= 7.1.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via…

Read More
WP Plugin Vulnerabilities Image - GiveWP Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-3714 | WordPress Plugin Vulnerability Report - wordpress plugins

GiveWP Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3714 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 17, 2024

Plugin Name: GiveWP Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 7,298,288 Active Installs: 100,000 Last Updated: May 17, 2024 Patched Versions: 3.11.0 Affected Versions: <= 3.10.0 Vulnerability Details: Name: GiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…

Read More
WP Plugin Vulnerabilities Image - Happy Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-5088, CVE-2024-4865 | WordPress Plugin Vulnerability Report - wordpress plugins

Happy Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5088, CVE-2024-4865 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 17, 2024

Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 6,974,697 Active Installs: 400,000 Last Updated: May 17, 2024 Patched Versions: 3.10.9 Affected Versions: <= 3.10.8 Vulnerability Details: Name: Happy Addons for Elementor <= 3.10.8 – Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper…

Read More
WP Plugin Vulnerabilities Image - Menu Icons by ThemeIsle Vulnerability - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload - CVE-2024-4635 | WordPress Plugin Vulnerability Report - wordpress plugins

Menu Icons by ThemeIsle Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload – CVE-2024-4635 | WordPress Plugin Vulnerability Report

By Your WP Guy / May 15, 2024

Plugin Name: Menu Icons by ThemeIsle Key Information: Software Type: Plugin Software Slug: menu-icons Software Status: Active Software Author: themeisle Software Downloads: 3,529,569 Active Installs: 200,000 Last Updated: May 15, 2024 Patched Versions: 0.13.14 Affected Versions: <= 0.13.13 Vulnerability Details: Name: Menu Icons by ThemeIsle <= 0.13.13 – Authenticated (Author+) Stored Cross-Site Scripting via SVG…

Read More