Posts Tagged ‘WordPress security updates’
Colibri Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5038, CVE-2024-4451 | WordPress Plugin Vulnerability Report
Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software Downloads: 2,729,511 Active Installs: 100,000 Last Updated: June 20, 2024 Patched Versions: 1.0.277 Affected Versions: <= 1.0.276 Vulnerability 1 Details: Name: Colibri Page Builder <= 1.0.276 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type:…
Read MoreWordPress Infinite Scroll – Ajax Load More Vulnerability – Authenticated (Contributor+) Cross-Site Scripting – CVE-2024-4711 | WordPress Plugin Vulnerability Report
Plugin Name: WordPress Infinite Scroll – Ajax Load More Key Information: Software Type: Plugin Software Slug: ajax-load-more Software Status: Active Software Author: connekthq Software Downloads: 1,937,345 Active Installs: 50,000 Last Updated: June 12, 2024 Patched Versions: 7.1.2 Affected Versions: <= 7.1.1 Vulnerability Details: Name: WordPress Infinite Scroll – Ajax Load More <= 7.1.1 Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N…
Read MoreWordPress Plugin Vulnerability Report – All-In-One Security – Protection Bypass of Renamed Login Page via URL Encoding
Plugin Name: All-In-One Security Key Information: Software Type: Plugin Software Slug: all-in-one-wp-security-and-firewall Software Status: Active Software Author: davidanderson Software Downloads: 24,151,775 Active Installs: 1,000,000 Last Updated: October 25, 2023 Patched Versions: 5.2.5 Affected Versions: <5.2.5 Vulnerability Details: Name: All In One WP Security <= 5.2.4 – Protection Bypass of Renamed Login Page via URL Encoding Type: Protection Mechanism Failure CVSS Score: 5.3 (Medium) Publicly…
Read More