wpdevteam

WordPress Plugin Vulnerability Report – Essential Addons for Elementor – Authenticated (Contributor+) Privilege Escalation

By Your WP Guy / Sep 14, 2023

Plugin Name: Essential Addons for Elementor Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 55,164,924 Active Installs: 1,000,000 Last Updated: September 14, 2023 Patched Versions: 5.8.9 Affected Versions: <=5.8.8 Vulnerability Details: Name: Essential Addons for Elementor <= 5.8.8 – Authenticated (Contributor+) Privilege Escalation Type: Missing Authorization CVSS…

Read More

WordPress Plugin Vulnerability Report: EmbedPress – Cross-Site Request Forgery

By Your WP Guy / Sep 8, 2023

Plugin Name: EmbedPress Key Information: Software Type: Plugin Software Slug: embedpress Software Status: Active Software Author: wpdevteam Software Downloads: 1,709,151 Active Installs: 80,000 Last Updated: September 8, 2023 Patched Versions: 3.8.4 Affected Versions: <3.8.4 Vulnerability Details: Name: EmbedPress <= 3.8.3 – Cross-Site Request Forgery Type: Cross-Site Request Forgery (CSRF) CVSS Score: 4.3 (Medium) Publicly Published:…

Read More