Posts Tagged ‘XSS attacks’
ElementsKit Elementor addons and Templates Library Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget – CVE-2024-3650 | WordPress Plugin Vulnerability Report
Plugin Name: ElementsKit Elementor addons and Templates Library Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xpeedstudio Software Downloads: 19,230,464 Active Installs: 1,000,000 Last Updated: May 13, 2024 Patched Versions: 3.1.3 Affected Versions: 3.0.7 – 3.1.2 Vulnerability Details: Name: ElementsKit Elementor addons 3.0.7 – 3.1.2 Title: Authenticated (Contributor+) Stored Cross-Site…
Read MoreSocial Sharing Plugin Vulnerability – Social Warfare – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-1959 | WordPress Plugin Vulnerability Report
Plugin Name: Social Sharing Plugin – Social Warfare Key Information: Software Type: Plugin Software Slug: social-warfare Software Status: Active Software Author: warfareplugins Software Downloads: 1,728,768 Active Installs: 30,000 Last Updated: May 3, 2024 Patched Versions: 4.4.6.2 Affected Versions: <= 4.4.6.1 Vulnerability Details: Name: Social Sharing Plugin – Social Warfare <= 4.4.6.1 Title: Authenticated Stored Cross-Site…
Read MoreSmart Slider 3 Vulnerability – Missing Authorization to Limited File Upload – CVE-2024-3027 | WordPress Plugin Vulnerability Report
Plugin Name: Smart Slider 3 Key Information: Software Type: Plugin Software Slug: smart-slider-3 Software Status: Active Software Author: nextendweb Software Downloads: 17,368,541 Active Installs: 900,000 Last Updated: April 25, 2024 Patched Versions: 3.5.1.23 Affected Versions: <= 3.5.1.22 Vulnerability Details: Name: Smart Slider 3 <= 3.5.1.22 Title: Missing Authorization to Limited File Upload Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE:…
Read MoreOtter Blocks Vulnerability – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE – Multiple XSS Vulnerabilities – CVE-2024-3344, CVE-2024-3343 | WordPress Plugin Vulnerability Report
Plugin Name: Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE Key Information: Software Type: Plugin Software Slug: otter-blocks Software Status: Active Software Author: themeisle Software Downloads: 7,620,535 Active Installs: 300,000 Last Updated: April 22, 2024 Patched Versions: 2.6.9 Affected Versions: <= 2.6.8 Vulnerability 1 Details: Name: Otter Blocks <= 2.6.8 -…
Read MoreElementor Addons by Livemesh Vulnerability – Authenticated Stored Cross-Site Scripting Vulnerabilities – CVE-2024-2539 & CVE-2024-2655 | WordPress Plugin Vulnerability Report
Plugin Name: Elementor Addons by Livemesh Key Information: Software Type: Plugin Software Slug: addons-for-elementor Software Status: Active Software Author: livemesh Software Downloads: 3,814,639 Active Installs: 60,000 Last Updated: April 16, 2024 Patched Versions: 8.3.7 Affected Versions: <= 8.3.6 Vulnerability 1 Details: Name: Elementor Addons by Livemesh <= 8.3.6 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via…
Read MoreJeg Elementor Kit Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,029,705 Active Installs: 200,000 Last Updated: April 2, 2024 Patched Versions: 2.6.4 Affected Versions: <= 2.6.3 Vulnerability 1 Details: Name: Jeg Elementor Kit <= 2.6.3 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Image Box…
Read MoreWP-Members Membership Plugin Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-1852 | WordPress Plugin Vulnerability Report
Plugin Name: WP-Members Membership Plugin Key Information: Software Type: Plugin Software Slug: wp-members Software Status: Active Software Author: cbutlerjr Software Downloads: 3,453,636 Active Installs: 60,000 Last Updated: April 1, 2024 Patched Versions: 3.4.9.3 Affected Versions: <= 3.4.9.2 Vulnerability Details: Name: WP-Members Membership Plugin <= 3.4.9.2 Title: Unauthenticated Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1852 CVSS…
Read MorePage Builder Gutenberg Blocks Vulnerability – CoBlocks – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1049 | WordPress Plugin Vulnerability Report
Plugin Name: Page Builder Gutenberg Blocks – CoBlocks Key Information: Software Type: Plugin Software Slug: coblocks Software Status: Active Software Author: GoDaddy Software Downloads: 19,886,964 Active Installs: 400,000 Last Updated: March 22, 2024 Patched Versions: 3.1.7 Affected Versions: <= 3.1.6 Vulnerability Details: Name: Page Builder Gutenberg Blocks – CoBlocks <= 3.1.6 Title: Authenticated (Contributor+) Stored…
Read MoreAdvanced iFrame Vulnerability- Authenticated Contributor+ Stored Cross-Site Scripting – CVE-2024-1341 | WordPress Plugin Vulnerability Report
Plugin Name: Advanced iFrame Key Information: Software Type: Plugin Software Slug: advanced-iframe Software Status: Active Software Author: mdempfle Software Downloads: 1,864,724 Active Installs: 60,000 Last Updated: February 28, 2024 Patched Versions: 2024.2 Affected Versions: <= 2024.1 Vulnerability Details: Name: Advanced iFrame <= 2024.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1341 CVSS Score:…
Read MoreBeaver Builder Vulnerability– WordPress Page Builder – Authenticated Contributor+ Stored Cross-Site Scripting via Audio Widget – CVE-2024-1074 | WordPress Plugin Vulnerability Report
Plugin Name: Beaver Builder – WordPress Page Builder Key Information: Software Type: Plugin Software Slug: beaver-builder-lite-version Software Status: Active Software Author: justinbusa Software Downloads: 9,601,854 Active Installs: 100,000 Last Updated: February 28, 2024 Patched Versions: 2.7.4.3 Affected Versions: <= 2.7.4.2 Vulnerability Details: Name: Beaver Builder – WordPress Page Builder <= 2.7.4.2 Title: Authenticated Contributor+ Stored…
Read More