XSS vulnerability

WP Plugin Vulnerabilities Image - Colibri Page Builder Vulnerability - Multiple Stored XSS Vulnerabilities - CVE-2024-3340, CVE-2024-3337, CVE-2024-3338 | WordPress Plugin Vulnerability Report  - XSS vulnerability

Colibri Page Builder Vulnerability – Multiple Stored XSS Vulnerabilities – CVE-2024-3340, CVE-2024-3337, CVE-2024-3338 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 22, 2024

Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software Downloads: 2,612,262 Active Installs: 100,000 Last Updated: May 9, 2024 Patched Versions: 1.0.274 Affected Versions: <= 1.0.272 Vulnerability Details: Name: Colibri Page Builder <= 1.0.272 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via ‘colibri-gallery-slideshow’ Shortcode Type:…

Read More
WP Plugin Vulnerabilities Image - Database for Contact Form 7, WPforms, Elementor forms Vulnrability - Unauthenticated Stored Cross-Site Scripting - CVE-2024-3715 | WordPress Plugin Vulnerability Report - XSS vulnerability

Database for Contact Form 7, WPforms, Elementor forms Vulnrability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-3715 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 22, 2024

Plugin Name: Database for Contact Form 7, WPforms, Elementor forms Key Information: Software Type: Plugin Software Slug: contact-form-entries Software Status: Active Software Author: crmperks Software Downloads: 661,856 Active Installs: 70,000 Last Updated: May 8, 2024 Patched Versions: 1.3.9 Affected Versions: <= 1.3.8 Vulnerability Details: Name: Database for Contact Form 7, WPforms, Elementor forms <= 1.3.8…

Read More
WP Plugin Vulnerabilities Image - ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-1057 | WordPress Plugin Vulnerability Report  - XSS vulnerability

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1057 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 19, 2024

Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key Information: Software Type: Plugin Software Slug: woolentor-addons Software Status: Active Software Author: devitemsllc Software Downloads: 3,443,357 Active Installs: 100,000 Last Updated: May 2, 2024 Patched Versions: 2.8.2 Affected Versions: <= 2.8.1 Vulnerability Details: Name: ShopLentor…

Read More
WP Plugin Vulnerabilities Image - Customer Reviews for WooCommerce Vulnerability - Reflected Cross-Site Scripting via 's' - CVE-2024-3731 | WordPress Plugin Vulnerability Report - XSS vulnerability

Customer Reviews for WooCommerce Vulnerability – Reflected Cross-Site Scripting via ‘s’ – CVE-2024-3731 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 18, 2024

Plugin Name: Customer Reviews for WooCommerce Key Information: Software Type: Plugin Software Slug: customer-reviews-woocommerce Software Status: Active Software Author: ivole Software Downloads: 4,233,598 Active Installs: 60,000 Last Updated: May 2, 2024 Patched Versions: 5.48.0 Affected Versions: <= 5.47.0 Vulnerability Details: Name: Customer Reviews for WooCommerce <= 5.47.0 Title: Reflected Cross-Site Scripting via ‘s’ Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N…

Read More
WP Plugin Vulnerabilities Image - Essential Addons for Elementor Vulnerability – Best Elementor Templates, Widgets, Kits & WooCommerce Builders - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute - CVE-2024-3333 | WordPress Plugin Vulnerability Report - XSS vulnerability

Essential Addons for Elementor Vulnerability – Best Elementor Templates, Widgets, Kits & WooCommerce Builders – Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute – CVE-2024-3333 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 16, 2024

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam Software Downloads: 71,347,020 Active Installs: 2,000,000 Last Updated: April 26, 2024 Patched Versions: 5.9.15 Affected Versions: <= 5.9.14 Vulnerability Details: Name: Essential Addons for Elementor <=…

Read More
WP Plugin Vulnerabilities Image - Otter Blocks Vulnerability – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE - Authenticated Stored Cross-Site Scripting via 'titleTag' - CVE-2024-3725 | WordPress Plugin Vulnerability Report - XSS vulnerability

Otter Blocks Vulnerability – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE – Authenticated Stored Cross-Site Scripting via ‘titleTag’ – CVE-2024-3725 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 16, 2024

Plugin Name: Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE Key Information: Software Type: Plugin Software Slug: otter-blocks Software Status: Active Software Author: themeisle Software Downloads: 7,631,372 Active Installs: 300,000 Last Updated: April 25, 2024 Patched Versions: 2.6.10 Affected Versions: <= 2.6.9 Vulnerability Details: Name: Otter Blocks <= 2.6.9 Title: Authenticated…

Read More
WP Plugin Vulnerabilities Image - Enhanced Media Library Vulnerability - Authenticated (Author+) Stored Cross-Site Scripting - CVE-2024-2840 | WordPress Plugin Vulnerability Report - XSS vulnerability

Enhanced Media Library Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting – CVE-2024-2840 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 15, 2024

Plugin Name: Enhanced Media Library Key Information: Software Type: Plugin Software Slug: enhanced-media-library Software Status: Active Software Author: webbistro Software Downloads: 2,252,374 Active Installs: 90,000 Last Updated: April 25, 2024 Patched Versions: 2.8.10 Affected Versions: <= 2.8.9 Vulnerability Details: Name: Enhanced Media Library <= 2.8.9 Title: Authenticated (Author+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2024-2840…

Read More
WP Plugin Vulnerabilities Image - Exclusive Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBox - CVE-2024-2751 | WordPress Plugin Vulnerability Report - XSS vulnerability

Exclusive Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBox – CVE-2024-2751 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 15, 2024

Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler Software Downloads: 814,796 Active Installs: 60,000 Last Updated: April 25, 2024 Patched Versions: 2.6.9.3 Affected Versions: <= 2.6.9.2 Vulnerability Details: Name: Exclusive Addons for Elementor <= 2.6.9.2 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via InfoBox…

Read More
WP Plugin Vulnerabilities Image - Real Media Library: Media Library Folder & File Manager Vulnerability - Authenticated (Author+) Stored Cross-Site Scripting - CVE-2024-2328 | WordPress Plugin Vulnerability Report  - XSS vulnerability

Real Media Library: Media Library Folder & File Manager Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting – CVE-2024-2328 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Apr 15, 2024

Plugin Name: Real Media Library: Media Library Folder & File Manager Key Information: Software Type: Plugin Software Slug: real-media-library-lite Software Status: Active Software Author: devowl Software Downloads: 2,483,272 Active Installs: 80,000 Last Updated: April 25, 2024 Patched Versions: 4.11.12 Affected Versions: <= 4.22.11 Vulnerability Details: Name: Real Media Library <= 4.22.11 Title: Authenticated (Author+) Stored…

Read More
WP Plugin Vulnerabilities Image - Carousel Slider Vulnerability - Authenticated (Editor+) Stored Cross-Site Scripting - CVE-2024-3703 | WordPress Plugin Vulnerability Report - XSS vulnerability

Carousel Slider Vulnerability – Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2024-3703 | WordPress Plugin Vulnerability Report

By Your WP Guy / Apr 12, 2024

Plugin Name: Carousel Slider Key Information: Software Type: Plugin Software Slug: carousel-slider Software Status: Active Software Author: sayful Software Downloads: 908,916 Active Installs: 40,000 Last Updated: April 25, 2024 Patched Versions: 2.2.10 Affected Versions: <= 2.2.9 Vulnerability Details: Name: Carousel Slider <= 2.2.9 Title: Authenticated (Editor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-3703 CVSS Score:…

Read More