WordPress Plugin Vulnerability Report – Modern Events Calendar Lite – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2023-4021

September 29, 2023
Posted in Security, Vulnerabilities

Plugin Name: Modern Events Calendar Lite Key Information: Software Type: Plugin Software Slug: modern-events-calendar-lite Software Status: Removed Software Author: webnus/…

Read More

WordPress Plugin Vulnerability Report – iframe – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘iframe’ Shortcode – CVE-2023-4919

September 25, 2023
Posted in Security, Vulnerabilities

Plugin Name: iframe Key Information: Software Type: Plugin Software Slug: iframe Software Status: Active Software Author: webvitaly Software Downloads: 1,423,357…

Read More

WordPress Plugin Vulnerability Report – Ad Inserter – Unauthenticated Sensitive Information Exposure – CVE-2023-4668, CVE-2023-4645

September 22, 2023
Posted in Security, Vulnerabilities

Plugin Name: Ad Inserter Key Information: Software Type: Plugin Software Slug: ad-inserter Software Status: Active Software Author: Spacetime Software Downloads:…

Read More

WordPress Plugin Vulnerability Report – Media Library Assistant – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-4716

September 21, 2023
Posted in Security, Vulnerabilities

Plugin Name: Media Library Assistant Key Information: Software Type: Plugin Software Slug: media-library-assistant Software Status: Active Software Author: David Lingren…

Read More

WordPress Plugin Vulnerability Report – Leaflet Map – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-5050

September 20, 2023
Posted in Security, Vulnerabilities

Plugin Name: Leaflet Map Key Information: Software Type: Plugin Software Slug: leaflet-map Software Status: Active Software Author: bozdoz Software Downloads:…

Read More

WordPress Plugin Vulnerability Report – Table of Contents Plus – Authenticated (Administrator+) Stored Cross-Site Scripting

September 19, 2023
Posted in Security, Vulnerabilities

Plugin Name: Table of Contents Plus Key Information: Software Type: Plugin Software Slug: table-of-contents-plus Software Status: Active Software Author: conjur3r…

Read More

WordPress Plugin Vulnerability Report – Comments – wpDiscuz – Unauthenticated SQL Injection

September 18, 2023
Posted in Security, Vulnerabilities

Plugin Name: Comments – wpDiscuz Key Information: Software Type: Plugin Software Slug: wpdiscuz Software Status: Active Software Author: advancedcoding Software…

Read More

WordPress Plugin Vulnerability Report – Essential Addons for Elementor – Authenticated (Contributor+) Privilege Escalation

September 14, 2023
Posted in Security, Vulnerabilities

Plugin Name: Essential Addons for Elementor Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author: wpdevteam…

Read More

WordPress Plugin Vulnerabilities Report – Booster for WooCommerce – Authenticated Stored Cross-Site Scripting & Information Disclosure – CVE-2023-4945, CVE-2023-4796

September 13, 2023
Posted in Security, Vulnerabilities

Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software…

Read More

WordPress Plugin Vulnerability Report – Migration, Backup, Staging – WPvivid – Missing Authorization & Stored Cross-Site Scripting

September 12, 2023
Posted in Security, Vulnerabilities

Plugin Name: Migration, Backup, Staging – WPvivid Key Information: Software Type: Plugin Software Slug: wpvivid-backuprestore Software Status: Active Software Author:…

Read More

WordPress Plugin Vulnerability Report: Slimstat Analytics – Authenticated (Contributor+) Blind SQL Injection via Shortcode – CVE-2023-4598

September 11, 2023
Posted in Security, Vulnerabilities

Key Information: Software Type: Plugin Software Slug: wp-slimstat Software Status: Active Software Author: mostafas1990 Software Downloads: 5,922,898 Active Installs: 100,000…

Read More

WordPress Plugin Vulnerability Report: EWWW Image Optimizer – Sensitive Information Exposure

September 8, 2023
Posted in Security, Vulnerabilities

Plugin Name: EWWW Image Optimizer Key Information: Software Type: Plugin Software Slug: ewww-image-optimizer Software Status: Active Software Author: nosilver4u Software…

Read More