Form Maker by 10Web Vulnerability – Authenticated (Administrator+) Stored Cross-Site Scripting – CVE-2024-34437 | WordPress Plugin Vulnerability Report
Plugin Name: Form Maker by 10Web Key Information: Software Type: Plugin Software Slug: form-maker Software Status: Active Software Author: 10web…
WP Job Manager Vulnerability – Unauthenticated Information Exposure – CVE-2024-34549 | WordPress Plugin Vulnerability Report
Plugin Name: WP Job Manager Key Information: Software Type: Plugin Software Slug: wp-job-manager Software Status: Active Software Author: automattic Software…
Mesmerize Companion Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via mesmerize_contact_form Shortcode – CVE-2024-3494 | WordPress Plugin Vulnerability Report
Plugin Name: Mesmerize Companion Key Information: Software Type: Plugin Software Slug: mesmerize-companion Software Status: Active Software Author: horearadu Software Downloads:…
XML Sitemap & Google News Vulnerability – Unauthenticated Local File Inclusion – CVE-2024-4441 | WordPress Plugin Vulnerability Report
Plugin Name: XML Sitemap & Google News Key Information: Software Type: Plugin Software Slug: xml-sitemap-feed Software Status: Active Software Author:…
One Click Demo Import Vulnerability – Authenticated (Admin+) PHP Object Injection – CVE-2024-34433 | WordPress Plugin Vulnerability Report
Plugin Name: One Click Demo Import Key Information: Software Type: Plugin Software Slug: one-click-demo-import Software Status: Active Software Author: smub…
Advanced Ads Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Ad Widget – CVE-2024-3952 | WordPress Plugin Vulnerability Report
Plugin Name: Advanced Ads Key Information: Software Type: Plugin Software Slug: advanced-ads Software Status: Active Software Author: monetizemore Software Downloads:…
AI Engine Vulnerability – Authenticated (Editor+) Arbitrary File Upload – CVE-2024-34440 | WordPress Plugin Vulnerability Report
Plugin Name: AI Engine Key Information: Software Type: Plugin Software Slug: ai-engine Software Status: Active Software Author: tigroumeow Software Downloads:…
Custom Field Suite Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-3068 | WordPress Plugin Vulnerability Report
Plugin Name: Custom Field Suite Key Information: Software Type: Plugin Software Slug: custom-field-suite Software Status: Active Software Author: mgibbs189 Software…
Content Views Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via pagingType Parameter – CVE-2024-4446 | WordPress Plugin Vulnerability Report
Plugin Name: Content Views Key Information: Software Type: Plugin Software Slug: content-views-query-and-display-post-page Software Status: Active Software Author: pt-guy Software Downloads:…
Image Hover Effects Vulnerability – Authenticated(Contributor+) DOM-based Stored Cross-Site Scripting via Image Hover Effects Widget – CVE-2024-1166 | WordPress Plugin Vulnerability Report
Plugin Name: Image Hover Effects Key Information: Software Type: Plugin Software Slug: image-hover-effects-addon-for-elementor Software Status: Active Software Author: blocksera Software…
The Plus Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0445, CVE-2024-2785 | WordPress Plugin Vulnerability Report
Plugin Name: The Plus Addons for Elementor Key Information: Software Type: Plugin Software Slug: the-plus-addons-for-elementor-page-builder Software Status: Active Software Author:…
Booster for WooCommerce Vulnerability – Unauthenticated Arbitrary Shortcode Execution – CVE-2024-3957 | WordPress Plugin Vulnerability Report
Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software…