WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - All in One SEO Vulnerability – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode - CVE-2024-3554 | WordPress Plugin Vulnerability Report - Vulnerabilities

All in One SEO Vulnerability – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3554 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Key…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Drag and Drop Multiple File Upload Vulnerability – Contact Form 7 - Sensitive Information Exposure - CVE-2024-3717 | WordPress Plugin Vulnerability Report - Vulnerabilities

Drag and Drop Multiple File Upload Vulnerability – Contact Form 7 – Sensitive Information Exposure – CVE-2024-3717 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Drag and Drop Multiple File Upload – Contact Form 7 Key Information: Software Type: Plugin Software Slug: drag-and-drop-multiple-file-upload-contact-form-7…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Elementor Addon Elements Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-3743 | WordPress Plugin Vulnerability Report - Vulnerabilities

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3743 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Exclusive Addons for Elementor Vulnerability - Missing Authorization to Post Duplication - CVE-2024-33914 | WordPress Plugin Vulnerability Report - Vulnerabilities

Exclusive Addons for Elementor Vulnerability – Missing Authorization to Post Duplication – CVE-2024-33914 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler…

Read about this Latest WordPress Vulnerability

MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: MailerLite – Signup forms (official) Key Information: Software Type: Plugin Software Slug: official-mailerlite-sign-up-forms Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Media Cleaner: Clean your WordPress! Vulnerability - Unauthenticated Information Exposure - CVE-2024-33922 | WordPress Plugin Vulnerability Report - Vulnerabilities

Media Cleaner: Clean your WordPress! Vulnerability – Unauthenticated Information Exposure – CVE-2024-33922 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Media Cleaner: Clean your WordPress! Key Information: Software Type: Plugin Software Slug: media-cleaner Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Premium Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-4203 | WordPress Plugin Vulnerability Report - Vulnerabilities

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4203 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode - CVE-2024-3550 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3550 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - MainWP Child Reports Vulnerability - Cross-Site Request Forgery - CVE-2024-33680 | WordPress Plugin Vulnerability Report - Vulnerabilities

MainWP Child Reports Vulnerability – Cross-Site Request Forgery – CVE-2024-33680 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: MainWP Child Reports Key Information: Software Type: Plugin Software Slug: mainwp-child-reports Software Status: Active Software Author: mainwp Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - NextGEN Gallery Vulnerability - Authenticated Stored Cross-Site Scripting - CVE-2024-2744 | WordPress Plugin Vulnerability Report - Vulnerabilities

NextGEN Gallery Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2744 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: NextGEN Gallery – Create an Amazing Photo Gallery in Seconds Key Information: Software Type: Plugin Software Slug: nextgen-gallery…

Read about this Latest WordPress Vulnerability

Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Key Information: Software Type:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Print Invoice & Delivery Notes for WooCommerce Vulnerability - Missing Authorization to Notice Dismissal - CVE-2024-4233 | WordPress Plugin Vulnerability Report - Vulnerabilities

Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Print Invoice & Delivery Notes for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-delivery-notes Software Status: Active…

Read about this Latest WordPress Vulnerability

All in One SEO Vulnerability – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3554 | WordPress Plugin Vulnerability Report

Drag and Drop Multiple File Upload Vulnerability – Contact Form 7 – Sensitive Information Exposure – CVE-2024-3717 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3743 | WordPress Plugin Vulnerability Report

Exclusive Addons for Elementor Vulnerability – Missing Authorization to Post Duplication – CVE-2024-33914 | WordPress Plugin Vulnerability Report

MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

Media Cleaner: Clean your WordPress! Vulnerability – Unauthenticated Information Exposure – CVE-2024-33922 | WordPress Plugin Vulnerability Report

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4203 | WordPress Plugin Vulnerability Report

WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3550 | WordPress Plugin Vulnerability Report

MainWP Child Reports Vulnerability – Cross-Site Request Forgery – CVE-2024-33680 | WordPress Plugin Vulnerability Report

NextGEN Gallery Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2744 | WordPress Plugin Vulnerability Report

Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report

Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy