WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - Exclusive Addons for Elementor Vulnerability - Missing Authorization to Post Duplication - CVE-2024-33914 | WordPress Plugin Vulnerability Report - Vulnerabilities

Exclusive Addons for Elementor Vulnerability – Missing Authorization to Post Duplication – CVE-2024-33914 | WordPress Plugin Vulnerability Report

April 29, 2024

Plugin Name: Exclusive Addons for Elementor Key Information: Software Type: Plugin Software Slug: exclusive-addons-for-elementor Software Status: Active Software Author: timstrifler…

Read about this Latest WordPress Vulnerability

MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: MailerLite – Signup forms (official) Key Information: Software Type: Plugin Software Slug: official-mailerlite-sign-up-forms Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Media Cleaner: Clean your WordPress! Vulnerability - Unauthenticated Information Exposure - CVE-2024-33922 | WordPress Plugin Vulnerability Report - Vulnerabilities

Media Cleaner: Clean your WordPress! Vulnerability – Unauthenticated Information Exposure – CVE-2024-33922 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Media Cleaner: Clean your WordPress! Key Information: Software Type: Plugin Software Slug: media-cleaner Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Premium Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-4203 | WordPress Plugin Vulnerability Report - Vulnerabilities

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4203 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode - CVE-2024-3550 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3550 | WordPress Plugin Vulnerability Report

April 29, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - MainWP Child Reports Vulnerability - Cross-Site Request Forgery - CVE-2024-33680 | WordPress Plugin Vulnerability Report - Vulnerabilities

MainWP Child Reports Vulnerability – Cross-Site Request Forgery – CVE-2024-33680 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: MainWP Child Reports Key Information: Software Type: Plugin Software Slug: mainwp-child-reports Software Status: Active Software Author: mainwp Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - NextGEN Gallery Vulnerability - Authenticated Stored Cross-Site Scripting - CVE-2024-2744 | WordPress Plugin Vulnerability Report - Vulnerabilities

NextGEN Gallery Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2744 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: NextGEN Gallery – Create an Amazing Photo Gallery in Seconds Key Information: Software Type: Plugin Software Slug: nextgen-gallery…

Read about this Latest WordPress Vulnerability

Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Key Information: Software Type:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Print Invoice & Delivery Notes for WooCommerce Vulnerability - Missing Authorization to Notice Dismissal - CVE-2024-4233 | WordPress Plugin Vulnerability Report - Vulnerabilities

Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Print Invoice & Delivery Notes for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-delivery-notes Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Qi Addons For Elementor Vulnerability - Authenticated Stored Cross-Site Scripting via Countdown Widget - CVE-2024-3309 | WordPress Plugin Vulnerability Report - Vulnerabilities

Qi Addons For Elementor Vulnerability – Authenticated Stored Cross-Site Scripting via Countdown Widget – CVE-2024-3309 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Qi Addons For Elementor Key Information: Software Type: Plugin Software Slug: qi-addons-for-elementor Software Status: Active Software Author: qodeinteractive…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Spectra Vulnerability – WordPress Gutenberg Blocks - Authenticated Path Traversal - CVE-2024-3107 | WordPress Plugin Vulnerability Report - Vulnerabilities

Spectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Path Traversal – CVE-2024-3107 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Spectra – WordPress Gutenberg Blocks Key Information: Software Type: Plugin Software Slug: ultimate-addons-for-gutenberg Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Timetable and Event Schedule by MotoPress Vulnerability - Authenticated SQL Injection - CVE-2024-3342 | WordPress Plugin Vulnerability Report - Vulnerabilities

Timetable and Event Schedule by MotoPress Vulnerability – Authenticated SQL Injection – CVE-2024-3342 | WordPress Plugin Vulnerability Report

April 26, 2024

Posted in Vulnerabilities, Security

Plugin Name: Timetable and Event Schedule by MotoPress Key Information: Software Type: Plugin Software Slug: mp-timetable Software Status: Active Software…

Read about this Latest WordPress Vulnerability

Exclusive Addons for Elementor Vulnerability – Missing Authorization to Post Duplication – CVE-2024-33914 | WordPress Plugin Vulnerability Report

MailerLite Vulnerability – Signup forms (official) – Multiple Vulnerabilities – CVE-2024-2797, CVE-2024-1386 | WordPress Plugin Vulnerability Report

Media Cleaner: Clean your WordPress! Vulnerability – Unauthenticated Information Exposure – CVE-2024-33922 | WordPress Plugin Vulnerability Report

Premium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4203 | WordPress Plugin Vulnerability Report

WP Shortcodes Plugin Vulnerability — Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-3550 | WordPress Plugin Vulnerability Report

MainWP Child Reports Vulnerability – Cross-Site Request Forgery – CVE-2024-33680 | WordPress Plugin Vulnerability Report

NextGEN Gallery Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2744 | WordPress Plugin Vulnerability Report

Popup Builder by OptinMonster Vulnerability – WordPress Popups for Optins, Email Newsletters and Lead Generation – Cross-Site Request Forgery to Notice Dismissal – CVE-2024-33691 | WordPress Plugin Vulnerability Report

Print Invoice & Delivery Notes for WooCommerce Vulnerability – Missing Authorization to Notice Dismissal – CVE-2024-4233 | WordPress Plugin Vulnerability Report

Qi Addons For Elementor Vulnerability – Authenticated Stored Cross-Site Scripting via Countdown Widget – CVE-2024-3309 | WordPress Plugin Vulnerability Report

Spectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Path Traversal – CVE-2024-3107 | WordPress Plugin Vulnerability Report

Timetable and Event Schedule by MotoPress Vulnerability – Authenticated SQL Injection – CVE-2024-3342 | WordPress Plugin Vulnerability Report

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy