WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - Bold Page Builder Vulnerability - Stored Cross-Site Scripting - CVE-2024-3267 & CVE-2024-3266 | WordPress Plugin Vulnerability Report - Vulnerabilities

Bold Page Builder Vulnerability – Stored Cross-Site Scripting – CVE-2024-3267 & CVE-2024-3266 | WordPress Plugin Vulnerability Report

April 5, 2024

Plugin Name: Bold Page Builder Key Information: Software Type: Plugin Software Slug: bold-page-builder Software Status: Active Software Author: BoldThemes Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - BoldGrid Easy SEO Vulnerability – Simple and Effective SEO - Information Exposure - CVE-2024-2950 | WordPress Plugin Vulnerability Report - Vulnerabilities

BoldGrid Easy SEO Vulnerability – Simple and Effective SEO – Information Exposure – CVE-2024-2950 | WordPress Plugin Vulnerability Report

April 5, 2024

Posted in Vulnerabilities, Security

Plugin Name: BoldGrid Easy SEO – Simple and Effective SEO Key Information: Software Type: Plugin Software Slug: boldgrid-easy-seo Software Status:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) - Authenticated Stored Cross-site Scripting via QR Code Widget - CVE-2024-2946 | WordPress Plugin Vulnerability Report - Vulnerabilities

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-site Scripting via QR Code Widget – CVE-2024-2946 | WordPress Plugin Vulnerability Report

April 4, 2024

Posted in Vulnerabilities, Security

Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key…

Read about this Latest WordPress Vulnerability

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-site Scripting via QR Code Widget – CVE-2024-2946 | WordPress Plugin Vulnerability Report

April 4, 2024

Posted in Vulnerabilities, Security

Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Relevanssi Vulnerability – A Better Search - Multiple Vulnerabilities - CVE-2024-3213 & CVE-2024-3214 | WordPress Plugin Vulnerability Report - Vulnerabilities

Relevanssi Vulnerability – A Better Search – Multiple Vulnerabilities – CVE-2024-3213 & CVE-2024-3214 | WordPress Plugin Vulnerability Report

April 4, 2024

Posted in Security, Vulnerabilities

Plugin Name: Relevanssi – A Better Search Key Information: Software Type: Plugin Software Slug: relevanssi Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - LearnPress Vulnerability – WordPress LMS Plugin - CVE-2024-1289, CVE-2024-1463, CVE-2024-2115 - WordPress Plugin Vulnerability Report - Vulnerabilities

LearnPress Vulnerability – WordPress LMS Plugin – CVE-2024-1289, CVE-2024-1463, CVE-2024-2115 – WordPress Plugin Vulnerability Report

April 4, 2024

Posted in Vulnerabilities, Security

Plugin Name: LearnPress – WordPress LMS Plugin Key Information: Software Type: Plugin Software Slug: learnpress Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - File Manager Vulnerability - Authenticated Directory Traversal - CVE-2024-2654 | WordPress Plugin Vulnerability Report - Vulnerabilities

File Manager Vulnerability – Authenticated Directory Traversal – CVE-2024-2654 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: File Manager Key Information: Software Type: Plugin Software Slug: wp-file-manager Software Status: Active Software Author: mndpsingh287 Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - ElementsKit Elementor addons Vulnerability - Authenticated Stored Cross-Site Scripting via Countdown Widget - CVE-2024-2803 | WordPress Plugin Vulnerability Report - Vulnerabilities

ElementsKit Elementor addons Vulnerability – Authenticated Stored Cross-Site Scripting via Countdown Widget – CVE-2024-2803 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: ElementsKit Elementor addons Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xpeedstudio Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Easy Digital Downloads Vulnerability - Sensitive Information Exposure - CVE-2024-2302 | WordPress Plugin Vulnerability Report - Vulnerabilities

Easy Digital Downloads Vulnerability – Sensitive Information Exposure – CVE-2024-2302 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) Key Information: Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - CMB2 Vulnerability - Authenticated PHP Object Injection - CVE-2024-1792 | WordPress Plugin Vulnerability Report - Vulnerabilities

CMB2 Vulnerability – Authenticated PHP Object Injection – CVE-2024-1792 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: CMB2 Key Information: Software Type: Plugin Software Slug: cmb2 Software Status: Active Software Author: jtsternberg Software Downloads: 4,198,199…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Gutenberg Blocks by Kadence Blocks Vulnerability – Page Builder Features - Multiple Vulnerabilities - CVE-2024-0598 & CVE-2024-2919 | WordPress Plugin Vulnerability Report - Vulnerabilities

Gutenberg Blocks by Kadence Blocks Vulnerability – Page Builder Features – Multiple Vulnerabilities – CVE-2024-0598 & CVE-2024-2919 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Happy Addons for Elementor Vulnerability - Multiple XSS Vulnerabilities - CVE-2024-2787, CVE-2024-2789, CVE-2024-1498, CVE-2024-1387 | WordPress Plugin Vulnerability Report - Vulnerabilities

Happy Addons for Elementor Vulnerability – Multiple XSS Vulnerabilities – CVE-2024-2787, CVE-2024-2789, CVE-2024-1498, CVE-2024-1387 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Happy Addons for Elementor Key Information Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster…

Read about this Latest WordPress Vulnerability

Bold Page Builder Vulnerability – Stored Cross-Site Scripting – CVE-2024-3267 & CVE-2024-3266 | WordPress Plugin Vulnerability Report

BoldGrid Easy SEO Vulnerability – Simple and Effective SEO – Information Exposure – CVE-2024-2950 | WordPress Plugin Vulnerability Report

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-site Scripting via QR Code Widget – CVE-2024-2946 | WordPress Plugin Vulnerability Report

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-site Scripting via QR Code Widget – CVE-2024-2946 | WordPress Plugin Vulnerability Report

Relevanssi Vulnerability – A Better Search – Multiple Vulnerabilities – CVE-2024-3213 & CVE-2024-3214 | WordPress Plugin Vulnerability Report

LearnPress Vulnerability – WordPress LMS Plugin – CVE-2024-1289, CVE-2024-1463, CVE-2024-2115 – WordPress Plugin Vulnerability Report

File Manager Vulnerability – Authenticated Directory Traversal – CVE-2024-2654 | WordPress Plugin Vulnerability Report

ElementsKit Elementor addons Vulnerability – Authenticated Stored Cross-Site Scripting via Countdown Widget – CVE-2024-2803 | WordPress Plugin Vulnerability Report

Easy Digital Downloads Vulnerability – Sensitive Information Exposure – CVE-2024-2302 | WordPress Plugin Vulnerability Report

CMB2 Vulnerability – Authenticated PHP Object Injection – CVE-2024-1792 | WordPress Plugin Vulnerability Report

Gutenberg Blocks by Kadence Blocks Vulnerability – Page Builder Features – Multiple Vulnerabilities – CVE-2024-0598 & CVE-2024-2919 | WordPress Plugin Vulnerability Report

Happy Addons for Elementor Vulnerability – Multiple XSS Vulnerabilities – CVE-2024-2787, CVE-2024-2789, CVE-2024-1498, CVE-2024-1387 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy