WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - WordPress Tag and Category Manager Vulnerability – AI Autotagger - Authenticated Stored Cross-Site Scripting via Shortcode - CVE-2024-2830 | WordPress Plugin Vulnerability Report - Vulnerabilities

WordPress Tag and Category Manager Vulnerability – AI Autotagger – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-2830 | WordPress Plugin Vulnerability Report

April 3, 2024

Plugin Name: WordPress Tag and Category Manager – AI Autotagger Key Information: Software Type: Plugin Software Slug: simple-tags Software Status:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Spectra Vulnerability – WordPress Gutenberg Blocks - Authenticated Cross-Site Scripting via Custom CSS - CVE-2023-6486 | WordPress Plugin Vulnerability Report - Vulnerabilities

Spectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Cross-Site Scripting via Custom CSS – CVE-2023-6486 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Spectra – WordPress Gutenberg Blocks Key Information Software Type: Plugin Software Slug: ultimate-addons-for-gutenberg Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) - Authenticated Stored Cross-Site Scripting via WL Universal Product Layout - CVE-2024-2868 | WordPress Plugin Vulnerability Report - Vulnerabilities

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-Site Scripting via WL Universal Product Layout – CVE-2024-2868 | WordPress Plugin Vulnerability Report

April 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Jeg Elementor Kit Vulnerability - Multiple Stored Cross-Site Scripting Issues - CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report - Vulnerabilities

Jeg Elementor Kit Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report

April 2, 2024

Posted in Vulnerabilities, Security

Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WPFront User Role Editor Vulnerability - Limited Information Exposure - CVE-2024-2931 | WordPress Plugin Vulnerability Report - Vulnerabilities

WPFront User Role Editor Vulnerability – Limited Information Exposure – CVE-2024-2931 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: WPFront User Role Editor Key Information: Software Type: Plugin Software Slug: wpfront-user-role-editor Software Status: Active Software Author: syammohanm…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP-Members Membership Plugin Vulnerability - Unauthenticated Stored Cross-Site Scripting - CVE-2024-1852 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP-Members Membership Plugin Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-1852 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP-Members Membership Plugin Key Information: Software Type: Plugin Software Slug: wp-members Software Status: Active Software Author: cbutlerjr Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Template Kit – Import Vulnerability - Authenticated Stored Cross-Site Scripting via Template Upload - CVE-2024-2334 | WordPress Plugin Vulnerability Report - Vulnerabilities

Template Kit – Import Vulnerability – Authenticated Stored Cross-Site Scripting via Template Upload – CVE-2024-2334 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: Template Kit – Import Key Information: Software Type: Plugin Software Slug: template-kit-import Software Status: Active Software Author: Envato…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - SecuPress Free Vulnerability — WordPress Security - Cross-Site Request Forgery to Banned IP Address - CVE-2024-1504 | WordPress Plugin Vulnerability Report - Vulnerabilities

SecuPress Free Vulnerability — WordPress Security – Cross-Site Request Forgery to Banned IP Address – CVE-2024-1504 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: SecuPress Free – WordPress Security Key Information: Software Type: Plugin Software Slug: secupress Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - MetForm Vulnerability – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor - Authenticated Stored Cross-Site Scripting via Widgets - CVE-2024-2791 | WordPress Plugin Vulnerability Report - Vulnerabilities

MetForm Vulnerability – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor – Authenticated Stored Cross-Site Scripting via Widgets – CVE-2024-2791 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Genesis Blocks - Authenticated Stored Cross-Site Scripting via Block Content - CVE-2024-1946 | WordPress Plugin Vulnerability Report - Vulnerabilities

Genesis Blocks – Authenticated Stored Cross-Site Scripting via Block Content – CVE-2024-1946 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: Genesis Blocks Key Information: Software Type: Plugin Software Slug: genesis-blocks Software Status: Active Software Author: StudioPress Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Colibri Page Builder Vulnerability - Authenticated Stored Cross-Site Scripting - CVE-2024-2839 | WordPress Plugin Vulnerability Report - Vulnerabilities

Colibri Page Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2839 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Beaver Builder Vulnerability – WordPress Page Builder - Authenticated Stored Cross-Site Scripting via Button - CVE-2024-2925 | WordPress Plugin Vulnerability Report - Vulnerabilities

Beaver Builder Vulnerability – WordPress Page Builder – Authenticated Stored Cross-Site Scripting via Button – CVE-2024-2925 | WordPress Plugin Vulnerability Report

April 1, 2024

Posted in Vulnerabilities, Security

Plugin Name: Beaver Builder – WordPress Page Builder Key Information: Software Type: Plugin Software Slug: beaver-builder-lite-version Software Status: Active Software…

Read about this Latest WordPress Vulnerability

WordPress Tag and Category Manager Vulnerability – AI Autotagger – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-2830 | WordPress Plugin Vulnerability Report

Spectra Vulnerability – WordPress Gutenberg Blocks – Authenticated Cross-Site Scripting via Custom CSS – CVE-2023-6486 | WordPress Plugin Vulnerability Report

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-Site Scripting via WL Universal Product Layout – CVE-2024-2868 | WordPress Plugin Vulnerability Report

Jeg Elementor Kit Vulnerability – Multiple Stored Cross-Site Scripting Issues – CVE-2024-1327 & CVE-2024-3162 |WordPress Plugin Vulnerability Report

WPFront User Role Editor Vulnerability – Limited Information Exposure – CVE-2024-2931 | WordPress Plugin Vulnerability Report

WP-Members Membership Plugin Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-1852 | WordPress Plugin Vulnerability Report

Template Kit – Import Vulnerability – Authenticated Stored Cross-Site Scripting via Template Upload – CVE-2024-2334 | WordPress Plugin Vulnerability Report

SecuPress Free Vulnerability — WordPress Security – Cross-Site Request Forgery to Banned IP Address – CVE-2024-1504 | WordPress Plugin Vulnerability Report

MetForm Vulnerability – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor – Authenticated Stored Cross-Site Scripting via Widgets – CVE-2024-2791 | WordPress Plugin Vulnerability Report

Genesis Blocks – Authenticated Stored Cross-Site Scripting via Block Content – CVE-2024-1946 | WordPress Plugin Vulnerability Report

Colibri Page Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-2839 | WordPress Plugin Vulnerability Report

Beaver Builder Vulnerability – WordPress Page Builder – Authenticated Stored Cross-Site Scripting via Button – CVE-2024-2925 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy