Responsive Lightbox & Gallery Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via File Upload – CVE-2024-6870 | WordPress Plugin Vulnerability Report
Plugin Name: Responsive Lightbox & Gallery Key Information: Software Type: Plugin Software Slug: responsive-lightbox Software Status: Active Software Author: dfactory…
Orbit Fox by ThemeIsle Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload – CVE-2024-7778 | WordPress Plugin Vulnerability Report
Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: themeisle…
GiveWP Vulnerability– Donation Plugin and Fundraising Platform – Multiple Vulnerabilities – CVE-2024-5939, CVE-2024-5940, CVE-2024-5941, CVE-2024-5932 | WordPress Plugin Vulnerability Report
Plugin Name: GiveWP – Donation Plugin and Fundraising Platform Key Information: Software Type: Plugin Software Slug: give Software Status: Active…
The Plus Addons for Elementor Vulnerability- Multiple Stored Cross-Site Scripting Vulnerabilities – CVE-2024-6575 and CVE-2024-5763 | WordPress Plugin Vulnerability Report
Plugin Name: The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Key Information: Software Type:…
BackWPup – WordPress Backup & Restore Plugin Vulnerability – Authenticated (Administrator+) Directory Traversal – CVE-2023-5505 | WordPress Plugin Vulnerability Report
Plugin Name: BackWPup – WordPress Backup & Restore Plugin Key Information: Software Type: Plugin Software Slug: backwpup Software Status: Active…
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability – Unauthenticated Double-Extension Arbitrary File Upload – CVE-2023-0714 | WordPress Plugin Vulnerability Report
Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software…
Relevanssi – A Better Search Vulnerability – Unauthenticated Information Exposure – CVE-2024-7630 | WordPress Plugin Vulnerability Report
Plugin Name: Relevanssi – A Better Search Key Information: Software Type: Plugin Software Slug: relevanssi Software Status: Active Software Author:…
Theme My Login Vulnrability – Cross-Site Request Forgery to Settings Update – CVE-2024-7422 | WordPress Plugin Vulnerability Report
Plugin Name: Theme My Login Key Information: Software Type: Plugin Software Slug: theme-my-login Software Status: Active Software Author: jfarthing84 Software…
ElementsKit Pro Vulnerability – Authenticated Sensitive Information Exposure & Stored Cross-Site Scripting – CVE-2024-7063, CVE-2024-7064 | WordPress Plugin Vulnerability Report
Plugin Name: ElementsKit Pro Key Information: Software Type: Plugin Software Slug: elementskit Software Status: Active Software Author: wpmet Software Downloads:…
Insert PHP Code Snippet Vulnerability – Cross-Site Request Forgery to Code Snippet Activate/Deactivate/Deletion – CVE-2024-7420 | WordPress Plugin Vulnerability Report
Plugin Name: Insert PHP Code Snippet Key Information: Software Type: Plugin Software Slug: insert-php-code-snippet Software Status: Active Software Author: f1logic…
Slider & Popup Builder by Depicter Vulnerability – Authenticated (Contributor+) Arbitrary File Upload – CVE-2024-4389 | WordPress Plugin Vulnerability Report
Plugin Name: Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon…
Media Library Assistant Vulnerability- Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action – CVE-2024-6823 | WordPress Plugin Vulnerability Report
Plugin Name: Media Library Assistant Key Information: Software Type: Plugin Software Slug: media-library-assistant Software Status: Active Software Author: dglingren Software…