WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - Qi Addons For Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-0826 | WordPress Plugin Vulnerability Report - Vulnerabilities

Qi Addons For Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0826 | WordPress Plugin Vulnerability Report

March 15, 2024

Plugin Name: Qi Addons For Elementor Key Information: Software Type: Plugin Software Slug: qi-addons-for-elementor Software Status: Active Software Author: qodeinteractive…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Backuply Vulnerability– Backup, Restore, Migrate and Clone - Authenticated (Admin+) Directory Traversal - CVE-2024-2294 | WordPress Plugin Vulnerability Report - Vulnerabilities

Backuply Vulnerability– Backup, Restore, Migrate and Clone – Authenticated (Admin+) Directory Traversal – CVE-2024-2294 | WordPress Plugin Vulnerability Report

March 15, 2024

Posted in Vulnerabilities, Security

Plugin Name: Backuply – Backup, Restore, Migrate and Clone Key Information: Software Type: Plugin Software Slug: backuply Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - ElementsKit Elementor addons Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-1239 | WordPress Plugin Vulnerability Report - Vulnerabilities

ElementsKit Elementor addons Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1239 | WordPress Plugin Vulnerability Report

March 15, 2024

Posted in Vulnerabilities, Security

Plugin Name: ElementsKit Elementor addons Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xspeedstudio Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url - CVE-2024-1812 | WordPress Plugin Vulnerability Report - Vulnerabilities

Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url – CVE-2024-1812 | WordPress Plugin Vulnerability Report

March 15, 2024

Posted in Vulnerabilities, Security

Plugin Name: Everest Forms – Build Contact Forms, Surveys, Polls, Quizzes, Newsletter & Application Forms, and Many More with Ease!…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - HT Mega Vulnerability– Absolute Addons For Elementor - Authenticated Directory Traversal - CVE-2024-1974 |WordPress Plugin Vulnerability Report - Vulnerabilities

HT Mega Vulnerability– Absolute Addons For Elementor – Authenticated Directory Traversal – CVE-2024-1974 |WordPress Plugin Vulnerability Report

March 14, 2024

Posted in Vulnerabilities, Security

Plugin Name: HT Mega – Absolute Addons For Elementor Key Information: Software Type: Plugin Software Slug: ht-mega-for-elementor Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - HUSKY Vulnerability– Products Filter Professional for WooCommerce - Authenticated Stored Cross-Site Scripting via Shortcode - CVE-2024-1796 | WordPress Plugin Vulnerability Report - Vulnerabilities

HUSKY Vulnerability– Products Filter Professional for WooCommerce – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-1796 | WordPress Plugin Vulnerability Report

March 14, 2024

Posted in Vulnerabilities, Security

Plugin Name: HUSKY – Products Filter Professional for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-products-filter Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) - Authenticated Stored Cross-Site Scripting via Banner Link - CVE-2024-1960 | WordPress Plugin Vulnerability Report - Vulnerabilities

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-Site Scripting via Banner Link – CVE-2024-1960 | WordPress Plugin Vulnerability Report

March 14, 2024

Posted in Vulnerabilities, Security

Plugin Name: ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) Key…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Contact Form 7 Vulnerability - Reflected Cross-Site Scripting - CVE-2024-2242 | WordPress Plugin Vulnerability Report - Vulnerabilities

Contact Form 7 Vulnerability – Reflected Cross-Site Scripting – CVE-2024-2242 | WordPress Plugin Vulnerability Report

March 13, 2024

Posted in Vulnerabilities, Security

Plugin Name: Contact Form 7 Key Information: Software Type: Plugin Software Slug: contact-form-7 Software Status: Active Software Author: takayukister Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Elementor Addons by Livemesh Vulnerability - Authenticated Stored Cross-Site Scripting via Posts Multislider Widget - CVE-2024-1466 | WordPress Plugin Vulnerability Report - Vulnerabilities

Elementor Addons by Livemesh Vulnerability – Authenticated Stored Cross-Site Scripting via Posts Multislider Widget – CVE-2024-1466 | WordPress Plugin Vulnerability Report

March 13, 2024

Posted in Vulnerabilities, Security

Plugin Name: Elementor Addons by Livemesh Key Information: Software Type: Plugin Software Slug: addons-for-elementor Software Status: Active Software Author: livemesh…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Burst Statistics Vulnerability - Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count - CVE-2024-1894 |WordPress Plugin Vulnerability Report - Vulnerabilities

Burst Statistics Vulnerability – Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count – CVE-2024-1894 |WordPress Plugin Vulnerability Report

March 12, 2024

Posted in Vulnerabilities, Security

Plugin Name: Burst Statistics – Privacy-Friendly Analytics for WordPress Key Information: Software Type: Plugin Software Slug: burst-statistics Software Status: Active…

Read about this Latest WordPress Vulnerability

Burst Statistics Vulnerability – Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count – CVE-2024-1894 | WordPress Plugin Vulnerability Report

March 12, 2024

Posted in Vulnerabilities, Security

Plugin Name: Burst Statistics – Privacy-Friendly Analytics for WordPress Key Information: Software Type: Plugin Software Slug: burst-statistics Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Easy Social Feed Vulnerability – Social Photos Gallery – Post Feed – Like Box - Cross-Site Request Forgery - CVE-2024-1214 | WordPress Plugin Vulnerability Report - Vulnerabilities

Easy Social Feed Vulnerability – Social Photos Gallery – Post Feed – Like Box – Cross-Site Request Forgery – CVE-2024-1214 | WordPress Plugin Vulnerability Report

March 12, 2024

Posted in Vulnerabilities, Security

Plugin Name: Easy Social Feed – Social Photos Gallery – Post Feed – Like Box Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

Qi Addons For Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0826 | WordPress Plugin Vulnerability Report

Backuply Vulnerability– Backup, Restore, Migrate and Clone – Authenticated (Admin+) Directory Traversal – CVE-2024-2294 | WordPress Plugin Vulnerability Report

ElementsKit Elementor addons Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1239 | WordPress Plugin Vulnerability Report

Everest Forms Vulnerability- Unauthenticated Server-Side Request Forgery via font_url – CVE-2024-1812 | WordPress Plugin Vulnerability Report

HT Mega Vulnerability– Absolute Addons For Elementor – Authenticated Directory Traversal – CVE-2024-1974 |WordPress Plugin Vulnerability Report

HUSKY Vulnerability– Products Filter Professional for WooCommerce – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2024-1796 | WordPress Plugin Vulnerability Report

ShopLentor Vulnerability – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) – Authenticated Stored Cross-Site Scripting via Banner Link – CVE-2024-1960 | WordPress Plugin Vulnerability Report

Contact Form 7 Vulnerability – Reflected Cross-Site Scripting – CVE-2024-2242 | WordPress Plugin Vulnerability Report

Elementor Addons by Livemesh Vulnerability – Authenticated Stored Cross-Site Scripting via Posts Multislider Widget – CVE-2024-1466 | WordPress Plugin Vulnerability Report

Burst Statistics Vulnerability – Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count – CVE-2024-1894 |WordPress Plugin Vulnerability Report

Burst Statistics Vulnerability – Authenticated Stored Cross-Site Scripting via burst_total_pageviews_count – CVE-2024-1894 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy