WordPress Vulnerability Daily Update

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

March 12, 2024

Plugin Name: Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks Key Information: Software…

Read about this Latest WordPress Vulnerability

Premium Addons for Elementor – Authenticated Stored Cross-Site Scripting via Link Wrapper – CVE-2024-0326 | WordPress Plugin Vulnerability Report

March 12, 2024

Posted in Security, Vulnerabilities

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13…

Read about this Latest WordPress Vulnerability

Prime Slider Vulnerability – Authenticated Stored Cross-Site Scripting via Rubix Widget – CVE-2024-1507 | WordPress Plugin Vulnerability Report –

March 12, 2024

Posted in Security, Vulnerabilities

Plugin Name: Prime Slider – Addons For Elementor Key Information: Software Type: Plugin Software Slug: bdthemes-prime-slider-lite Software Status: Active Software…

Read about this Latest WordPress Vulnerability

Elementor Header & Footer Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1237 | WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Speed, Vulnerabilities

Plugin Name: Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Security, Vulnerabilities

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

Site Reviews Vulnerability – Authenticated Stored Cross-Site Scripting via Display Name – CVE-2024-2293 | WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Security, Vulnerabilities

Plugin Name: Site Reviews Key Information: Software Type: Plugin Software Slug: site-reviews Software Status: Active Software Author: geminilabs Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Security, Vulnerabilities

Plugin Name: WP Statistics Key Information: Software Type: Plugin Software Slug: wp-statistics Software Status: Active Software Author: mostafas1990 Software Downloads:…

Read about this Latest WordPress Vulnerability

Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Security, Vulnerabilities

Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software…

Read about this Latest WordPress Vulnerability

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Security, Vulnerabilities

Plugin Name: Easy Accordion – Best Accordion FAQ Plugin for WordPress Key Information: Software Type: Plugin Software Slug: easy-accordion-free Software…

Read about this Latest WordPress Vulnerability

Ultimate Member Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2123 |WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Security, Vulnerabilities

Plugin Name: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Key Information: Software Type:…

Read about this Latest WordPress Vulnerability

Metform Elementor Contact Form Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1585 |WordPress Plugin Vulnerability Report

March 7, 2024

Posted in Security, Vulnerabilities

Plugin Name: Metform Elementor Contact Form Builder Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

Orbit Fox by ThemeIsle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget – CVE-2024-2126 |WordPress Plugin Vulnerability Report

March 7, 2024

Posted in Security, Vulnerabilities

Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: ThemeIsle…

Read about this Latest WordPress Vulnerability

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

Premium Addons for Elementor – Authenticated Stored Cross-Site Scripting via Link Wrapper – CVE-2024-0326 | WordPress Plugin Vulnerability Report

Prime Slider Vulnerability – Authenticated Stored Cross-Site Scripting via Rubix Widget – CVE-2024-1507 | WordPress Plugin Vulnerability Report –

Elementor Header & Footer Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1237 | WordPress Plugin Vulnerability Report

Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report

Site Reviews Vulnerability – Authenticated Stored Cross-Site Scripting via Display Name – CVE-2024-2293 | WordPress Plugin Vulnerability Report

WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report

Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

Ultimate Member Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2123 |WordPress Plugin Vulnerability Report

Metform Elementor Contact Form Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1585 |WordPress Plugin Vulnerability Report

Orbit Fox by ThemeIsle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget – CVE-2024-2126 |WordPress Plugin Vulnerability Report

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy