WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - Post Grid Combo Vulnerability – 36+ Gutenberg Blocks - Information Exposure via get_posts API Endpoint - CVE-2023-7072 | WordPress Plugin Vulnerability Report - Vulnerabilities

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

March 12, 2024

Plugin Name: Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks Key Information: Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Premium Addons for Elementor - Authenticated Stored Cross-Site Scripting via Link Wrapper - CVE-2024-0326 | WordPress Plugin Vulnerability Report - Vulnerabilities

Premium Addons for Elementor – Authenticated Stored Cross-Site Scripting via Link Wrapper – CVE-2024-0326 | WordPress Plugin Vulnerability Report

March 12, 2024

Posted in Vulnerabilities, Security

Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Prime Slider Vulnerability - Authenticated Stored Cross-Site Scripting via Rubix Widget - CVE-2024-1507 | WordPress Plugin Vulnerability Report - Vulnerabilities

Prime Slider Vulnerability – Authenticated Stored Cross-Site Scripting via Rubix Widget – CVE-2024-1507 | WordPress Plugin Vulnerability Report –

March 12, 2024

Posted in Vulnerabilities, Security

Plugin Name: Prime Slider – Addons For Elementor Key Information: Software Type: Plugin Software Slug: bdthemes-prime-slider-lite Software Status: Active Software…

Read about this Latest WordPress Vulnerability

Elementor Header & Footer Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1237 | WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Speed, Vulnerabilities

Plugin Name: Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table - CVE-2024-1537 |WordPress Plugin Vulnerability Report - Vulnerabilities

Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Vulnerabilities, Security

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Site Reviews Vulnerability - Authenticated Stored Cross-Site Scripting via Display Name - CVE-2024-2293 | WordPress Plugin Vulnerability Report - Vulnerabilities

Site Reviews Vulnerability – Authenticated Stored Cross-Site Scripting via Display Name – CVE-2024-2293 | WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Vulnerabilities, Security

Plugin Name: Site Reviews Key Information: Software Type: Plugin Software Slug: site-reviews Software Status: Active Software Author: geminilabs Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting - CVE-2024-2194 |WordPress Plugin Vulnerability Report - Vulnerabilities

WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report

March 11, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP Statistics Key Information: Software Type: Plugin Software Slug: wp-statistics Software Status: Active Software Author: mostafas1990 Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Colibri Page Builder Vulnerability - Missing Authorization - CVE-2024-1870 | WordPress Plugin Vulnerability Report - Vulnerabilities

Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Vulnerabilities, Security

Plugin Name: Colibri Page Builder Key Information: Software Type: Plugin Software Slug: colibri-page-builder Software Status: Active Software Author: extendthemes Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress - Authenticated Stored Cross-Site Scripting - CVE-2024-1363 |WordPress Plugin Vulnerability Report - Vulnerabilities

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Vulnerabilities, Security

Plugin Name: Easy Accordion – Best Accordion FAQ Plugin for WordPress Key Information: Software Type: Plugin Software Slug: easy-accordion-free Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Ultimate Member Vulnerability - Unauthenticated Stored Cross-Site Scripting - CVE-2024-2123 |WordPress Plugin Vulnerability Report - Vulnerabilities

Ultimate Member Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2123 |WordPress Plugin Vulnerability Report

March 8, 2024

Posted in Vulnerabilities, Security

Plugin Name: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Key Information: Software Type:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Metform Elementor Contact Form Builder Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode - CVE-2024-1585 |WordPress Plugin Vulnerability Report - Vulnerabilities

Metform Elementor Contact Form Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1585 |WordPress Plugin Vulnerability Report

March 7, 2024

Posted in Vulnerabilities, Security

Plugin Name: Metform Elementor Contact Form Builder Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Orbit Fox by ThemeIsle Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget - CVE-2024-2126 |WordPress Plugin Vulnerability Report - Vulnerabilities

Orbit Fox by ThemeIsle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget – CVE-2024-2126 |WordPress Plugin Vulnerability Report

March 7, 2024

Posted in Vulnerabilities, Security

Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: ThemeIsle…

Read about this Latest WordPress Vulnerability

Post Grid Combo Vulnerability – 36+ Gutenberg Blocks – Information Exposure via get_posts API Endpoint – CVE-2023-7072 | WordPress Plugin Vulnerability Report

Premium Addons for Elementor – Authenticated Stored Cross-Site Scripting via Link Wrapper – CVE-2024-0326 | WordPress Plugin Vulnerability Report

Prime Slider Vulnerability – Authenticated Stored Cross-Site Scripting via Rubix Widget – CVE-2024-1507 | WordPress Plugin Vulnerability Report –

Elementor Header & Footer Builder Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2024-1237 | WordPress Plugin Vulnerability Report

Essential Addons for Elementor Vulnerability- Authenticated Stored Cross-Site Scripting via Data Table – CVE-2024-1537 |WordPress Plugin Vulnerability Report

Site Reviews Vulnerability – Authenticated Stored Cross-Site Scripting via Display Name – CVE-2024-2293 | WordPress Plugin Vulnerability Report

WP Statistics Vulnerability- Unauthenticated Stored Cross-Site Scripting – CVE-2024-2194 |WordPress Plugin Vulnerability Report

Colibri Page Builder Vulnerability – Missing Authorization – CVE-2024-1870 | WordPress Plugin Vulnerability Report

Easy Accordion Vulnerability – Best Accordion FAQ Plugin for WordPress – Authenticated Stored Cross-Site Scripting – CVE-2024-1363 |WordPress Plugin Vulnerability Report

Ultimate Member Vulnerability – Unauthenticated Stored Cross-Site Scripting – CVE-2024-2123 |WordPress Plugin Vulnerability Report

Metform Elementor Contact Form Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2024-1585 |WordPress Plugin Vulnerability Report

Orbit Fox by ThemeIsle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Registration Form Widget – CVE-2024-2126 |WordPress Plugin Vulnerability Report

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy