Login Lockdown Vulnerability– Protect Login Form – Missing Authorization – CVE-2024-1340 | WordPress Plugin Vulnerability Report
Plugin Name: Login Lockdown – Protect Login Form Key Information: Software Type: Plugin Software Slug: login-lockdown Software Status: Active Software…
WP Booking Calendar Vulnerability- Unauthenticated SQL Injection – CVE-2024-1207 | WordPress Plugin Vulnerability Report
Plugin Name: WP Booking Calendar Key Information: Software Type: Plugin Software Slug: booking Software Status: Active Software Author: wpdevelop Software…
WP Recipe Maker Vulnerability- Missing Authorization to Authenticated SQL Injection – CVE-2024-1206 |WordPress Plugin Vulnerability Report
Plugin Name: WP Recipe Maker Key Information: Software Type: Plugin Software Slug: wp-recipe-maker Software Status: Active Software Author: brechtvds Software…
WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate – Authenticated Stored Cross-Site Scripting via shortcode – CVE-2024-0792 |WordPress Plugin Vulnerability Report
Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software…
RSS Aggregator Vulnerability– RSS Import, News Feeds, Feed to Post, and Autoblogging – Authenticated (Admin+) Server-Side Request Forgery via RSS Feed Source – CVE-2024-0628 | WordPress Plugin Vulnerability Report
Plugin Name: RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging Key Information: Software Type: Plugin Software…
Starbox Vulnerability– the Author Box for Humans – Authenticated (Subscriber+) Stored Cross-Site Scripting via Job Settings – CVE-2023-6806 | WordPress Plugin Vulnerability Report
Plugin Name: Starbox – the Author Box for Humans Key Information: Software Type: Plugin Software Slug: starbox Software Status: Active…
AMP for WP Vulnerability– Accelerated Mobile Pages – Authenticated Arbitrary Post Deletion via amppb_remove_saved_layout_data – CVE-2024-1043 |WordPress Plugin Vulnerability Report
Key Information: Software Type: Plugin Software Slug: accelerated-mobile-pages Software Status: Active Software Author: mohammed_kaludi Software Downloads: 17,665,548 Active Installs: 100,000…
Custom Twitter Feeds Vulnerability – A Tweets Widget or X Feed Widget – Cross-Site Request Forgery to Plugin Options Update – CVE-2024-0379 | WordPress Plugin Vulnerability Report
Plugin Name: Custom Twitter Feeds – A Tweets Widget or X Feed Widget Key Information: Software Type: Plugin Software Slug:…
Customer Reviews for WooCommerce Vulnerability – Improper Authorization via submit_review – CVE-2024-1044 | WordPress Plugin Vulnerability Report
Plugin Name: Customer Reviews for WooCommerce Key Information: Software Type: Plugin Software Slug: customer-reviews-woocommerce Software Status: Active Software Author: ivole…
PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1055 | WordPress Plugin Vulnerability Report
Plugin Name: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software…
Shield Security Vulnerability– Smart Bot Blocking & Intrusion Prevention Security – Unauthenticated Local File Inclusion – CVE-2023-6989 |WordPress Plugin Vulnerability Report
Plugin Name: Shield Security – Smart Bot Blocking & Intrusion Prevention Security Key Information: Software Type: Plugin Software Slug: wp-simple-firewall…
WP 404 Auto Redirect to Similar Post Vulnerability- Reflected Cross-Site Scripting via request – CVE-2024-0509 |WordPress Plugin Vulnerability Report
Plugin Name: WP 404 Auto Redirect to Similar Post Key Information: Software Type: Plugin Software Slug: wp-404-auto-redirect-to-similar-post Software Status: Active…