WordPress Vulnerability Daily Update

Shield Security Vulnerability– Smart Bot Blocking & Intrusion Prevention Security – Unauthenticated Local File Inclusion – CVE-2023-6989 |WordPress Plugin Vulnerability Report

February 5, 2024

Plugin Name: Shield Security – Smart Bot Blocking & Intrusion Prevention Security Key Information: Software Type: Plugin Software Slug: wp-simple-firewall…

Read about this Latest WordPress Vulnerability

WP 404 Auto Redirect to Similar Post Vulnerability- Reflected Cross-Site Scripting via request – CVE-2024-0509 |WordPress Plugin Vulnerability Report

February 5, 2024

Posted in Security, Vulnerabilities

Plugin Name: WP 404 Auto Redirect to Similar Post Key Information: Software Type: Plugin Software Slug: wp-404-auto-redirect-to-similar-post Software Status: Active…

Read about this Latest WordPress Vulnerability

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0834 |WordPress Plugin Vulnerability Report

February 5, 2024

Posted in Security, Vulnerabilities

Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software…

Read about this Latest WordPress Vulnerability

Meta Box Vulnerability– WordPress Custom Fields Framework – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6526 |WordPress Plugin Vulnerability Report

February 5, 2024

Posted in Security, Vulnerabilities

Plugin Name: Meta Box – WordPress Custom Fields Framework Key Information: Software Type: Plugin Software Slug: meta-box Software Status: Active…

Read about this Latest WordPress Vulnerability

Minimal Coming Soon Vulnerability– Coming Soon Page – Unauthenticated Maintenance Mode Bypass – CVE-2024-1075 |WordPress Plugin Vulnerability Report

February 5, 2024

Posted in Security, Vulnerabilities

Plugin Name: Minimal Coming Soon – Coming Soon Page Key Information: Software Type: Plugin Software Slug: minimal-coming-soon-maintenance-mode Software Status: Active…

Read about this Latest WordPress Vulnerability

Shariff Wrapper Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-1106 |WordPress Plugin Vulnerability Report

February 5, 2024

Posted in Security, Vulnerabilities

Plugin Name: Shariff Wrapper Key Information: Software Type: Plugin Software Slug: shariff Software Status: Active Software Author: 3uu Software Downloads:…

Read about this Latest WordPress Vulnerability

BEAR Vulnerability– Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net – Missing Authorization via Several Functions – CVE-2024-24835 | WordPress Plugin Vulnerability Report

February 2, 2024

Posted in Security, Vulnerabilities

Plugin Name: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net Key Information: Software Type: Plugin Software…

Read about this Latest WordPress Vulnerability

Easy Digital Downloads Vulnerability– Sell Digital Files (eCommerce Store & Payments Made Easy) – Authenticated (Shop Manager+) Stored Cross-Site Scripting – CVE-2024-0659 | WordPress Plugin Vulnerability Report

February 2, 2024

Posted in Security, Vulnerabilities

Plugin Name: Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

PDF Flipbook, 3D Flipbook Vulnerability– DearFlip – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0895 | WordPress Plugin Vulnerability Report

February 2, 2024

Posted in Security, Vulnerabilities

Plugin Name: PDF Flipbook, 3D Flipbook – DearFlip Key Information: Software Type: Plugin Software Slug: 3d-flipbook-dflip-lite Software Status: Active Software…

Read about this Latest WordPress Vulnerability

Orbit Fox by ThemeIsle Vulnerability – Cross-Site Request Forgery – CVE-2024-1162 | WordPress Plugin Vulnerability Report

February 1, 2024

Posted in Security, Vulnerabilities

Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: ThemeIsle…

Read about this Latest WordPress Vulnerability

Calculated Fields Form Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0963 | WordPress Plugin Vulnerability Report

February 1, 2024

Posted in Security, Vulnerabilities

Plugin Name: Calculated Fields Form Key Information: Software Type: Plugin Software Slug: calculated-fields-form Software Status: Active Software Author: codepeople Software…

Read about this Latest WordPress Vulnerability

Essential Addons for Elementor Vulnerability– Best Elementor Templates, Widgets, Kits & WooCommerce Builders – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0954 | WordPress Plugin Vulnerability Report

February 1, 2024

Posted in Security, Vulnerabilities

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

Shield Security Vulnerability– Smart Bot Blocking & Intrusion Prevention Security – Unauthenticated Local File Inclusion – CVE-2023-6989 |WordPress Plugin Vulnerability Report

WP 404 Auto Redirect to Similar Post Vulnerability- Reflected Cross-Site Scripting via request – CVE-2024-0509 |WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0834 |WordPress Plugin Vulnerability Report

Meta Box Vulnerability– WordPress Custom Fields Framework – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6526 |WordPress Plugin Vulnerability Report

Minimal Coming Soon Vulnerability– Coming Soon Page – Unauthenticated Maintenance Mode Bypass – CVE-2024-1075 |WordPress Plugin Vulnerability Report

Shariff Wrapper Vulnerability – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2024-1106 |WordPress Plugin Vulnerability Report

BEAR Vulnerability– Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net – Missing Authorization via Several Functions – CVE-2024-24835 | WordPress Plugin Vulnerability Report

Easy Digital Downloads Vulnerability– Sell Digital Files (eCommerce Store & Payments Made Easy) – Authenticated (Shop Manager+) Stored Cross-Site Scripting – CVE-2024-0659 | WordPress Plugin Vulnerability Report

PDF Flipbook, 3D Flipbook Vulnerability– DearFlip – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0895 | WordPress Plugin Vulnerability Report

Orbit Fox by ThemeIsle Vulnerability – Cross-Site Request Forgery – CVE-2024-1162 | WordPress Plugin Vulnerability Report

Calculated Fields Form Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0963 | WordPress Plugin Vulnerability Report

Essential Addons for Elementor Vulnerability– Best Elementor Templates, Widgets, Kits & WooCommerce Builders – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-0954 | WordPress Plugin Vulnerability Report

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy