ElementsKit Vulnerability – Unauthenticated Sensitive Information Exposure – CVE-2023-6582 | WordPress Plugin Vulnerability Report
Plugin Name: ElementsKit Elementor addons Key Information: Software Type: Plugin Software Slug: elementskit-lite Software Status: Active Software Author: xpeedstudio Software…
Download Monitor Vulnerability – Authenticated (Admin+) SQL Injection | WordPress Plugin Vulnerability Report
Plugin Name: Download Monitor Key Information: Software Type: Plugin Software Slug: download-monitor Software Status: Active Software Author: wpchill Software Downloads:…
Formidable Forms Vulnerability – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder – Authenticated (Administrator+) Stored Cross-Site Scripting – CVE-2023-6842 | WordPress Plugin Vulnerability Report
Plugin Name: Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder Key Information: Software Type:…
Gallery Plugin for WordPress – Envira Photo Gallery – Missing Authorization to Gallery Modification via envira_gallery_insert_images – CVE-2023-6742 | WordPress Plugin Vulnerability Report
Plugin Name: Gallery Plugin for WordPress – Envira Photo Gallery Key Information: Software Type: Plugin Software Slug: envira-gallery-lite Software Status:…
Metform Elementor Contact Form Builder Vulnerability – Cross-Site Request Forgery – CVE-2023-6788 | WordPress Plugin Vulnerability Report
Plugin Name: Metform Elementor Contact Form Builder Key Information: Software Type: Plugin Software Slug: metform Software Status: Active Software Author:…
User Profile Builder – Insecure Direct Object Reference – CVE-2023-6504 | WordPress Plugin Vulnerability Report
Plugin Name: User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Key Information: Software Type:…
RSS Aggregator by Feedzy Vulnerability – Missing Authorization – CVE-2023-6798 | WordPress Plugin Vulnerability Report
Plugin Name: RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Key Information: Software…
Hostinger Vulnerability – Missing Authorization to Maintenance Mode Activation – CVE-2023-6751 | WordPress Plugin Vulnerability Report
Plugin Name: Hostinger Key Information: Software Type: Plugin Software Slug: hostinger Software Status: Active Software Author: hostinger Software Downloads: 1,609,570 Active Installs: 1,000,000 Last Updated: January 5,…
Orbit Fox by ThemeIsle Vulnerability – Authenticated Stored Cross-Site Scripting – CVE-2023-6781 | WordPress Plugin Vulnerability Report
Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author:…
LightStart Vulnerability – Maintenance Mode, Coming Soon and Landing Page Builder – Missing Authorization – CVE-2023-7019| WordPress Plugin Vulnerability Report
Plugin Name: LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Key Information: Software Type: Plugin Software Slug: wp-maintenance-mode…
Happy Addons for Elementor Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6632 | WordPress Plugin Vulnerability Report
Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 5,728,647 Active Installs: 400,000…
Depicter Slider Vulnerability – Cross-Site Request Forgery via save – CVE-2023-6493 | WordPress Plugin Vulnerability Report
Plugin Name: Depicter Slider Key Information: Software Type: Plugin Software Slug: depicter Software Status: Active Software Author: averta Software Downloads: 727,890 Active Installs: 80,000 Last Updated: January…