WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - Happy Addons for Elementor Vulnerability - Reflected Cross-Site Scripting - CVE-2023-6632 | WordPress Plugin Vulnerability Report - Vulnerabilities

Happy Addons for Elementor Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6632 | WordPress Plugin Vulnerability Report

January 5, 2024

Plugin Name: Happy Addons for Elementor Key Information: Software Type: Plugin Software Slug: happy-elementor-addons Software Status: Active Software Author: thehappymonster Software Downloads: 5,728,647 Active Installs: 400,000…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Depicter Slider Vulnerability - Cross-Site Request Forgery via save - CVE-2023-6493 | WordPress Plugin Vulnerability Report - Vulnerabilities

Depicter Slider Vulnerability – Cross-Site Request Forgery via save – CVE-2023-6493 | WordPress Plugin Vulnerability Report

January 4, 2024

Posted in Vulnerabilities, Security

Plugin Name: Depicter Slider Key Information: Software Type: Plugin Software Slug: depicter Software Status: Active Software Author: averta Software Downloads: 727,890 Active Installs: 80,000 Last Updated: January…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Pagelayer Vulnerability - Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields - CVE-2023-6738 | WordPress Plugin Vulnerability Report - Vulnerabilities

Pagelayer Vulnerability – Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields – CVE-2023-6738 | WordPress Plugin Vulnerability Report

January 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Pagelayer Key Information: Software Type: Plugin Software Slug: pagelayer Software Status: Active Software Author: softaculous Software Downloads: 5,480,305 Active Installs: 200,000 Last Updated: January 3,…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Essential Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2023-7044 | WordPress Plugin Vulnerability Report - Vulnerabilities

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-7044 | WordPress Plugin Vulnerability Report

January 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Essential al Addons for Elementor Key Information: Software Type: Plugin Software Slug: essential-addons-for-elementor-lite Software Status: Active Software Author:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Complianz Vulnerability - Authenticated(Administrator+) Stored Cross-site Scripting via settings - CVE-2023-6498 | WordPress Plugin Vulnerability Report - Vulnerabilities

Complianz Vulnerability – Authenticated(Administrator+) Stored Cross-site Scripting via settings – CVE-2023-6498 | WordPress Plugin Vulnerability Report

January 3, 2024

Posted in Vulnerabilities, Security

Plugin Name: Complianz Key Information: Software Type: Plugin Software Slug: complianz-gdpr Software Status: Active Software Author: rogierlankhorst Software Downloads: 13,636,569 Active Installs: 800,000 Last Updated: January 3,…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Simple Membership Vulnerability - Reflected Cross-Site Scripting Vulnerability via environment_mode - CVE-2023-6882 | WordPress Plugin Vulnerability Report - Vulnerabilities

Simple Membership Vulnerability – Reflected Cross-Site Scripting Vulnerability via environment_mode – CVE-2023-6882 | WordPress Plugin Vulnerability Report

December 18, 2023

Posted in Vulnerabilities, Security

Plugin Name: Simple Membership Key Information: Software Type: Plugin Software Slug: simple-membership Software Status: Active Software Author: mra13 Software Downloads: 2,315,432 Active Installs: 50,000 Last Updated: December…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - AMP for WP Vulnerability - Authenticated (Contributor+) Cross-Site Scripting via Shortcode - CVE-2023-6782 | WordPress Plugin Vulnerability Report - Vulnerabilities

AMP for WP Vulnerability – Authenticated (Contributor+) Cross-Site Scripting via Shortcode – CVE-2023-6782 | WordPress Plugin Vulnerability Report

December 18, 2023

Posted in Vulnerabilities, Security

Plugin Name: AMP for WP Key Information: Software Type: Plugin Software Slug: accelerated-mobile-pages Software Status: Active Software Author: mohammed_kaludi Software Downloads: 17,465,196 Active Installs: 100,000 Last…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Enable Media Replace Vulnerability - Reflected Cross-Site Scripting - CVE-2023-6737 | WordPress Plugin Vulnerability Report - Vulnerabilities

Enable Media Replace Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6737 | WordPress Plugin Vulnerability Report

December 18, 2023

Posted in Vulnerabilities, Security

Plugin Name: Enable Media Replace Key Information: Software Type: Plugin Software Slug: enable-media-replace Software Status: Active Software Author: shortpixel Software Downloads: 10,049,054 Active Installs: 600,000 Last…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Shortcodes Plugin Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2023-6488 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Shortcodes Plugin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6488 | WordPress Plugin Vulnerability Report

December 18, 2023

Posted in Vulnerabilities, Security

Plugin Name: WP Shortcodes Plugin Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,131,157 Active Installs: 600,000 Last…

Read about this Latest WordPress Vulnerability

Clone Vulnerability – Sensitive Information Exposure – CVE-2023-6750 | WordPress Plugin Vulnerability Report

December 18, 2023

Posted in Vulnerabilities, Security

Plugin Name: Clone Key Information: Software Type: Plugin Software Slug: wp-clone-by-wp-academy Software Status: Active Software Author: migrate Software Downloads: 3,152,544 Active Installs: 90,000 Last Updated: December 18,…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - SpeedyCache Vulnerability - Missing Authorization to Plugin Options Update - CVE-2023-6598 | WordPress Plugin Vulnerability Report - Vulnerabilities

SpeedyCache Vulnerability – Missing Authorization to Plugin Options Update – CVE-2023-6598 | WordPress Plugin Vulnerability Report

December 16, 2023

Posted in Vulnerabilities, Security

Plugin Name: SpeedyCache Key Information: Software Type: Plugin Software Slug: speedycache Software Status: Active Software Author: softaculous Software Downloads: 861,450 Active Installs: 100,000 Last Updated: December 16,…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Post Grid Combo Vulnerability - Authenticated (Contributor+) Cross-Site Scripting - CVE-2023-6645 | WordPress Plugin Vulnerability Report - Vulnerabilities

Post Grid Combo Vulnerability – Authenticated (Contributor+) Cross-Site Scripting – CVE-2023-6645 | WordPress Plugin Vulnerability Report

December 15, 2023

Posted in Vulnerabilities, Security

Plugin Name: Post Grid Combo Key Information: Software Type: Plugin Software Slug: post-grid Software Status: Active Software Author: pickplugins Software Downloads: 2,566,872 Active Installs: 50,000 Last…

Read about this Latest WordPress Vulnerability

Happy Addons for Elementor Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6632 | WordPress Plugin Vulnerability Report

Depicter Slider Vulnerability – Cross-Site Request Forgery via save – CVE-2023-6493 | WordPress Plugin Vulnerability Report

Pagelayer Vulnerability – Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields – CVE-2023-6738 | WordPress Plugin Vulnerability Report

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-7044 | WordPress Plugin Vulnerability Report

Complianz Vulnerability – Authenticated(Administrator+) Stored Cross-site Scripting via settings – CVE-2023-6498 | WordPress Plugin Vulnerability Report

Simple Membership Vulnerability – Reflected Cross-Site Scripting Vulnerability via environment_mode – CVE-2023-6882 | WordPress Plugin Vulnerability Report

AMP for WP Vulnerability – Authenticated (Contributor+) Cross-Site Scripting via Shortcode – CVE-2023-6782 | WordPress Plugin Vulnerability Report

Enable Media Replace Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6737 | WordPress Plugin Vulnerability Report

WP Shortcodes Plugin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6488 | WordPress Plugin Vulnerability Report

Clone Vulnerability – Sensitive Information Exposure – CVE-2023-6750 | WordPress Plugin Vulnerability Report

SpeedyCache Vulnerability – Missing Authorization to Plugin Options Update – CVE-2023-6598 | WordPress Plugin Vulnerability Report

Post Grid Combo Vulnerability – Authenticated (Contributor+) Cross-Site Scripting – CVE-2023-6645 | WordPress Plugin Vulnerability Report

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy