MW WP Form Vulnerability – Improper Limitation of File Name to Unauthenticated Arbitrary File Deletion – CVE-2023-6559 | WordPress Plugin Vulnerability Report
Plugin Name: MW WP Form Key Information: Software Type: Plugin Software Slug: mw-wp-form Software Status: Active Software Author: inc2734 Software Downloads: 1,536,050 Active Installs: 200,000 Last…
Read about this Latest WordPress Vulnerability
Featured Image from URL Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via featured image alt text – CVE-2023-6561 | WordPress Plugin Vulnerability Report
Plugin Name: Featured Image from URL Key Information: Software Type: Plugin Software Slug: featured-image-from-url Software Status: Active Software Author: marceljm Software Downloads: 4,535,007 Active Installs: 90,000…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Export and Import Users and Customers – Authenticated (Shop Manager+) Arbitrary File Upload – CVE-2023-6558
Plugin Name: Export and Import Users and Customers Key Information: Software Type: Plugin Software Slug: users-customers-import-export-for-wp-woocommerce Software Status: Active Software Author: webtoffee Software Downloads: 2,025,020…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Backup Migration – Unauthenticated Remote Code Execution – CVE-2023-6553
Plugin Name: Backup Migration Key Information: Software Type: Plugin Software Slug: backup-backup Software Status: Active Software Author: migrate Software Downloads: 1,095,099 Active Installs: 90,000 Last Updated: December…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Import and export users and customers – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode – CVE-2023-6624
Plugin Name: Import and export users and customers Key Information: Software Type: Plugin Software Slug: import-users-from-csv-with-meta Software Status: Active Software Author: carazo Software Downloads: 3,901,440…
Read about this Latest WordPress Vulnerability
How Your WP Guy Guards Against Sneaky WordPress Malware
This Scary Loophole Leaves Most WordPress Sites Wide Open to Hackers Think your WordPress site is safe just because it…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – EmbedPress – Missing Authorization
Plugin Name: EmbedPress Key Information: Software Type: Plugin Software Slug: embedpress Software Status: Active Software Author: wpdevteam Software Downloads: 2,004,277 Active Installs: 80,000 Last Updated: December 8,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Manage Notification E-mails – Missing Authorization – CVE-2023-6496
Plugin Name: Manage Notification E-mails Key Information: Software Type: Plugin Software Slug: manage-notification-emails Software Status: Active Software Author: virgial Software Downloads: 612,816 Active Installs: 100,000 Last…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Burst Statistics and Burst Statistics Pro – Unauthenticated SQL Injection – CVE-2023-5761
Plugin Name: Burst Statistics and Burst Statistics Pro Key Information: Software Type: Plugin Software Slug: burst-statistics Software Status: Active Software Author: rogierlankhorst Software Downloads: 1,201,064…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Elementor Website Builder – Authenticated(Contributor+) Arbitrary File Upload to Remote Code Execution via Template Import
Plugin Name: Elementor Website Builder Key Information: Software Type: Plugin Software Slug: elementor Software Status: Active Software Author: elemntor Software Downloads: 357,725,852 Active Installs: 5,000,000 Last…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Calculated Fields Form – Authenticated (Admin+) Stored Cross-Site Scripting – CVE-2023-6446
Plugin Name: Calculated Fields Form Key Information: Software Type: Plugin Software Slug: calculated-fields-form Software Status: Active Software Author: codepeople Software Downloads: 6,352,767 Active Installs: 60,000 Last…
Read about this Latest WordPress Vulnerability