WordPress Plugin Vulnerability Report – HUSKY – Missing Authorization via woof_meta_get_keys() – CVE-2023-40334
Plugin Name: HUSKY Key Information: Software Type: Plugin Software Slug: woocommerce-products-filter Software Status: Active Software Author: realmag777 Software Downloads: 1,602,499 Active Installs: 100,000 Last Updated: November 23,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – BackWPup – Authenticated (Administrator+) Directory Traversal – CVE-2023-5504
Plugin Name: BackWPup Key Information: Software Type: Plugin Software Slug: backwpup Software Status: Active Software Author: wp_media Software Downloads: 13,284,859 Active Installs: 600,000 Last Updated: November 22,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Widgets for Google Reviews – Authenticated (Editor+) Arbitrary File Upload – CVE-2023-48275
Plugin Name: Widgets for Google Reviews Key Information: Software Type: Plugin Software Slug: wp-reviews-plugin-for-google Software Status: Active Software Author: trustindex…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Login Lockdown – Authenticated (Administrator+) SQL Injection
Plugin Name: Login Lockdown Key Information: Software Type: Plugin Software Slug: login-lockdown Software Status: Active Software Author: webfactory Software Downloads: 1,446,808 Active Installs: 100,000 Last Updated: November…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Abandoned Cart Lite for WooCommerce – Improper Authorization Vulnerabilities
Plugin Name: Abandoned Cart Lite for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-abandoned-cart Software Status: Active Software Author:…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Analytify – Cross-Site Request Forgery
Plugin Name: Analytify Key Information: Software Type: Plugin Software Slug: wp-analytify Software Status: Active Software Author: hiddenpearls Software Downloads: 1,817,063 Active Installs: 40,000 Last Updated: November 20,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – EmbedPress – Draft Vulnerability
Plugin Name: EmbedPress Key Information: Software Type: Plugin Software Slug: embedpress Software Status: Active Software Author: wpdevteam Software Downloads: 1,889,041 Active Installs: 80,000 Last Updated: November 17,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – wpDiscuz – Authenticated (Administrator+) Stored Cross-Site Scripting
Plugin Name: wpDiscuz Key Information: Software Type: Plugin Software Slug: wpdiscuz Software Status: Active Software Author: advancedcoding Software Downloads: 3,042,036 Active Installs: 80,000 Last Updated: November 17,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Paid Memberships Pro – Authenticated (Subscriber+) Arbitrary File Upload – CVE-2023-6187
Plugin Name: Paid Memberships Pro Key Information: Software Type: Plugin Software Slug: paid-memberships-pro Software Status: Active Software Author: strangerstudios Software Downloads: 5,334,391 Active Installs: 90,000 Last…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Slider – Missing Authorization via AJAX action
Plugin Name: Slider – Ultimate Responsive Image Slider Key Information: Software Type: Plugin Software Slug: ultimate-responsive-image-slider Software Status: Active Software Author: farazfrank Software Downloads: 1,338,384…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Elementor Addon Elements – Cross-Site Request Forgery – CVE-2023-4690
Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software Downloads: 2,143,312 Active Installs: 100,000 Last…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Forminator – Authenticated (Administrator+) Arbitrary File Upload – CVE-2023-6133
Plugin Name: Forminator Key Information: Software Type: Plugin Software Slug: forminator Software Status: Active Software Author: wpmudev Software Downloads: 5,677,838…
Read about this Latest WordPress Vulnerability