WordPress Plugin Vulnerability Report – Drag and Drop Multiple File Upload– Contact Form 7 – Unauthenticated Arbitrary File Upload – CVE-2023-5822
Plugin Name: Drag and Drop Multiple File Upload- Contact Form 7 Key Information: Software Type: Plugin Software Slug: drag-and-drop-multiple-file-upload-contact-form-7 Software Status: Active Software…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – GiveWP – Cross-Site Request Forgery – CVE-2023-4247, CVE-2023-4248
Plugin Name: GiveWP Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 6,043,447 Active Installs: 100,000 Last Updated: October 31,…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Solid Security – Unauthenticated Login Page Disclosure
Plugin Name: Solid Security Key Information: Software Type: Plugin Software Slug: better-wp-security Software Status: Active Software Author: ithemes Software Downloads:…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – WP Customer Reviews – Authenticated (Subscriber+) Sensitive Information Exposure – CVE-2023-4686
Plugin Name: WP Customer Reviews Key Information: Software Type: Plugin Software Slug: wp-customer-reviews Software Status: Active Software Author: bompus Software Downloads: 1,108,443 Active Installs: 30,000 Last…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – 10Web Booster – Unauthenticated Arbitrary Option Deletion
Plugin Name: 10Web Booster Key Information: Software Type: Plugin Software Slug: tenweb-speed-optimizer Software Status: Active Software Author: 10web Software Downloads: 864,591 Active Installs: 80,000 Last Updated: October…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – News & Blog Designer Pack – Unauthenticated Remote Code Execution via Local File Inclusion – CVE-2023-5815
Plugin Name: News & Blog Designer Pack Key Information: Software Type: Plugin Software Slug: blog-designer-pack Software Status: Active Software Author: infornweb Software Downloads: 408,098 Active…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – All-In-One Security – Protection Bypass of Renamed Login Page via URL Encoding
Plugin Name: All-In-One Security Key Information: Software Type: Plugin Software Slug: all-in-one-wp-security-and-firewall Software Status: Active Software Author: davidanderson Software Downloads: 24,151,775 Active Installs: 1,000,000 Last Updated: October…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – VK Blocks – Authenticated (Contributor+) Stored Cross-Site Scripting via Block – CVE-2023-5706
Plugin Name: VK Blocks Key Information: Software Type: Plugin Software Slug: vk-blocks Software Status: Active Software Author: vektor-inc Software Downloads: 2,017,789 Active Installs: 80,000 Last Updated:…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – LiteSpeed Cache – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-4372
Plugin Name: LiteSpeed Cache Key Information: Software Type: Plugin Software Slug: litespeed-Cache Software Status: Active Software Author: litespeedtech Software Downloads: 52m564,430 Active Installs: 4,000,000 Last Updated: October…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Booster for WooCommerce – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-5638
Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – WooCommerce Stripe Payment Gateway – Cross-Site Request Forgery
Plugin Name: WooCommerce Stripe Payment Gateway Key Information: Software Type: Plugin Software Slug: woocommerce-gateway-stripe Software Status: Active Software Author: automattic…
Read about this Latest WordPress Vulnerability
WordPress Plugin Vulnerability Report – Social Media Share Buttons & Social Sharing Icons – Cross-Site Request Forgery – CVE-2023-5602 – Information Exposure – CVE-2023-5070
Plugin Name: Social Media Share Buttons & Social Sharing Icons Key Information: Software Type: Plugin Software Slug: ultimate-social-media-icons Software Status: Active Software Author: socialdude…
Read about this Latest WordPress Vulnerability