WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - SiteGuard WP Plugin Vulnerability - Login Page Disclosure - CVE-2024-37881 | WordPress Plugin Vulnerability Report - Vulnerabilities

SiteGuard WP Plugin Vulnerability – Login Page Disclosure – CVE-2024-37881 | WordPress Plugin Vulnerability Report

June 21, 2024

Plugin Name: SiteGuard WP Plugin Key Information: Software Type: Plugin Software Slug: siteguard Software Status: Active Software Author: jp-secure Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Loco Translate Vulnerability - Cross-Site Request Forgery - CVE-2024-37236 | WordPress Plugin Vulnerability Report - Vulnerabilities

Loco Translate Vulnerability – Cross-Site Request Forgery – CVE-2024-37236 | WordPress Plugin Vulnerability Report

June 21, 2024

Posted in Vulnerabilities, Security

Plugin Name: Loco Translate Key Information: Software Type: Plugin Software Slug: loco-translate Software Status: Active Software Author: timwhitlock Software Downloads:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Solid Security – Password, Two Factor Authentication, and Brute Force Protection Vulnerability - IP Address Spoofing to Denial of Service - CVE-2022-44593 | WordPress Plugin Vulnerability Report - Vulnerabilities

Solid Security – Password, Two Factor Authentication, and Brute Force Protection Vulnerability – IP Address Spoofing to Denial of Service – CVE-2022-44593 | WordPress Plugin Vulnerability Report

June 20, 2024

Posted in Vulnerabilities, Security

Plugin Name: Solid Security – Password, Two Factor Authentication, and Brute Force Protection Key Information: Software Type: Plugin Software Slug:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN Vulnerability - Missing Authorization to Resmush List Deletion - CVE-2023-3352 | WordPress Plugin Vulnerability Report - Vulnerabilities

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN Vulnerability – Missing Authorization to Resmush List Deletion – CVE-2023-3352 | WordPress Plugin Vulnerability Report

June 20, 2024

Posted in Vulnerabilities, Security

Plugin Name: Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - SEOPress – On-site SEO Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Image URL - CVE-2024-1168 | WordPress Plugin Vulnerability Report - Vulnerabilities

SEOPress – On-site SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Social Image URL – CVE-2024-1168 | WordPress Plugin Vulnerability Report

June 19, 2024

Posted in Vulnerabilities, Security

Plugin Name: SEOPress – On-site SEO Key Information: Software Type: Plugin Software Slug: wp-seopress Software Status: Active Software Author: rainbowgeek…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Easy Table of Contents Vulnerability- Authenticated (Editor+) Stored Cross-Site Scripting - CVE-2024-6334 |WordPress Plugin Vulnerability Report - Vulnerabilities

Easy Table of Contents Vulnerability- Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2024-6334 |WordPress Plugin Vulnerability Report

June 18, 2024

Posted in Security, Vulnerabilities

Plugin Name: Easy Table of Contents Key Information: Software Type: Plugin Software Slug: easy-table-of-contents Software Status: Active Software Author: magazine3…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Jeg Elementor Kit Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via JKit - Tabs and JKit - Accordion Widgets - CVE-2024-4479 | WordPress Plugin Vulnerability Report - Vulnerabilities

Jeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs and JKit – Accordion Widgets – CVE-2024-4479 | WordPress Plugin Vulnerability Report

June 14, 2024

Posted in Vulnerabilities, Security

Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software…

Read about this Latest WordPress Vulnerability

Simple Sitemap Vulnerability – Cross-Site Request Forgery via admin_notices – CVE-2023-6492 | WordPress Plugin Vulnerability Report

June 13, 2024

Posted in Security, Vulnerabilities

Plugin Name: Simple Sitemap – Create a Responsive HTML Sitemap Key Information: Software Type: Plugin Software Slug: simple-sitemap Software Status:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget - CVE-2024-5787 | WordPress Plugin Vulnerability Report - Vulnerabilities

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget – CVE-2024-5787 | WordPress Plugin Vulnerability Report

June 12, 2024

Posted in Vulnerabilities, Security

Plugin Name:PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Key Information: Software Type: Plugin Software Slug: powerpack-lite-for-elementor Software Status:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Go Maps (formerly WP Google Maps) Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-5994 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Go Maps (formerly WP Google Maps) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5994 | WordPress Plugin Vulnerability Report

June 12, 2024

Posted in Vulnerabilities, Security

Plugin Name:WP Go Maps (formerly WP Google Maps) Key Information: Software Type: Plugin Software Slug: wp-google-maps Software Status: Active Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Gutenberg Blocks with AI by Kadence WP – Page Builder Features Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter - CVE-2024-4863 | WordPress Plugin Vulnerability Report - Vulnerabilities

Gutenberg Blocks with AI by Kadence WP – Page Builder Features Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter – CVE-2024-4863 | WordPress Plugin Vulnerability Report

June 12, 2024

Posted in Vulnerabilities, Security

Plugin Name:Gutenberg Blocks with AI by Kadence WP – Page Builder Features Key Information: Software Type: Plugin Software Slug: kadence-blocks…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Vulnerability - Exposure of Sensitive Information via the UI - CVE-2024-3073 | WordPress Plugin Vulnerability Report - Vulnerabilities

Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Vulnerability – Exposure of Sensitive Information via the UI – CVE-2024-3073 | WordPress Plugin Vulnerability Report

June 12, 2024

Posted in Vulnerabilities, Security

Plugin Name:Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Key Information: Software Type: Plugin Software Slug:…

Read about this Latest WordPress Vulnerability

Loco Translate Vulnerability – Cross-Site Request Forgery – CVE-2024-37236 | WordPress Plugin Vulnerability Report

Solid Security – Password, Two Factor Authentication, and Brute Force Protection Vulnerability – IP Address Spoofing to Denial of Service – CVE-2022-44593 | WordPress Plugin Vulnerability Report

Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN Vulnerability – Missing Authorization to Resmush List Deletion – CVE-2023-3352 | WordPress Plugin Vulnerability Report

SEOPress – On-site SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Social Image URL – CVE-2024-1168 | WordPress Plugin Vulnerability Report

Easy Table of Contents Vulnerability- Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2024-6334 |WordPress Plugin Vulnerability Report

Jeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via JKit – Tabs and JKit – Accordion Widgets – CVE-2024-4479 | WordPress Plugin Vulnerability Report

Simple Sitemap Vulnerability – Cross-Site Request Forgery via admin_notices – CVE-2023-6492 | WordPress Plugin Vulnerability Report

PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Link Effects Widget – CVE-2024-5787 | WordPress Plugin Vulnerability Report

WP Go Maps (formerly WP Google Maps) Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5994 | WordPress Plugin Vulnerability Report

Gutenberg Blocks with AI by Kadence WP – Page Builder Features Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter – CVE-2024-4863 | WordPress Plugin Vulnerability Report

Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin Vulnerability – Exposure of Sensitive Information via the UI – CVE-2024-3073 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy