WordPress Vulnerability Daily Update

WP Plugin Vulnerabilities Image - EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF Widget URL - CVE-2024-1565 | WordPress Plugin Vulnerability Report - Vulnerabilities

EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via PDF Widget URL – CVE-2024-1565 | WordPress Plugin Vulnerability Report

June 12, 2024

Plugin Name:EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Elementor Header & Footer Builder Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget - CVE-2024-5757 | WordPress Plugin Vulnerability Report - Vulnerabilities

Elementor Header & Footer Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget – CVE-2024-5757 | WordPress Plugin Vulnerability Report

June 12, 2024

Posted in Vulnerabilities, Security

Plugin Name:Elementor Header & Footer Builder Key Information: Software Type: Plugin Software Slug: header-footer-elementor Software Status: Active Software Author: brainstormforce…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability - Unauthenticated Sensitive Information Exposure - CVE-2024-4266 | WordPress Plugin Vulnerability Report - Vulnerabilities

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability – Unauthenticated Sensitive Information Exposure – CVE-2024-4266 | WordPress Plugin Vulnerability Report

June 10, 2024

Posted in Vulnerabilities, Security

Plugin Name: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Key Information: Software Type: Plugin Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - SiteOrigin Widgets Bundle Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget - CVE-2024-5090 | WordPress Plugin Vulnerability Report - Vulnerabilities

SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget – CVE-2024-5090 | WordPress Plugin Vulnerability Report

June 10, 2024

Posted in Vulnerabilities, Security

Plugin Name: SiteOrigin Widgets Bundle Key Information: Software Type: Plugin Software Slug: so-widgets-bundle Software Status: Active Software Author: gpriday Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WooCommerce Vulnerability - Reflected Cross-Site Scripting via Order Attribution - CVE-2024-37297 | WordPress Plugin Vulnerability Report - Vulnerabilities

WooCommerce Vulnerability – Reflected Cross-Site Scripting via Order Attribution – CVE-2024-37297 | WordPress Plugin Vulnerability Report

June 10, 2024

Posted in Vulnerabilities, Security

Plugin Name: WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce Software Status: Active Software Author: woothemes Software Downloads: 317,169,418…

Read about this Latest WordPress Vulnerability

WPS Hide Login Vulnerability – Login Page Disclosure – CVE-2024-2473 | WordPress Plugin Vulnerability Report

June 10, 2024

Posted in Vulnerabilities, Security

Plugin Name: WPS Hide Login Key Information: Software Type: Plugin Software Slug: wps-hide-login Software Status: Active Software Author: tabrisrp Software…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Essential Addons for Elementor Vulnerability - Authenticated (Contributor+) Stored Cross-Site Scripting - CVE-2024-5189 | WordPress Plugin Vulnerability Report - Vulnerabilities

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5189 | WordPress Plugin Vulnerability Report

June 10, 2024

Posted in Vulnerabilities, Security

Plugin Name: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders Key Information: Software Type: Plugin…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Reset – Most Advanced WordPress Reset Tool Vulnerability - Missing Authorization to License Key Modification - CVE-2024-4661 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Reset – Most Advanced WordPress Reset Tool Vulnerability – Missing Authorization to License Key Modification – CVE-2024-4661 | WordPress Plugin Vulnerability Report

June 7, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP Reset – Most Advanced WordPress Reset Tool Key Information: Software Type: Plugin Software Slug: wp-reset Software Status:…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - WP Force SSL & HTTPS SSL Redirect Vulnerability - Missing Authorization to Settings Update - CVE-2024-5770 | WordPress Plugin Vulnerability Report - Vulnerabilities

WP Force SSL & HTTPS SSL Redirect Vulnerability – Missing Authorization to Settings Update – CVE-2024-5770 | WordPress Plugin Vulnerability Report

June 7, 2024

Posted in Vulnerabilities, Security

Plugin Name: WP Force SSL & HTTPS SSL Redirect Key Information: Software Type: Plugin Software Slug: wp-force-ssl Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Minimal Coming Soon – Coming Soon Page Vulnerability - Missing Authorization to Limited Settings Change - CVE-2024-5087 | WordPress Plugin Vulnerability Report - Vulnerabilities

Minimal Coming Soon – Coming Soon Page Vulnerability – Missing Authorization to Limited Settings Change – CVE-2024-5087 | WordPress Plugin Vulnerability Report

June 7, 2024

Posted in Vulnerabilities, Security

Plugin Name: Minimal Coming Soon – Coming Soon Page Key Information: Software Type: Plugin Software Slug: minimal-coming-soon-maintenance-mode Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - TablePress – Tables in WordPress made easy Vulnerability - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind - CVE-2024-4354 | WordPress Plugin Vulnerability Report - Vulnerabilities

TablePress – Tables in WordPress made easy Vulnerability – Authenticated (Author+) Server-Side Request Forgery via DNS Rebind – CVE-2024-4354 | WordPress Plugin Vulnerability Report

June 6, 2024

Posted in Vulnerabilities, Security

Plugin Name: TablePress – Tables in WordPress made easy Key Information: Software Type: Plugin Software Slug: tablepress Software Status: Active…

Read about this Latest WordPress Vulnerability

WP Plugin Vulnerabilities Image - Strong Testimonials Vulnerability - Authenticated(Contributor+) Improper Authorization to Views Modification - CVE-2023-6491 | WordPress Plugin Vulnerability Report - Vulnerabilities

Strong Testimonials Vulnerability – Authenticated(Contributor+) Improper Authorization to Views Modification – CVE-2023-6491 | WordPress Plugin Vulnerability Report

June 6, 2024

Posted in Vulnerabilities, Security

Plugin Name: Strong Testimonials Key Information: Software Type: Plugin Software Slug: strong-testimonials Software Status: Active Software Author: wpchill Software Downloads:…

Read about this Latest WordPress Vulnerability

EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via PDF Widget URL – CVE-2024-1565 | WordPress Plugin Vulnerability Report

Elementor Header & Footer Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Site Title Widget – CVE-2024-5757 | WordPress Plugin Vulnerability Report

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Vulnerability – Unauthenticated Sensitive Information Exposure – CVE-2024-4266 | WordPress Plugin Vulnerability Report

SiteOrigin Widgets Bundle Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget – CVE-2024-5090 | WordPress Plugin Vulnerability Report

WooCommerce Vulnerability – Reflected Cross-Site Scripting via Order Attribution – CVE-2024-37297 | WordPress Plugin Vulnerability Report

Essential Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-5189 | WordPress Plugin Vulnerability Report

WP Reset – Most Advanced WordPress Reset Tool Vulnerability – Missing Authorization to License Key Modification – CVE-2024-4661 | WordPress Plugin Vulnerability Report

WP Force SSL & HTTPS SSL Redirect Vulnerability – Missing Authorization to Settings Update – CVE-2024-5770 | WordPress Plugin Vulnerability Report

Minimal Coming Soon – Coming Soon Page Vulnerability – Missing Authorization to Limited Settings Change – CVE-2024-5087 | WordPress Plugin Vulnerability Report

TablePress – Tables in WordPress made easy Vulnerability – Authenticated (Author+) Server-Side Request Forgery via DNS Rebind – CVE-2024-4354 | WordPress Plugin Vulnerability Report

Strong Testimonials Vulnerability – Authenticated(Contributor+) Improper Authorization to Views Modification – CVE-2023-6491 | WordPress Plugin Vulnerability Report

Recent Blog Posts

Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App Vulnerability – Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure – CVE: NA | WordPress Plugin Vulnerability Report

SiteSEO – SEO Simplified Vulnerability – Missing Authorization to Authenticated (Author+) Plugin Settings Update – CVE-2025-12367 | WordPress Plugin Vulnerability Report

Qi Blocks Vulnerability – Missing Authorization to Authenticated (Contributor+) Plugin Settings Update – CVE-2025-12180 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy