Wordfence Intelligence Weekly WordPress Vulnerability Report (October 14, 2024 to October 20, 2024)
🦸 👻 Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024:
- All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
- Top-tier researchers earn automatic bonuses of between 10% to 120% for valid submissions
- Pending report limits are increased for all
- It’s possible to earn up to $31,200 for high impact vulnerabilities!
Last week, there were 234 vulnerabilities disclosed in 215 WordPress Plugins and 4 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 56 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 19,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- WAF-RULE-756 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 114 |
| Unpatched | 120 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 162 |
| High Severity | 40 |
| Critical Severity | 32 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 111 |
| Cross-Site Request Forgery (CSRF) | 32 |
| Unrestricted Upload of File with Dangerous Type | 17 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 15 |
| Missing Authorization | 12 |
| Deserialization of Untrusted Data | 10 |
| Exposure of Sensitive Information to an Unauthorized Actor | 7 |
| Improper Control of Generation of Code ('Code Injection') | 5 |
| Authentication Bypass Using an Alternate Path or Channel | 4 |
| Authorization Bypass Through User-Controlled Key | 4 |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 4 |
| Incorrect Privilege Assignment | 4 |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 3 |
| Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) | 1 |
| Improper Check or Handling of Exceptional Conditions | 1 |
| Improper Privilege Management | 1 |
| Reliance on Cookies without Validation and Integrity Checking in a Security Decision | 1 |
| Server-Side Request Forgery (SSRF) | 1 |
| Weak Password Recovery Mechanism for Forgotten Password | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 26 | |
| 22 | |
| 18 | |
| 16 | |
| 13 | |
| 12 | |
| 8 | |
| 6 | |
| 6 | |
| 6 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| AADMY – Add Auto Date Month Year Into Posts | auto-date-year-month |
| AB Categories Search Widget | ab-categories-search-widget |
| Accordion Slider | accordion-slider |
| Ad Inserter – Ad Manager & AdSense Ads | ad-inserter |
| Add Categories Post Footer | add-categories-post-footer |
| Add Widget After Content | add-widget-after-content |
| Adding drop down roles in registration | user-drop-down-roles-in-registration |
| ADIF Log Search Widget | adif-log-search-widget |
| Admin Management Xtended | admin-management-xtended |
| Advanced Advertising System | advanced-advertising-system |
| Advanced Category and Custom Taxonomy Image | advanced-category-and-custom-taxonomy-image |
| Advanced Custom Fields | advanced-custom-fields |
| Advanced Custom Fields (ACF) | advanced-custom-fields |
| Advanced Custom Fields Pro | advanced-custom-fields-pro |
| Affiliator | affiliator-lite |
| Ahime Image Printer | ahime-image-printer |
| Ahmeti Wp Timeline | ahmeti-wp-timeline |
| Ajax Custom CSS/JS | ajax-awesome-css |
| Ajax Rating with Custom Login | ajax-rating-with-custom-login |
| ajax-extend | ajax-extend |
| Akismet htaccess writer | akismet-htaccess-writer |
| All in One Slider | all-in-one-slider |
| Analyse Uploads | analyse-uploads |
| Animator – Scroll Triggered Animations | scroll-triggered-animations |
| Apa Banner Slider | apa-banner-slider |
| APA Register Newsletter Form | apa-register-newsletter-form |
| Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | simply-schedule-appointments |
| AppPresser – Mobile App Framework | apppresser |
| Arconix Shortcodes | arconix-shortcodes |
| Arkhe Blocks | arkhe-blocks |
| Author Discussion | author-discussion |
| Awesome Contact Form7 for Elementor | awesome-contact-form7-for-elementor |
| Azz Anonim Posting | azz-anonim-posting |
| Back Link Tracker | back-link-tracker |
| Better Author Bio | better-author-bio |
| Booking.com Banner Creator | bookingcom-banner-creator |
| Branding | branding |
| BuddyPress Better Registration | better-bp-registration |
| Bulk images optimizer: Resize, optimize, convert to webp, rename … | bulk-image-resizer |
| bVerse Convert | bverse-convert |
| Calculated Fields Form | calculated-fields-form |
| CJ Change Howdy | cj-change-howdy |
| Click to Chat – WP Support All-in-One Floating Widget | support-chat |
| Clio Grow Form | clio-grow-form |
| Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors | publishpress-authors |
| Community by PeepSo – Download from PeepSo.com | peepso-core |
| Community Lite Video Chat | avchat-3 |
| Contact Form by Supsystic | contact-form-by-supsystic |
| Contact Forms, Live Support, CRM, Video Messages | live-support-tickets |
| Cooked Pro | cooked-pro |
| Cookie Scanner – automated cookie list | cookie-scanner |
| Country Flags for Elementor | country-flags-for-elementor |
| Crazy Call To Action Box | crazy-call-to-action-box |
| cSlider | cslider |
| CSV Product Import Export for WooCommerce | csv-wc-product-import-export |
| CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x | woo-multi-currency |
| Custom Add to Cart Button Label and Link | woo-custom-cart-button |
| Customer Email Verification for WooCommerce | emails-verification-for-woocommerce |
| Da Reactions | da-reactions |
| Debrandify · Remove or Replace WordPress Branding | debrandify |
| Digital Lottery | digital-lottery |
| Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons | woo-discount-rules |
| DPD Baltic Shipping | woo-shipping-dpd-baltic |
| Duplicate Title Validator | duplicate-title-validate |
| Dynamic Elementor Addons | dynamic-elementor-addons |
| Easy Addons for Elementor | easy-addons-for-elementor |
| Easy Menu Manager | WPZest | easy-menu-manager-wpzest |
| Edit WooCommerce Templates | woo-edit-templates |
| Edwiser Bridge – WordPress Moodle LMS Integration | edwiser-bridge |
| El mejor Cluster | mejorcluster |
| Elemenda | elemenda |
| ElementInvader Addons for Elementor | elementinvader-addons-for-elementor |
| Elementor Website Builder – More Than Just a Page Builder | elementor |
| ElementsReady Addons for Elementor | element-ready-lite |
| Email Template Customizer for WooCommerce | email-template-customizer-for-woo |
| Encyclopedia / Glossary / Wiki | encyclopedia-lexicon-glossary-wiki-dictionary |
| Endless Posts Navigation | endless-posts-navigation |
| EventON Pro | eventon |
| Events Addon for Elementor | events-addon-for-elementor |
| Exclusive Addons for Elementor | exclusive-addons-for-elementor |
| Feed Comments Number | feed-comments-number |
| FERMA.ru.net | ferma-ru-net-checkout |
| File Manager Pro | wp-file-manager-pro |
| Flat UI Button | flat-ui-button |
| Flexmls® IDX Plugin | flexmls-idx |
| Fonto – Custom Web Fonts Manager | fonto |
| Forminator Forms – Contact Form, Payment Form & Custom Form Builder | forminator |
| FREE DOWNLOAD MANAGER | free-download-manager |
| Free Stock Photos Foter | free-stock-photos-foter |
| G Meta Keywords | g-meta-keywords |
| Gantry 4 Framework | gantry |
| GERRYWORKS Post by Mail | gerryworks-post-by-mail |
| GetResponse Forms by Optin Cat | getresponse |
| Giveaway Boost | giveaway-boost |
| GiveWP – Donation Plugin and Fundraising Platform | give |
| Google Map Locations | google-map-locations |
| GoogleDrive folder list | googledrive-folder-list |
| Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file | htaccess-file-editor |
| Hyperlink Group Block | hyperlink-group-block |
| IdeaPush | ideapush |
| Infinite-Scroll | infinite-scroll |
| Jetpack – WP Security, Backup, Speed, & Growth | jetpack |
| JiangQie Free Mini Program | jiangqie-free-mini-program |
| jLayer Parallax Slider | jlayer-parallax-slider-wp |
| Job Board Manager for WordPress | jemployee |
| Kama SpamBlock | kama-spamblock |
| Leyka | leyka |
| Lightbox slider – Responsive Lightbox Gallery | simple-lightbox-gallery |
| Limb Gallery | Create Beautiful Image & Video Galleries | limb-gallery |
| Linked Variation for WooCommerce | linked-variation-for-woocommerce |
| Locatoraid Store Locator | locatoraid |
| Maan Addons For Elementor | maan-elementor-addons |
| MAS Companies For WP Job Manager | mas-wp-job-manager-company |
| MAS Elementor | mas-addons-for-elementor |
| Mighty Builder – Drag & Drop WordPress Page Builder | mighty-builder |
| Miniorange OTP Verification with Firebase | miniorange-firebase-sms-otp-verification |
| Mitm Bug Tracker | mitm-bug-tracker |
| Most And Least Read Posts Widget | most-and-least-read-posts-widget |
| Movie Database | movie-database |
| Multiline files upload for contact form 7 | multiline-files-for-contact-form-7 |
| My Favorites | my-favorites |
| My Reading Library | my-reading-library |
| MyTweetLinks | mytweetlinks |
| Nextend Social Login Pro | nextend-social-login-pro |
| Nice Backgrounds | nicebackgrounds |
| Omnipress | omnipress |
| Parallax Image | parallax-image |
| Parcel Pro | woo-parcel-pro |
| PeproDev Ultimate Invoice | pepro-ultimate-invoice |
| Photo Gallery Builder | photo-gallery-builder |
| Photo Gallery Slideshow & Masonry Tiled Gallery | wp-responsive-photo-gallery |
| photokit | photokit |
| Pinpoint Booking System – #1 WordPress Booking Plugin | booking-system |
| Plexx Elementor Extension | plexx-elementor-extension |
| Plugin Name: Sovratec Case Management | sovratec-case-management |
| Pods – Custom Content Types and Fields | pods |
| Point Maker | point-maker |
| Post From Frontend | post-from-frontend |
| Primary Addon for Elementor | primary-addon-for-elementor |
| Product Customizer Light | product-customizer-light |
| Product Website Showcase | product-websites-showcase |
| ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
| Property Lot Management System | plms |
| Rate Own Post | rate-own-post |
| Recently – Viewed, Most Viewed and Sold Products for WooCommerce | recently-viewed-most-viewed-and-sold-products-for-woocommerce |
| ReDi Restaurant Reservation | redi-restaurant-reservation |
| Registrations for the Events Calendar – Event Registration Plugin | registrations-for-the-events-calendar |
| Responsive Lightbox & Gallery | responsive-lightbox |
| Responsive Pricing Table Builder – wpPricing Builder | wppricing-builder-lite-responsive-pricing-table-builder |
| Royal Elementor Addons and Templates | royal-elementor-addons |
| RS-Members | rs-members |
| RSS Feed Widget | rss-feed-widget |
| Safe SVG | safe-svg |
| SafetyForms – Create forms with Real-time Email Validation | safetymails-forms |
| SendGrid for WordPress | wp-sendgrid-mailer |
| SendPulse Free Web Push | sendpulse-web-push |
| SEO Manager | seo-manager |
| SermonAudio Widgets | sermonaudio-widgets |
| Shipyaari Shipping Management | shipyaari-shipping-managment |
| Simple Code Insert Shortcode | simple-code-insert-shortcode |
| Simple Custom Post Order | simple-custom-post-order |
| Simple Testimonials Showcase | simple-testimonials-showcase |
| Simple User Registration | wp-registration |
| Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) | sina-extension-for-elementor |
| SiteBuilder Dynamic Components | sitebuilder-dynamic-components |
| SlimStat Analytics | wp-slimstat |
| Smart Blocks | smart-blocks |
| Smart Online Order for Clover | clover-online-orders |
| Social Auto Poster | social-auto-poster |
| Social Link Groups | social-link-groups |
| Social Share With Floating Bar | social-share-with-floating-bar |
| StreamWeasels Twitch Integration | streamweasels-twitch-integration |
| Suki Sites Import | suki-sites-import |
| Surfer – WordPress Plugin | surferseo |
| SW Contact Form | sw-contact-form |
| Table of Contents Plus | table-of-contents-plus |
| TAKETIN To WP Membership | taketin-to-wp-membership |
| The Ultimate WordPress Toolkit – WP Extended | wpextended |
| Themesflat Addons For Elementor | themesflat-addons-for-elementor |
| Time Clock Pro | time-clock-pro |
| Time Clock – A WordPress Employee & Volunteer Time Clock Plugin | time-clock |
| Tito | tito |
| Ultimate AI | Ultimate_AI |
| UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) | ultraaddons-elementor-lite |
| Unlimited Addon For Elementor | unlimited-addon-for-elementor |
| Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | unlimited-elements-for-elementor |
| VKontakte Wall Post | vkontakte-wall-post |
| VOD Infomaniak | vod-infomaniak |
| Woo Manage Fraud Orders | woo-manage-fraud-orders |
| WooCommerce | woocommerce |
| Woostagram Connect | woostagram-connect |
| WordPress Image SEO | wp-image-seo |
| WordPress Portfolio Builder – Portfolio Gallery | uber-grid |
| WordPress Social Share Buttons | share-button |
| WordPress Video | wordpress-video |
| WP 2FA with Telegram | two-factor-login-telegram |
| WP Booking Calendar | booking |
| WP Content Copy Protection & No Right Click | wp-content-copy-protector |
| WP Dropbox Dropins | wp-dropbox-dropins |
| WP Easy Post Types | easy-post-types |
| WP Education – Education WordPress Plugin for Elementor | wp-education |
| WP Photo Album Plus | wp-photo-album-plus |
| WP Popup Builder – Popup Forms and Marketing Lead Generation | wp-popup-builder |
| WP REST API FNS Plugin | rest-api-fns |
| WP SendFox | wp-sendfox |
| WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin | timetics |
| WP ULike – All-in-One Engagement Toolkit | wp-ulike |
| WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress | wpvr |
| Wp-ImageZoom | wp-imagezoom |
| WP-Spreadplugin | wp-spreadplugin |
| WPIDE – File Manager & Code Editor | wpide |
| Wsify widget | wsify-widget |
| Zita Elementor Site Library | zita-site-library |
| Zoho CRM Lead Magnet | zoho-crm-forms |
| افزونه پیامک ووکامرس Persian WooCommerce SMS | persian-woocommerce-sms |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Digitally | digitally |
| Disconnected | disconnected |
| my flatonica | my-flatonica |
| my wooden under construction | my-wooden-under-construction |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2024-49217
CVE-2024-49217
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Adding drop down roles in registration
Adding drop down roles in registration
Researcher
CVE-ID
CVE-2024-49624
CVE-2024-49624
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Advanced Advertising System
Advanced Advertising System
Researcher
CVE-ID
CVE-2024-49326
CVE-2024-49326
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Affiliator
Affiliator
Researcher
CVE-ID
CVE-2024-49245
CVE-2024-49245
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Ahime Image Printer
Ahime Image Printer
Researcher
CVE-ID
CVE-2024-49254
CVE-2024-49254
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
ajax-extend
ajax-extend
Researcher
CVE-ID
CVE-2024-49253
CVE-2024-49253
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Analyse Uploads
Analyse Uploads
Researcher
CVE-ID
CVE-2024-49257
CVE-2024-49257
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Azz Anonim Posting
Azz Anonim Posting
Researcher
CVE-ID
CVE-2024-49247
CVE-2024-49247
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
BuddyPress Better Registration
BuddyPress Better Registration
Researcher
CVE-ID
CVE-2024-49291
CVE-2024-49291
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Cooked Pro
Cooked Pro
Researcher
CVE-ID
CVE-2024-49242
CVE-2024-49242
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Digital Lottery
Digital Lottery
Researcher
CVE-ID
CVE-2024-49216
CVE-2024-49216
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Feed Comments Number
Feed Comments Number
Researcher
CVE-ID
CVE-2024-49332
CVE-2024-49332
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Giveaway Boost
Giveaway Boost
Researcher
CVE-ID
CVE-2024-9634
CVE-2024-9634
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
GiveWP – Donation Plugin and Fundraising Platform
GiveWP – Donation Plugin and Fundraising Platform
Researcher
CVE-ID
CVE-2024-49314
CVE-2024-49314
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
JiangQie Free Mini Program
JiangQie Free Mini Program
Researcher
CVE-ID
CVE-2024-49322
CVE-2024-49322
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Job Board Manager for WordPress
Job Board Manager for WordPress
Researcher
CVE-ID
CVE-2024-9863
CVE-2024-9863
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Miniorange OTP Verification with Firebase
Miniorange OTP Verification with Firebase
Researcher
Miniorange OTP Verification with Firebase <= 3.6.0 - Unauthenticated Arbitrary User Password Change
9.8
CVE-ID
CVE-2024-9862
CVE-2024-9862
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Miniorange OTP Verification with Firebase
Miniorange OTP Verification with Firebase
Researcher
CVE-ID
CVE-2024-49318
CVE-2024-49318
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
My Reading Library
My Reading Library
Researcher
CVE-ID
CVE-2024-9893
CVE-2024-9893
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Nextend Social Login Pro
Nextend Social Login Pro
Researcher
CVE-ID
CVE-2024-49610
CVE-2024-49610
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
photokit
photokit
Researcher
CVE-ID
CVE-2024-49611
CVE-2024-49611
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Product Website Showcase
Product Website Showcase
Researcher
CVE-ID
CVE-2024-49218
CVE-2024-49218
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Recently – Viewed, Most Viewed and Sold Products for WooCommerce
Recently – Viewed, Most Viewed and Sold Products for WooCommerce
Researcher
CVE-ID
CVE-2024-49626
CVE-2024-49626
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Shipyaari Shipping Management
Shipyaari Shipping Management
Researcher
CVE-ID
CVE-2024-49604
CVE-2024-49604
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Simple User Registration
Simple User Registration
Researcher
CVE-ID
CVE-2024-49625
CVE-2024-49625
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
SiteBuilder Dynamic Components
SiteBuilder Dynamic Components
Researcher
CVE-ID
CVE-2024-49324
CVE-2024-49324
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Plugin Name: Sovratec Case Management
Plugin Name: Sovratec Case Management
Researcher
CVE-ID
CVE-2024-9105
CVE-2024-9105
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Ultimate AI
Ultimate AI
Researcher
CVE-ID
CVE-2024-49327
CVE-2024-49327
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Woostagram Connect
Woostagram Connect
Researcher
CVE-ID
CVE-2024-49607
CVE-2024-49607
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP Dropbox Dropins
WP Dropbox Dropins
Researcher
CVE-ID
CVE-2024-49328
CVE-2024-49328
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
WP REST API FNS Plugin
Researcher
CVE-ID
CVE-2024-49329
CVE-2024-49329
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
WP REST API FNS Plugin
Researcher
CVE-ID
CVE-2024-9263
CVE-2024-9263
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Researcher
CVE-ID
CVE-2024-49622
CVE-2024-49622
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Apa Banner Slider
Apa Banner Slider
Researcher
CVE-ID
CVE-2024-49621
CVE-2024-49621
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
APA Register Newsletter Form
APA Register Newsletter Form
Researcher
CVE-ID
CVE-2024-49617
CVE-2024-49617
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Back Link Tracker
Back Link Tracker
Researcher
CVE-ID
CVE-2024-9215
CVE-2024-9215
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors
Researcher
CVE-ID
CVE-2024-49243
CVE-2024-49243
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Dynamic Elementor Addons
Dynamic Elementor Addons
Researcher
CVE-ID
CVE-2024-49620
CVE-2024-49620
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
FERMA.ru.net
FERMA.ru.net
Researcher
CVE-ID
CVE-2024-8507
CVE-2024-8507
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
File Manager Pro
File Manager Pro
Researcher
CVE-ID
CVE-2024-49227
CVE-2024-49227
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Free Stock Photos Foter
Free Stock Photos Foter
Researcher
CVE-ID
CVE-2024-49608
CVE-2024-49608
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
GERRYWORKS Post by Mail
GERRYWORKS Post by Mail
Researcher
CVE-ID
CVE-2024-49251
CVE-2024-49251
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Maan Addons For Elementor
Maan Addons For Elementor
Researcher
CVE-ID
CVE-2024-49618
CVE-2024-49618
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
MyTweetLinks
MyTweetLinks
Researcher
CVE-ID
CVE-2024-49330
CVE-2024-49330
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Nice Backgrounds
Nice Backgrounds
Researcher
CVE-ID
CVE-2024-49317
CVE-2024-49317
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Point Maker
Point Maker
Researcher
CVE-ID
CVE-2024-49616
CVE-2024-49616
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Rate Own Post
Rate Own Post
Researcher
CVE-ID
CVE-2024-49219
CVE-2024-49219
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
RS-Members
RS-Members
Researcher
CVE-ID
CVE-2024-49615
CVE-2024-49615
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
SafetyForms – Create forms with Real-time Email Validation
SafetyForms – Create forms with Real-time Email Validation
Researcher
CVE-ID
CVE-2024-49614
CVE-2024-49614
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
SermonAudio Widgets
SermonAudio Widgets
Researcher
CVE-ID
CVE-2024-49613
CVE-2024-49613
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Simple Code Insert Shortcode
Simple Code Insert Shortcode
Researcher
CVE-ID
CVE-2024-49619
CVE-2024-49619
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Social Link Groups
Social Link Groups
Researcher
CVE-ID
CVE-2024-49612
CVE-2024-49612
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
SW Contact Form
SW Contact Form
Researcher
CVE-ID
CVE-2024-49226
CVE-2024-49226
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
TAKETIN To WP Membership
TAKETIN To WP Membership
Researcher
CVE-ID
CVE-2024-49260
CVE-2024-49260
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Limb Gallery | Create Beautiful Image & Video Galleries
Limb Gallery | Create Beautiful Image & Video Galleries
Researcher
CVE-ID
CVE-2024-9687
CVE-2024-9687
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WP 2FA with Telegram
WP 2FA with Telegram
Researcher
CVE-ID
CVE-2024-10079
CVE-2024-10079
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP Easy Post Types
WP Easy Post Types
Researcher
CVE-ID
CVE-2024-9593
CVE-2024-9593
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Researcher
AppPresser – Mobile App Framework <= 4.4.4 - Privilege Escalation and Account Takeover via Weak OTP
8.1
CVE-ID
CVE-2024-9305
CVE-2024-9305
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
AppPresser – Mobile App Framework
AppPresser – Mobile App Framework
Researcher
CVE-ID
CVE-2024-9861
CVE-2024-9861
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Miniorange OTP Verification with Firebase
Miniorange OTP Verification with Firebase
Researcher
CVE-ID
CVE-2024-49246
CVE-2024-49246
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Ajax Rating with Custom Login
Ajax Rating with Custom Login
Researcher
CVE-ID
CVE-2024-49305
CVE-2024-49305
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Customer Email Verification for WooCommerce
Customer Email Verification for WooCommerce
Researcher
CVE-ID
CVE-2024-8746
CVE-2024-8746
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
File Manager Pro
File Manager Pro
Researcher
CVE-ID
CVE-2024-49315
CVE-2024-49315
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
FREE DOWNLOAD MANAGER
FREE DOWNLOAD MANAGER
Researcher
CVE-ID
CVE-2024-8918
CVE-2024-8918
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
File Manager Pro
File Manager Pro
Researcher
AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
7.3
CVE-ID
CVE-2024-9837
CVE-2024-9837
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
AADMY – Add Auto Date Month Year Into Posts
AADMY – Add Auto Date Month Year Into Posts
Researcher
CVE-ID
CVE-2024-9061
CVE-2024-9061
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP Popup Builder – Popup Forms and Marketing Lead Generation
WP Popup Builder – Popup Forms and Marketing Lead Generation
Researcher
CVE-ID
CVE-2024-49331
CVE-2024-49331
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Property Lot Management System
Property Lot Management System
Researcher
CVE-ID
CVE-2024-7982
CVE-2024-7982
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Registrations for the Events Calendar – Event Registration Plugin
Registrations for the Events Calendar – Event Registration Plugin
Researcher
CVE-ID
CVE-2024-9184
CVE-2024-9184
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
SendPulse Free Web Push
SendPulse Free Web Push
Researcher
CVE-ID
CVE-2024-9548
CVE-2024-9548
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
SlimStat Analytics
SlimStat Analytics
Researcher
CVE-ID
CVE-2024-49271
CVE-2024-49271
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Researcher
CVE-ID
CVE-2024-49244
CVE-2024-49244
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
CSV Product Import Export for WooCommerce
CSV Product Import Export for WooCommerce
Researcher
CVE-ID
CVE-2024-49258
CVE-2024-49258
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Limb Gallery | Create Beautiful Image & Video Galleries
Limb Gallery | Create Beautiful Image & Video Galleries
Researcher
CVE-ID
CVE-2024-9820
CVE-2024-9820
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WP 2FA with Telegram
WP 2FA with Telegram
Researcher
CVE-ID
CVE-2024-49297
CVE-2024-49297
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Zoho CRM Lead Magnet
Zoho CRM Lead Magnet
Researcher
CVE-ID
CVE-2024-9582
CVE-2024-9582
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Accordion Slider
Accordion Slider
Researcher
CVE-ID
CVE-2024-49307
CVE-2024-49307
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Admin Management Xtended
Admin Management Xtended
Researcher
CVE-ID
CVE-2024-9425
CVE-2024-9425
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Advanced Category and Custom Taxonomy Image
Advanced Category and Custom Taxonomy Image
Researcher
CVE-ID
CVE-2024-9703
CVE-2024-9703
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Arconix Shortcodes
Arconix Shortcodes
Researcher
CVE-ID
CVE-2024-49261
CVE-2024-49261
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Arkhe Blocks
Arkhe Blocks
Researcher
CVE-ID
CVE-2024-49319
CVE-2024-49319
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Awesome Contact Form7 for Elementor
Awesome Contact Form7 for Elementor
Researcher
CVE-ID
CVE-2024-49265
CVE-2024-49265
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Booking.com Banner Creator
Booking.com Banner Creator
Researcher
CVE-ID
CVE-2024-9452
CVE-2024-9452
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Branding
Branding
Researcher
CVE-ID
CVE-2024-49228
CVE-2024-49228
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
bVerse Convert
bVerse Convert
Researcher
CVE-ID
CVE-2024-10055
CVE-2024-10055
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Click to Chat – WP Support All-in-One Floating Widget
Click to Chat – WP Support All-in-One Floating Widget
Researcher
CVE-ID
CVE-2024-49289
CVE-2024-49289
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Cooked Pro
Cooked Pro
Researcher
CVE-ID
CVE-2024-49262
CVE-2024-49262
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Country Flags for Elementor
Country Flags for Elementor
Researcher
CVE-ID
CVE-2024-49236
CVE-2024-49236
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Crazy Call To Action Box
Crazy Call To Action Box
Researcher
CVE-ID
CVE-2024-49296
CVE-2024-49296
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Custom Add to Cart Button Label and Link
Custom Add to Cart Button Label and Link
Researcher
CVE-ID
CVE-2024-49255
CVE-2024-49255
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Da Reactions
Da Reactions
Researcher
CVE-ID
CVE-2024-9674
CVE-2024-9674
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Debrandify · Remove or Replace WordPress Branding
Debrandify · Remove or Replace WordPress Branding
Researcher
CVE-ID
CVE-2024-49631
CVE-2024-49631
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Easy Addons for Elementor
Easy Addons for Elementor
Researcher
CVE-ID
CVE-2024-9366
CVE-2024-9366
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Easy Menu Manager | WPZest
Easy Menu Manager | WPZest
Researcher
CVE-ID
CVE-2024-49312
CVE-2024-49312
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Edwiser Bridge – WordPress Moodle LMS Integration
Edwiser Bridge – WordPress Moodle LMS Integration
Researcher
CVE-ID
CVE-2024-49311
CVE-2024-49311
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Edwiser Bridge – WordPress Moodle LMS Integration
Edwiser Bridge – WordPress Moodle LMS Integration
Researcher
CVE-ID
CVE-2024-49232
CVE-2024-49232
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
El mejor Cluster
El mejor Cluster
Researcher
CVE-ID
CVE-2024-9373
CVE-2024-9373
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Elemenda
Elemenda
Researcher
CVE-ID
CVE-2024-9444
CVE-2024-9444
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
ElementsReady Addons for Elementor
ElementsReady Addons for Elementor
Researcher
CVE-ID
CVE-2024-49264
CVE-2024-49264
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Events Addon for Elementor
Events Addon for Elementor
Researcher
CVE-ID
CVE-2024-49292
CVE-2024-49292
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Exclusive Addons for Elementor
Exclusive Addons for Elementor
Researcher
CVE-ID
CVE-2024-10014
CVE-2024-10014
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Flat UI Button
Flat UI Button
Researcher
CVE-ID
CVE-2024-8920
CVE-2024-8920
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Fonto – Custom Web Fonts Manager
Fonto – Custom Web Fonts Manager
Researcher
CVE-ID
CVE-2024-49301
CVE-2024-49301
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
G Meta Keywords
G Meta Keywords
Researcher
CVE-ID
CVE-2024-49279
CVE-2024-49279
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Hyperlink Group Block
Hyperlink Group Block
Researcher
CVE-ID
CVE-2024-49280
CVE-2024-49280
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Lightbox slider – Responsive Lightbox Gallery
Lightbox slider – Responsive Lightbox Gallery
Researcher
CVE-ID
CVE-2024-49233
CVE-2024-49233
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
MAS Elementor
MAS Elementor
Researcher
CVE-ID
CVE-2024-48049
CVE-2024-48049
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Mighty Builder – Drag & Drop WordPress Page Builder
Mighty Builder – Drag & Drop WordPress Page Builder
Researcher
CVE-ID
CVE-2024-49263
CVE-2024-49263
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
My Favorites
My Favorites
Researcher
CVE-ID
CVE-2024-49278
CVE-2024-49278
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Omnipress
Omnipress
Researcher
CVE-ID
CVE-2024-9898
CVE-2024-9898
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Parallax Image
Parallax Image
Researcher
CVE-ID
CVE-2024-49298
CVE-2024-49298
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
PeproDev Ultimate Invoice
PeproDev Ultimate Invoice
Researcher
CVE-ID
CVE-2024-49234
CVE-2024-49234
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Plexx Elementor Extension
Plexx Elementor Extension
Researcher
CVE-ID
CVE-2024-49259
CVE-2024-49259
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Primary Addon for Elementor
Primary Addon for Elementor
Researcher
CVE-ID
CVE-2024-9848
CVE-2024-9848
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Product Customizer Light
Product Customizer Light
Researcher
CVE-ID
CVE-2024-49282
CVE-2024-49282
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Responsive Lightbox & Gallery
Responsive Lightbox & Gallery
Researcher
CVE-ID
CVE-2024-10057
CVE-2024-10057
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
RSS Feed Widget
RSS Feed Widget
Researcher
CVE-ID
CVE-2024-9521
CVE-2024-9521
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
SEO Manager
SEO Manager
Researcher
CVE-ID
CVE-2024-49270
CVE-2024-49270
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Smart Blocks
Smart Blocks
Researcher
CVE-ID
CVE-2024-9895
CVE-2024-9895
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Smart Online Order for Clover
Smart Online Order for Clover
Researcher
CVE-ID
CVE-2024-9897
CVE-2024-9897
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
StreamWeasels Twitch Integration
StreamWeasels Twitch Integration
Researcher
Suki Sites Import <= 1.2.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
CVE-ID
CVE-2024-8916
CVE-2024-8916
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Suki Sites Import
Suki Sites Import
Researcher
Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-49310
CVE-2024-49310
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Themesflat Addons For Elementor
Themesflat Addons For Elementor
Researcher
CVE-ID
CVE-2024-49241
CVE-2024-49241
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Tito
Tito
Researcher
CVE-ID
CVE-2024-49277
CVE-2024-49277
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Unlimited Addon For Elementor <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-49267
CVE-2024-49267
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Unlimited Addon For Elementor
Unlimited Addon For Elementor
Researcher
CVE-ID
CVE-2024-49302
CVE-2024-49302
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WordPress Portfolio Builder – Portfolio Gallery
WordPress Portfolio Builder – Portfolio Gallery
Researcher
CVE-ID
CVE-2024-49231
CVE-2024-49231
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WordPress Video
WordPress Video
Researcher
WP Easy Post Types <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta
6.4
CVE-ID
CVE-2024-10080
CVE-2024-10080
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP Easy Post Types
WP Easy Post Types
Researcher
WP Education <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via text_html_tag
6.4
CVE-ID
CVE-2024-49630
CVE-2024-49630
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
WP Education – Education WordPress Plugin for Elementor
WP Education – Education WordPress Plugin for Elementor
Researcher
CVE-ID
CVE-2024-49225
CVE-2024-49225
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Responsive Pricing Table Builder – wpPricing Builder
Responsive Pricing Table Builder – wpPricing Builder
Researcher
CVE-ID
CVE-2024-8921
CVE-2024-8921
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Zita Elementor Site Library
Zita Elementor Site Library
Researcher
CVE-ID
CVE-2024-10078
CVE-2024-10078
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP Easy Post Types
WP Easy Post Types
Researcher
CVE-ID
CVE-2024-49240
CVE-2024-49240
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
AB Categories Search Widget
AB Categories Search Widget
Researcher
CVE-ID
CVE-2024-49248
CVE-2024-49248
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Ad Inserter – Ad Manager & AdSense Ads
Ad Inserter – Ad Manager & AdSense Ads
Researcher
CVE-ID
CVE-2024-49239
CVE-2024-49239
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Add Categories Post Footer
Add Categories Post Footer
Researcher
CVE-ID
CVE-2024-49238
CVE-2024-49238
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
ADIF Log Search Widget
ADIF Log Search Widget
Researcher
CVE-ID
CVE-2024-49237
CVE-2024-49237
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Ahmeti Wp Timeline
Ahmeti Wp Timeline
Researcher
CVE-ID
CVE-2024-49230
CVE-2024-49230
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Ajax Custom CSS/JS
Ajax Custom CSS/JS
Researcher
CVE-ID
CVE-2024-49316
CVE-2024-49316
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Akismet htaccess writer
Akismet htaccess writer
Researcher
CVE-ID
CVE-2024-49323
CVE-2024-49323
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
All in One Slider
All in One Slider
Researcher
CVE-ID
CVE-2024-49308
CVE-2024-49308
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Animator – Scroll Triggered Animations
Animator – Scroll Triggered Animations
Researcher
CVE-ID
CVE-2024-49605
CVE-2024-49605
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Community Lite Video Chat
Community Lite Video Chat
Researcher
CVE-ID
CVE-2024-49223
CVE-2024-49223
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
CJ Change Howdy
CJ Change Howdy
Researcher
CVE-ID
CVE-2024-49276
CVE-2024-49276
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Clio Grow Form
Clio Grow Form
Researcher
CVE-ID
CVE-2024-49220
CVE-2024-49220
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Cookie Scanner – automated cookie list
Cookie Scanner – automated cookie list
Researcher
CVE-ID
CVE-2024-49283
CVE-2024-49283
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
CVE-ID
CVE-2024-49309
CVE-2024-49309
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Digitally
Digitally
Researcher
CVE-ID
CVE-2024-49268
CVE-2024-49268
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Disconnected
Disconnected
Researcher
CVE-ID
CVE-2024-9350
CVE-2024-9350
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
DPD Baltic Shipping
DPD Baltic Shipping
Researcher
CVE-ID
CVE-2024-10049
CVE-2024-10049
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Edit WooCommerce Templates
Edit WooCommerce Templates
Researcher
CVE-ID
CVE-2024-49320
CVE-2024-49320
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Encyclopedia / Glossary / Wiki
Encyclopedia / Glossary / Wiki
Researcher
CVE-ID
CVE-2024-8719
CVE-2024-8719
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Flexmls® IDX Plugin
Flexmls® IDX Plugin
Researcher
CVE-ID
CVE-2024-9382
CVE-2024-9382
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Gantry 4 Framework
Gantry 4 Framework
Researcher
CVE-ID
CVE-2024-8740
CVE-2024-8740
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
GetResponse Forms by Optin Cat
GetResponse Forms by Optin Cat
Researcher
CVE-ID
CVE-2024-49606
CVE-2024-49606
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Google Map Locations
Google Map Locations
Researcher
CVE-ID
CVE-2024-49335
CVE-2024-49335
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
GoogleDrive folder list
GoogleDrive folder list
Researcher
CVE-ID
CVE-2024-49334
CVE-2024-49334
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
jLayer Parallax Slider
jLayer Parallax Slider
Researcher
CVE-ID
CVE-2024-9647
CVE-2024-9647
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Kama SpamBlock
Kama SpamBlock
Researcher
CVE-ID
CVE-2024-9652
CVE-2024-9652
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Locatoraid Store Locator
Locatoraid Store Locator
Researcher
CVE-ID
CVE-2024-9206
CVE-2024-9206
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
MAS Companies For WP Job Manager
MAS Companies For WP Job Manager
Researcher
CVE-ID
CVE-2024-49224
CVE-2024-49224
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Mitm Bug Tracker
Mitm Bug Tracker
Researcher
CVE-ID
CVE-2024-49269
CVE-2024-49269
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Researcher
CVE-ID
CVE-2024-9383
CVE-2024-9383
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Parcel Pro
Parcel Pro
Researcher
CVE-ID
CVE-2024-9213
CVE-2024-9213
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
افزونه پیامک ووکامرس Persian WooCommerce SMS
افزونه پیامک ووکامرس Persian WooCommerce SMS
Researcher
Pinpoint Booking System <= 2.9.9.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2024-49304
CVE-2024-49304
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Pinpoint Booking System – #1 WordPress Booking Plugin
Pinpoint Booking System – #1 WordPress Booking Plugin
Researcher
CVE-ID
CVE-2024-9240
CVE-2024-9240
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
ReDi Restaurant Reservation
ReDi Restaurant Reservation
Researcher
CVE-ID
CVE-2024-8787
CVE-2024-8787
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Smart Online Order for Clover
Smart Online Order for Clover
Researcher
CVE-ID
CVE-2024-8790
CVE-2024-8790
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Social Share With Floating Bar
Social Share With Floating Bar
Researcher
CVE-ID
CVE-2024-9347
CVE-2024-9347
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
The Ultimate WordPress Toolkit – WP Extended
The Ultimate WordPress Toolkit – WP Extended
Researcher
CVE-ID
CVE-2024-49313
CVE-2024-49313
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
VKontakte Wall Post
VKontakte Wall Post
Researcher
CVE-ID
CVE-2024-9937
CVE-2024-9937
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Woo Manage Fraud Orders
Woo Manage Fraud Orders
Researcher
CVE-ID
CVE-2024-9951
CVE-2024-9951
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
WP Photo Album Plus
WP Photo Album Plus
Researcher
CVE-ID
CVE-2024-9219
CVE-2024-9219
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
WordPress Social Share Buttons
WordPress Social Share Buttons
Researcher
CVE-ID
CVE-2024-9934
CVE-2024-9934
Patch Status
Unpatched
Unpatched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Wp-ImageZoom
Wp-ImageZoom
Researcher
CVE-ID
CVE-2024-48048
CVE-2024-48048
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Wsify widget
Wsify widget
Researcher
CVE-ID
CVE-2024-9104
CVE-2024-9104
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Ultimate AI
Ultimate AI
Researcher
CVE-ID
CVE-2024-5578
CVE-2024-5578
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Table of Contents Plus
Table of Contents Plus
Researcher
CVE-ID
CVE-2024-49266
CVE-2024-49266
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WP-Spreadplugin
WP-Spreadplugin
Researcher
CVE-ID
CVE-2024-49229
CVE-2024-49229
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Better Author Bio
Better Author Bio
Researcher
CVE-ID
CVE-2024-9873
CVE-2024-9873
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Community by PeepSo – Download from PeepSo.com
Community by PeepSo – Download from PeepSo.com
Researcher
CVE-ID
CVE-2024-9888
CVE-2024-9888
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
ElementInvader Addons for Elementor
ElementInvader Addons for Elementor
Researcher
CVE-ID
CVE-2024-8378
CVE-2024-8378
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Safe SVG
Safe SVG
Researcher
CVE-ID
CVE-2024-9940
CVE-2024-9940
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Calculated Fields Form
Calculated Fields Form
Researcher
Contact Forms, Live Support, CRM, Video Messages <= 1.10.3 - Unauthenticated Information Disclosure
5.3
CVE-ID
CVE-2024-49235
CVE-2024-49235
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Contact Forms, Live Support, CRM, Video Messages
Contact Forms, Live Support, CRM, Video Messages
Researcher
CVE-ID
CVE-2024-10040
CVE-2024-10040
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Infinite-Scroll
Infinite-Scroll
Researcher
CVE-ID
CVE-2024-9689
CVE-2024-9689
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Post From Frontend
Post From Frontend
Researcher
CVE-ID
CVE-2024-9944
CVE-2024-9944
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WooCommerce
WooCommerce
Researcher
CVE-ID
CVE-2024-49284
CVE-2024-49284
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP SendFox
WP SendFox
Researcher
CVE-ID
CVE-2024-9546
CVE-2024-9546
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
WPIDE – File Manager & Code Editor
WPIDE – File Manager & Code Editor
Researcher
CVE-ID
CVE-2019-25218
CVE-2019-25218
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Photo Gallery Slideshow & Masonry Tiled Gallery
Photo Gallery Slideshow & Masonry Tiled Gallery
Researcher
CVE-ID
CVE-2024-49299
CVE-2024-49299
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Surfer – WordPress Plugin
Surfer – WordPress Plugin
Researcher
CVE-ID
CVE-2024-8541
CVE-2024-8541
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons
Researcher
CVE-ID
CVE-2024-9892
CVE-2024-9892
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Add Widget After Content
Add Widget After Content
Researcher
CVE-ID
CVE-2024-49593
CVE-2024-49593
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Researcher
CVE-ID
CVE-2024-7877
CVE-2024-7877
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Researcher
CVE-ID
CVE-2024-7876
CVE-2024-7876
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Researcher
Contact Form by Supsystic <= 1.7.28 - Authenticated (Administrator+) Stored Cross-Site Scripting
4.4
CVE-ID
CVE-2024-48046
CVE-2024-48046
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Contact Form by Supsystic
Contact Form by Supsystic
Researcher
CVE-ID
CVE-2024-49288
CVE-2024-49288
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Email Template Customizer for WooCommerce
Email Template Customizer for WooCommerce
Researcher
CVE-ID
CVE-2024-43300
CVE-2024-43300
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Movie Database
Movie Database
Researcher
CVE-ID
CVE-2024-9883
CVE-2024-9883
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Pods – Custom Content Types and Fields
Pods – Custom Content Types and Fields
Researcher
CVE-ID
CVE-2024-49295
CVE-2024-49295
Patch Status
Unpatched
Unpatched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Simple Testimonials Showcase
Simple Testimonials Showcase
Researcher
CVE-ID
CVE-2024-10027
CVE-2024-10027
Patch Status
Patched
Patched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
WP Booking Calendar
WP Booking Calendar
Researcher
CVE-ID
CVE-2024-7879
CVE-2024-7879
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP ULike – All-in-One Engagement Toolkit
WP ULike – All-in-One Engagement Toolkit
Researcher
CVE-ID
CVE-2024-9361
CVE-2024-9361
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Bulk images optimizer: Resize, optimize, convert to webp, rename …
Bulk images optimizer: Resize, optimize, convert to webp, rename …
Researcher
CVE-ID
CVE-2024-49290
CVE-2024-49290
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Cooked Pro
Cooked Pro
Researcher
ElementInvader Addons for Elementor <= 1.2.9 - Authenticated (Contributor+) Information Exposure
4.3
CVE-ID
CVE-2024-9889
CVE-2024-9889
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
ElementInvader Addons for Elementor
ElementInvader Addons for Elementor
Researcher
CVE-ID
CVE-2024-6757
CVE-2024-6757
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Elementor Website Builder – More Than Just a Page Builder
Elementor Website Builder – More Than Just a Page Builder
Researcher
CVE-ID
CVE-2024-49629
CVE-2024-49629
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
Endless Posts Navigation
Endless Posts Navigation
Researcher
CVE-ID
CVE-2023-6243
CVE-2023-6243
Patch Status
Patched
Patched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
EventON Pro
EventON Pro
Researcher
CVE-ID
CVE-2024-9352
CVE-2024-9352
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-9351
CVE-2024-9351
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-49256
CVE-2024-49256
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file
Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file
Researcher
CVE-ID
CVE-2024-49275
CVE-2024-49275
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
IdeaPush
IdeaPush
Researcher
CVE-ID
CVE-2024-49252
CVE-2024-49252
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Leyka
Leyka
Researcher
CVE-ID
CVE-2024-48047
CVE-2024-48047
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Linked Variation for WooCommerce
Linked Variation for WooCommerce
Researcher
CVE-ID
CVE-2024-9891
CVE-2024-9891
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Multiline files upload for contact form 7
Multiline files upload for contact form 7
Researcher
CVE-ID
CVE-2024-49325
CVE-2024-49325
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
Photo Gallery Builder
Photo Gallery Builder
Researcher
CVE-ID
CVE-2024-49273
CVE-2024-49273
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
ProfileGrid – User Profiles, Groups and Communities
Researcher
CVE-ID
CVE-2024-7417
CVE-2024-7417
Patch Status
Patched
Patched
Published
Oct 16, 2024
Oct 16, 2024
Affected Software
Royal Elementor Addons and Templates
Royal Elementor Addons and Templates
Researcher
SendGrid for WordPress <= 1.4 - Missing Authorization to Authenticated (Subscriber+) Log Deletion
4.3
CVE-ID
CVE-2024-9364
CVE-2024-9364
Patch Status
Unpatched
Unpatched
Published
Oct 17, 2024
Oct 17, 2024
Affected Software
SendGrid for WordPress
SendGrid for WordPress
Researcher
CVE-ID
CVE-2024-49321
CVE-2024-49321
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
Simple Custom Post Order
Simple Custom Post Order
Researcher
CVE-ID
CVE-2024-9540
CVE-2024-9540
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
CVE-ID
CVE-2024-49272
CVE-2024-49272
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Social Auto Poster
Social Auto Poster
Researcher
CVE-ID
CVE-2024-49250
CVE-2024-49250
Patch Status
Unpatched
Unpatched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
Table of Contents Plus
Table of Contents Plus
Researcher
CVE-ID
CVE-2024-49274
CVE-2024-49274
Patch Status
Patched
Patched
Published
Oct 14, 2024
Oct 14, 2024
Affected Software
VOD Infomaniak
VOD Infomaniak
Researcher
CVE-ID
CVE-2024-49627
CVE-2024-49627
Patch Status
Unpatched
Unpatched
Published
Oct 18, 2024
Oct 18, 2024
Affected Software
WordPress Image SEO
WordPress Image SEO
Researcher
CVE-ID
CVE-2024-49306
CVE-2024-49306
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP Content Copy Protection & No Right Click
WP Content Copy Protection & No Right Click
Researcher
CVE-ID
CVE-2024-9649
CVE-2024-9649
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP ULike – All-in-One Engagement Toolkit
WP ULike – All-in-One Engagement Toolkit
Researcher
CVE-ID
CVE-2024-49293
CVE-2024-49293
Patch Status
Patched
Patched
Published
Oct 15, 2024
Oct 15, 2024
Affected Software
WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress
WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments