Wordfence Intelligence Weekly WordPress Vulnerability Report (November 18, 2024 to November 24, 2024)
🦸 💥 Calling all superheroes and hunters! Introducing the End of Year Holiday Extravaganza and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through December 9th, 2024:
- All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
- All plugins and themes with 50-999 active installs hosted in the WordPress.org repository and updated within the last 2 years are in-scope for all researchers!
- Minimum bounty of $5 for all valid in-scope submissions.
- All researchers earn automatic bonuses of between 5% to 180% for valid submissions
- Pending report limits are increased for all
- It’s possible to earn up to $31,200 for high impact vulnerabilities!
Last week, there were 222 vulnerabilities disclosed in 205 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 50 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 20,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- AppPresser – Mobile App Framework <= 4.4.6 – Unauthenticated Privilege Escalation via Password Reset
- WAF-RULE-770 – Data redacted while we work with the vendor on a patch.
- WAF-RULE-772 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 108 |
| Unpatched | 114 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 173 |
| High Severity | 34 |
| Critical Severity | 15 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 112 |
| Cross-Site Request Forgery (CSRF) | 30 |
| Missing Authorization | 29 |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 11 |
| Deserialization of Untrusted Data | 8 |
| Authorization Bypass Through User-Controlled Key | 7 |
| Exposure of Sensitive Information to an Unauthorized Actor | 6 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 5 |
| Unrestricted Upload of File with Dangerous Type | 5 |
| Improper Control of Generation of Code ('Code Injection') | 4 |
| Authentication Bypass Using an Alternate Path or Channel | 1 |
| Improper Access Control | 1 |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 1 |
| Improper Privilege Management | 1 |
| Protection Mechanism Failure | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 41 | |
| 24 | |
| 22 | |
| 17 | |
| 15 | |
| 15 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| 404 Solution | 404-solution |
| Absolute Addons For Elementor | absolute-addons |
| Activity Log – Monitor & Record User Changes | aryo-activity-log |
| Advanced Event Manager | advanced-event-manager |
| affiliate-toolkit – WP Affiliate Plugin with Amazon | affiliate-toolkit-starter |
| Ahmeti Wp Güzel Sözler | ahmeti-wp-guzel-sozler |
| AI Quiz | Quiz Maker | ai-quiz |
| AI Responsive Gallery Album | ai-responsive-gallery-album |
| amr shortcodes | amr-shortcodes |
| Announcement & Notification Banner – Bulletin | bulletin-announcements |
| Anonymous Restricted Content | anonymous-restricted-content |
| April's Call Posts | aprils-call-posts |
| AtaraPay WooCommerce Payment Gateway | atarapay-woocommerce |
| AutoListicle: Automatically Update Numbered List Articles | autolisticle-automatically-update-numbered-list-articles |
| Awesome Studio | awesome-studio |
| Banner System | banner-system |
| Bard Extra | bard-extra |
| Beds24 Online Booking | beds24-online-booking |
| Booster for WooCommerce | woocommerce-jetpack |
| Branda – Branda – White Label & Branding, Custom Login Page Customizer | branda-white-labeling |
| Button Block – Get fully customizable & multi-functional buttons | button-block |
| Buying Buddy IDX CRM | buying-buddy-idx-crm |
| Chameleoni Jobs | chameleon-jobs |
| Checkout with Cash App on WooCommerce | wc-cashapp |
| Chessgame Shizzle | chessgame-shizzle |
| Classified Listing – Classified ads & Business Directory Plugin | classified-listing |
| Clone | wp-clone-by-wp-academy |
| Co-marquage service-public.fr | co-marquage-service-public |
| Community by PeepSo – Download from PeepSo.com | peepso-core |
| Contact Form 7 Email Add on | cf7-email-add-on |
| Contact Page With Google Map | contact-page-with-google-map |
| Continue Shopping From Cart | continue-shopping-from-cart-page |
| Control horas | control-horas |
| Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes | security-force |
| Custom CSS, JS & PHP | custom-css |
| Custom Shortcode Sidebars | custom-shortcode-sidebars |
| de:branding | debranding |
| DeBounce Email Validator | debounce-io-email-validator |
| Dino Game – Embed Google Chrome Dinosaur Game in your website | dino-game |
| Distance Based Shipping Calculator | distance-based-shipping-calculator |
| Document & Data Automation | document-data-automation |
| Dynamic "To Top" Plugin | dynamic-to-top |
| Dynamic URL SEO | dynamic-url-seo |
| Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels | wpfunnels |
| Easy Liveblogs | easy-liveblogs |
| Easy Twitter Feed – Twitter feeds plugin for WP | easy-twitter-feeds |
| Elementor Portfolio Builder | portfolio-builder-elementor |
| Elfsight Telegram Chat CC | elfsight-telegram-chat-cc |
| Email Subscription Popup | email-subscribe |
| Enter Addons – Ultimate Template Builder for Elementor | enteraddons |
| Explara Events | explara-events |
| Extensions for Elementor | extensions-for-elementor |
| F4 Improvements | f4-improvements |
| Favicon My Blog | favicon-my-blog |
| Fediverse Embeds | fediverse-embeds |
| Fence URL wp-login.php | fence-url |
| Fintelligence Calculator | fintelligence-calculator |
| FireCask’s Twitter Follow Button | twitter-follow |
| FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider | fluent-smtp |
| Footer Flyout Widget | footer-flyout-widget |
| Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder | formidable |
| Friendly Functions for Welcart | friendly-functions-for-welcart |
| Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery | simply-gallery-block |
| GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress | gamipress |
| GD bbPress Attachments | gd-bbpress-attachments |
| GD Rating System | gd-rating-system |
| Generic Elements | generic-elements-for-elementor |
| Geolocator | geolocator |
| Getwid – Gutenberg Blocks | getwid |
| Google for WooCommerce | google-listings-and-ads |
| Google Plus Share and +1 Button | google-plus-share-and-plusone-button |
| GoQMieruca | goqmieruca |
| GoQSmile | goqsmile |
| Grey Owl Lightbox | grey-owl-lightbox |
| Grid View Gallery | grid-view-gallery |
| Gutenberg Blocks with AI by Kadence WP – Page Builder Features | kadence-blocks |
| HIPAA Compliant Forms with Drag’n’Drop HIPAA Form Builder. Sign HIPAA documents | hipaatizer |
| Hotlink2Watermark | hotlink2watermark |
| HTML5 Lyrics Karaoke Player | html5-lyrics-karaoke-player |
| HUSKY – Products Filter Professional for WooCommerce | woocommerce-products-filter |
| IceStats | icestats |
| Idealien Category Enhancements | idealien-category-enhancements |
| If-So Dynamic Content Personalization | if-so |
| Image horizontal reel scroll slideshow | image-horizontal-reel-scroll-slideshow |
| Image Optimizer, Resizer and CDN – Sirv | sirv |
| ImbaChat | imbachat-widget |
| Include Mastodon Feed | include-mastodon-feed |
| Increase Maximum Upload File Size | Increase Execution Time | wp-maximum-upload-file-size |
| Infinite Slider | infinite-slider |
| iPhone Webclip Manager | iphone-webclip-manager |
| ITERAS | iteras |
| JobBoardWP – Job Board Listings and Submissions | jobboardwp |
| Kevin's Plugin | kevins-plugin |
| LA-Studio Element Kit for Elementor | lastudio-element-kit |
| Lazy load videos and sticky control | lazy-load-videos-and-sticky-control |
| LeadBoxer | leadboxer |
| LeanPress | leanpress |
| LGPD Framework By Data443 | lgpd-framework |
| Library Bookshelves | library-bookshelves |
| LinkLaunder SEO | linklaunder-seo-plugin |
| Lock User Account | lock-user-account |
| LSX Tour Operator | tour-operator |
| MailChimp Forms by MailMunch | mailchimp-forms-by-mailmunch |
| MailMunch – Grow your Email List | mailmunch |
| Memberlite Shortcodes | memberlite-shortcodes |
| Meteor Slides | meteor-slides |
| MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar | mp3-music-player-by-sonaar |
| MP3 Sticky Player | fwdmsp |
| MStore API – Create Native Android & iOS Apps On The Cloud | mstore-api |
| Multi Feed Reader | multi-feed-reader |
| My Contador lesr | my-contador-wp |
| nBlocks – Responsive Gutenberg News Blocks | nblocks |
| Office Locator | office-locator |
| Opal Woo Custom Product Variation | opal-woo-custom-product-variation |
| Open edX LMS and WordPress integrator (LITE) | edunext-openedx-integrator |
| Ortto | autopilot |
| Page Parts | page-parts |
| Parallax Image | parallax-image |
| Pathomation | pathomation |
| Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net | peachpay-for-woocommerce |
| PDF Invoices & Packing Slips Generator for WooCommerce | pdf-invoicing-for-woocommerce |
| Post By Email | post-by-email |
| Post Ideas | post-ideas |
| Premium Packages – Sell Digital Products Securely | wpdm-premium-packages |
| Pricing table addon for elementor | pricing-table-addon-for-elementor |
| Product Designer | product-designer |
| Product Table for WooCommerce by CodeAstrology (wooproducttable.com) | woo-product-table |
| ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
| Protect Your Content | protect-your-content |
| PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes | revisionary |
| Pure CSS Circle Progress bar | pure-css-circle-progress-bar |
| QRMenu Restaurant QR Menu Lite | qrmenu-lite |
| Quick Learn | quick-learn |
| Quotes llama | quotes-llama |
| Rank Math SEO – AI SEO Tools to Dominate SEO Rankings | seo-by-rank-math |
| RealtyCandy IDX Broker Extended | realtycandy-idx-broker-extended |
| RecipePress Reloaded | recipepress-reloaded |
| Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation | get-a-quote-button-for-woocommerce |
| Rescue Shortcodes | rescue-shortcodes |
| Restaurant Menu – Food Ordering System – Table Reservation | menu-ordering-reservations |
| Run Contests, Raffles, and Giveaways with ContestsWP | contest-code-checker |
| salavat counter Plugin | salavat-counter |
| Save as PDF Plugin by Pdfcrowd | save-as-pdf-by-pdfcrowd |
| School Management System for Wordpress | school-management |
| Shine PDF Embeder | shine-pdf |
| Shopready – Elementor addons for WooCommerce Page Builder | shopready-elementor-addon |
| Silverlight Video Player | smooth-streaming-player |
| Simple Membership | simple-membership |
| Simple Travel Map | simple-travel-map |
| Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery) | sky-elementor-addons |
| Slick Sitemap | slick-sitemap |
| Slotti Ajanvaraus | slotti-ajanvaraus |
| Social Login | oa-social-login |
| SP Blog Designer | sp-blog-designer |
| Sticky Social Icons | sticky-social-icons |
| Stratum – Elementor Widgets | stratum |
| StreamWeasels Online Status Bar | stream-status-for-twitch |
| Subaccounts for WooCommerce | subaccounts-for-woocommerce |
| SuevaFree Essential Kit | suevafree-essential-kit |
| Sugar Calendar – Event Calendar, Event Tickets, and Event Management Platform | sugar-calendar-lite |
| SVG Block | svg-block |
| Tailored Tools | tailored-tools |
| Team Rosters | team-rosters |
| The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce | the-plus-addons-for-elementor-page-builder |
| Theater for WordPress | theatre |
| Theme Builder For Elementor | theme-builder-for-elementor |
| TM Islamic Helper | tm-islamic-helper |
| Tribute Testimonials – WordPress Testimonial Grid/Slider | tribute-testimonial-gridslider |
| Tutor LMS – eLearning and online course solution | tutor |
| Ultimate Classified Listings | ultimate-classified-listings |
| Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | ultimate-member |
| Ultimate YouTube Video & Shorts Player With Vimeo | ultimate-youtube-video-player |
| UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) | ultraaddons-elementor-lite |
| User registration & user profile – UserPlus | userplus |
| Wawp OTP Verification, Order Notifications, and Country Code Selector for WooCommerce | automation-web-platform |
| Wc Recently viewed products | wc-recently-viewed-products |
| Weather Atlas Widget | weather-atlas |
| What Would Seth Godin Do | what-would-seth-godin-do |
| WIP Incoming Lite | wip-incoming-lite |
| Wishlist for WooCommerce: Multi Wishlists Per Customer PRO | wish-list-for-woocommerce-pro |
| WooCommerce Price Alert | price-alert-woocommerce |
| WooCommerce Product Table Lite | wc-product-table-lite |
| WordPress Bootscraper | wp-bootscraper |
| WordPress Brute Force Protection – Stop Brute Force Attacks | guardgiant |
| wp auto top | wp-auto-top |
| WP e-Commerce Style Email | wp-e-commerce-style-email |
| WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts | wedevs-project-manager |
| WP Travel Engine – Tour Booking Plugin – Tour Operator Software | wp-travel-engine |
| WP User Manager – User Profile Builder & Membership | wp-user-manager |
| WP-ISPConfig 3 | wp-ispconfig3 |
| WP-Orphanage Extended | wp-orphanage-extended |
| WPAdverts – Classifieds Plugin | wpadverts |
| WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup | wpb-popup-for-contact-form-7 |
| WPBakery Visual Composer WHMCS Elements | void-visual-whmcs-element |
| WPDash Notes | wpdash-notes |
| WPGYM - Wordpress Gym Management System | gym-management |
| Xpresslane Fast Checkout | xpresslane-integration-for-woocommerce |
| Yaad Sarig Payment Gateway For WC | yaad-sarig-payment-gateway-for-wc |
| Youneeq Recommendations | youneeq-panel |
| yPHPlista | yphplista |
| Zajax – Ajax Navigation | zajax-ajax-navigation |
| Экспресс Платежи платежный модуль | express-pay |
| 우커머스 네이버페이 | mshop-npay |
| 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 | pgall-for-woocommerce |
| 코드엠샵 소셜톡 | mshop-naver-talktalk |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| AccessPress Staple | accesspress-staple |
| Ashe | ashe |
| Bard | bard |
| ForumEngine | forumengine |
| jobify | jobify |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2024-52449
CVE-2024-52449
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
WordPress Bootscraper
WordPress Bootscraper
Researcher
CVE-ID
CVE-2024-52447
CVE-2024-52447
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Contact Page With Google Map
Contact Page With Google Map
Researcher
CVE-ID
CVE-2024-52476
CVE-2024-52476
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Fediverse Embeds
Fediverse Embeds
Researcher
CVE-ID
CVE-2024-9511
CVE-2024-9511
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider
FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider
Researcher
CVE-ID
CVE-2024-52443
CVE-2024-52443
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Geolocator
Geolocator
Researcher
CVE-ID
CVE-2024-52444
CVE-2024-52444
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Opal Woo Custom Product Variation
Opal Woo Custom Product Variation
Researcher
CVE-ID
CVE-2024-52490
CVE-2024-52490
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Pathomation
Pathomation
Researcher
CVE-ID
CVE-2024-52441
CVE-2024-52441
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Quick Learn
Quick Learn
Researcher
CVE-ID
CVE-2024-9659
CVE-2024-9659
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
School Management System for Wordpress
School Management System for Wordpress
Researcher
CVE-ID
CVE-2024-10961
CVE-2024-10961
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Social Login
Social Login
Researcher
CVE-ID
CVE-2024-52439
CVE-2024-52439
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Team Rosters
Team Rosters
Researcher
CVE-ID
CVE-2024-52442
CVE-2024-52442
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
User registration & user profile – UserPlus
User registration & user profile – UserPlus
Researcher
CVE-ID
CVE-2024-52475
CVE-2024-52475
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Wawp OTP Verification, Order Notifications, and Country Code Selector for WooCommerce
Wawp OTP Verification, Order Notifications, and Country Code Selector for WooCommerce
Researcher
CVE-ID
CVE-2024-9942
CVE-2024-9942
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WPGYM - Wordpress Gym Management System
WPGYM - Wordpress Gym Management System
Researcher
CVE-ID
CVE-2024-52440
CVE-2024-52440
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Xpresslane Fast Checkout
Xpresslane Fast Checkout
Researcher
CVE-ID
CVE-2024-52496
CVE-2024-52496
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Absolute Addons For Elementor
Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-52488
CVE-2024-52488
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
AccessPress Staple
AccessPress Staple
Researcher
CVE-ID
CVE-2024-52437
CVE-2024-52437
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Banner System
Banner System
Researcher
CVE-ID
CVE-2024-52446
CVE-2024-52446
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Buying Buddy IDX CRM
Buying Buddy IDX CRM
Researcher
CVE-ID
CVE-2024-11194
CVE-2024-11194
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Classified Listing – Classified ads & Business Directory Plugin
Classified Listing – Classified ads & Business Directory Plugin
Researcher
CVE-ID
CVE-2024-10913
CVE-2024-10913
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Clone
Clone
Researcher
CVE-ID
CVE-2024-10898
CVE-2024-10898
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Contact Form 7 Email Add on
Contact Form 7 Email Add on
Researcher
CVE-ID
CVE-2024-52438
CVE-2024-52438
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
de:branding
de:branding
Researcher
LA-Studio Element Kit for Elementor <= 1.4.2 - Authenticated (Contributor+) Local File Inclusion
8.8
CVE-ID
CVE-2024-10873
CVE-2024-10873
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
LA-Studio Element Kit for Elementor
LA-Studio Element Kit for Elementor
Researchers
CVE-ID
CVE-2024-52450
CVE-2024-52450
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
nBlocks – Responsive Gutenberg News Blocks
nBlocks – Responsive Gutenberg News Blocks
Researcher
CVE-ID
CVE-2024-52501
CVE-2024-52501
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Office Locator
Office Locator
Researcher
CVE-ID
CVE-2024-52499
CVE-2024-52499
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Pricing table addon for elementor
Pricing table addon for elementor
Researcher
CVE-ID
CVE-2024-52445
CVE-2024-52445
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
QRMenu Restaurant QR Menu Lite
QRMenu Restaurant QR Menu Lite
Researcher
CVE-ID
CVE-2024-9660
CVE-2024-9660
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
School Management System for Wordpress
School Management System for Wordpress
Researcher
CVE-ID
CVE-2024-52497
CVE-2024-52497
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Shopready – Elementor addons for WooCommerce Page Builder
Shopready – Elementor addons for WooCommerce Page Builder
Researcher
CVE-ID
CVE-2024-52498
CVE-2024-52498
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
SP Blog Designer
SP Blog Designer
Researcher
CVE-ID
CVE-2024-52448
CVE-2024-52448
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Ultimate Classified Listings
Ultimate Classified Listings
Researcher
WP-Orphanage Extended <= 1.2 - Cross-Site Request Forgery to Orphan Account Privilege Escalation
8.8
CVE-ID
CVE-2024-11415
CVE-2024-11415
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WP-Orphanage Extended
WP-Orphanage Extended
Researcher
CVE-ID
CVE-2024-9941
CVE-2024-9941
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WPGYM - Wordpress Gym Management System
WPGYM - Wordpress Gym Management System
Researcher
CVE-ID
CVE-2024-52481
CVE-2024-52481
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
jobify
jobify
Researcher
CVE-ID
CVE-2024-10855
CVE-2024-10855
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Image Optimizer, Resizer and CDN – Sirv
Image Optimizer, Resizer and CDN – Sirv
Researcher
CVE-ID
CVE-2024-11601
CVE-2024-11601
Patch Status
Patched
Patched
Published
Nov 21, 2024
Nov 21, 2024
CVE-ID
CVE-2024-11104
CVE-2024-11104
Patch Status
Patched
Patched
Published
Nov 21, 2024
Nov 21, 2024
CVE-ID
CVE-2024-52474
CVE-2024-52474
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Экспресс Платежи платежный модуль
Экспресс Платежи платежный модуль
Researcher
CVE-ID
CVE-2024-10803
CVE-2024-10803
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
MP3 Sticky Player
MP3 Sticky Player
Researcher
CVE-ID
CVE-2024-52451
CVE-2024-52451
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Post Ideas
Post Ideas
Researcher
CVE-ID
CVE-2024-10400
CVE-2024-10400
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Tutor LMS – eLearning and online course solution
Researcher
CVE-ID
CVE-2024-11036
CVE-2024-11036
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress
GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress
Researcher
CVE-ID
CVE-2024-11034
CVE-2024-11034
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
CVE-ID
CVE-2024-10899
CVE-2024-10899
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
WooCommerce Product Table Lite
WooCommerce Product Table Lite
Researcher
CVE-ID
CVE-2024-11038
CVE-2024-11038
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup
WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup
Researcher
CVE-ID
CVE-2024-10788
CVE-2024-10788
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Activity Log – Monitor & Record User Changes
Activity Log – Monitor & Record User Changes
Researcher
CVE-ID
CVE-2024-11409
CVE-2024-11409
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Grid View Gallery
Grid View Gallery
Researcher
CVE-ID
CVE-2024-11620
CVE-2024-11620
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
Researcher
CVE-ID
CVE-2024-53708
CVE-2024-53708
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
AI Quiz | Quiz Maker
AI Quiz | Quiz Maker
Researcher
CVE-ID
CVE-2024-52495
CVE-2024-52495
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Distance Based Shipping Calculator
Distance Based Shipping Calculator
Researcher
CVE-ID
CVE-2024-11179
CVE-2024-11179
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
MStore API – Create Native Android & iOS Apps On The Cloud
MStore API – Create Native Android & iOS Apps On The Cloud
Researcher
CVE-ID
CVE-2024-10900
CVE-2024-10900
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
ProfileGrid – User Profiles, Groups and Communities
Researcher
CVE-ID
CVE-2024-53721
CVE-2024-53721
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Advanced Event Manager
Advanced Event Manager
Researcher
CVE-ID
CVE-2024-11426
CVE-2024-11426
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
AutoListicle: Automatically Update Numbered List Articles
AutoListicle: Automatically Update Numbered List Articles
Researcher
CVE-ID
CVE-2024-10177
CVE-2024-10177
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Beds24 Online Booking
Beds24 Online Booking
Researcher
CVE-ID
CVE-2024-11381
CVE-2024-11381
Patch Status
Unpatched
Unpatched
Published
Nov 21, 2024
Nov 21, 2024
Affected Software
Control horas
Control horas
Researcher
CVE-ID
CVE-2024-11388
CVE-2024-11388
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Dino Game – Embed Google Chrome Dinosaur Game in your website
Dino Game – Embed Google Chrome Dinosaur Game in your website
Researcher
CVE-ID
CVE-2024-11387
CVE-2024-11387
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Easy Liveblogs
Easy Liveblogs
Researcher
CVE-ID
CVE-2024-52486
CVE-2024-52486
Patch Status
Unpatched
Unpatched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Elementor Portfolio Builder
Elementor Portfolio Builder
Researcher
CVE-ID
CVE-2024-10390
CVE-2024-10390
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Elfsight Telegram Chat CC
Elfsight Telegram Chat CC
Researcher
CVE-ID
CVE-2024-11195
CVE-2024-11195
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Email Subscription Popup
Email Subscription Popup
Researcher
F4 Improvements <= 1.9.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
CVE-ID
CVE-2024-9442
CVE-2024-9442
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
F4 Improvements
F4 Improvements
Researcher
CVE-ID
CVE-2024-53731
CVE-2024-53731
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Fintelligence Calculator
Fintelligence Calculator
Researcher
CVE-ID
CVE-2024-11198
CVE-2024-11198
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
GD Rating System
GD Rating System
Researcher
CVE-ID
CVE-2024-53709
CVE-2024-53709
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Generic Elements
Generic Elements
Researcher
CVE-ID
CVE-2024-10872
CVE-2024-10872
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Getwid – Gutenberg Blocks
Getwid – Gutenberg Blocks
Researcher
CVE-ID
CVE-2024-11440
CVE-2024-11440
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Grey Owl Lightbox
Grey Owl Lightbox
Researcher
CVE-ID
CVE-2024-10785
CVE-2024-10785
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Researcher
CVE-ID
CVE-2024-11332
CVE-2024-11332
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Researcher
CVE-ID
CVE-2024-11455
CVE-2024-11455
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Include Mastodon Feed
Include Mastodon Feed
Researcher
CVE-ID
CVE-2024-52478
CVE-2024-52478
Patch Status
Unpatched
Unpatched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
jobify
jobify
Researcher
CVE-ID
CVE-2024-11428
CVE-2024-11428
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Lazy load videos and sticky control
Lazy load videos and sticky control
Researcher
LSX Tour Operator <= 1.4.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
CVE-ID
CVE-2024-9851
CVE-2024-9851
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
LSX Tour Operator
LSX Tour Operator
Researcher
CVE-ID
CVE-2024-11227
CVE-2024-11227
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Memberlite Shortcodes
Memberlite Shortcodes
Researcher
CVE-ID
CVE-2024-10268
CVE-2024-10268
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar
Researcher
CVE-ID
CVE-2024-11224
CVE-2024-11224
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Parallax Image
Parallax Image
Researcher
CVE-ID
CVE-2024-10164
CVE-2024-10164
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Premium Packages – Sell Digital Products Securely
Premium Packages – Sell Digital Products Securely
Researcher
Product Designer <= 1.0.35 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
CVE-ID
CVE-2024-9111
CVE-2024-9111
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Product Designer
Product Designer
Researcher
CVE-ID
CVE-2024-11385
CVE-2024-11385
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Pure CSS Circle Progress bar
Pure CSS Circle Progress bar
Researcher
CVE-ID
CVE-2024-10874
CVE-2024-10874
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Quotes llama
Quotes llama
Researcher
CVE-ID
CVE-2024-11414
CVE-2024-11414
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
RecipePress Reloaded
RecipePress Reloaded
Researcher
CVE-ID
CVE-2024-11199
CVE-2024-11199
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Rescue Shortcodes
Rescue Shortcodes
Researcher
Save as PDF Plugin by Pdfcrowd <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-10891
CVE-2024-10891
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Save as PDF Plugin by Pdfcrowd
Save as PDF Plugin by Pdfcrowd
Researcher
CVE-ID
CVE-2024-11412
CVE-2024-11412
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Shine PDF Embeder
Shine PDF Embeder
Researcher
CVE-ID
CVE-2024-11424
CVE-2024-11424
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Slick Sitemap
Slick Sitemap
Researcher
CVE-ID
CVE-2024-11408
CVE-2024-11408
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Slotti Ajanvaraus
Slotti Ajanvaraus
Researcher
StreamWeasels Online Status Bar <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-11438
CVE-2024-11438
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
StreamWeasels Online Status Bar
StreamWeasels Online Status Bar
Researcher
CVE-ID
CVE-2024-11432
CVE-2024-11432
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
SuevaFree Essential Kit
SuevaFree Essential Kit
Researcher
CVE-ID
CVE-2024-52503
CVE-2024-52503
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Tailored Tools
Tailored Tools
Researcher
CVE-ID
CVE-2024-10886
CVE-2024-10886
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Tribute Testimonials – WordPress Testimonial Grid/Slider
Tribute Testimonials – WordPress Testimonial Grid/Slider
Researcher
CVE-ID
CVE-2024-10116
CVE-2024-10116
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
FireCask’s Twitter Follow Button
FireCask’s Twitter Follow Button
Researcher
CVE-ID
CVE-2024-52487
CVE-2024-52487
Patch Status
Unpatched
Unpatched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Ultimate Classified Listings
Ultimate Classified Listings
Researcher
CVE-ID
CVE-2024-10172
CVE-2024-10172
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
WPBakery Visual Composer WHMCS Elements
WPBakery Visual Composer WHMCS Elements
Researcher
CVE-ID
CVE-2024-11231
CVE-2024-11231
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
우커머스 네이버페이
우커머스 네이버페이
Researcher
CVE-ID
CVE-2024-11228
CVE-2024-11228
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
워드프레스 결제 심플페이 – 우커머스 결제 플러그인
워드프레스 결제 심플페이 – 우커머스 결제 플러그인
Researcher
CVE-ID
CVE-2024-11229
CVE-2024-11229
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
코드엠샵 소셜톡
코드엠샵 소셜톡
Researcher
CVE-ID
CVE-2024-11277
CVE-2024-11277
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
404 Solution
404 Solution
Researcher
CVE-ID
CVE-2024-10675
CVE-2024-10675
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
affiliate-toolkit – WP Affiliate Plugin with Amazon
affiliate-toolkit – WP Affiliate Plugin with Amazon
Researcher
CVE-ID
CVE-2024-52467
CVE-2024-52467
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
AI Responsive Gallery Album
AI Responsive Gallery Album
Researcher
CVE-ID
CVE-2024-52464
CVE-2024-52464
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
amr shortcodes
amr shortcodes
Researcher
CVE-ID
CVE-2024-52460
CVE-2024-52460
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
AtaraPay WooCommerce Payment Gateway
AtaraPay WooCommerce Payment Gateway
Researcher
CVE-ID
CVE-2024-52456
CVE-2024-52456
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Awesome Studio
Awesome Studio
Researcher
CVE-ID
CVE-2024-9239
CVE-2024-9239
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Booster for WooCommerce
Booster for WooCommerce
Researcher
CVE-ID
CVE-2024-9371
CVE-2024-9371
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Branda – Branda – White Label & Branding, Custom Login Page Customizer
Branda – Branda – White Label & Branding, Custom Login Page Customizer
Researcher
CVE-ID
CVE-2024-10682
CVE-2024-10682
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Announcement & Notification Banner – Bulletin
Announcement & Notification Banner – Bulletin
Researcher
CVE-ID
CVE-2024-52459
CVE-2024-52459
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Chameleoni Jobs
Chameleoni Jobs
Researcher
CVE-ID
CVE-2024-9635
CVE-2024-9635
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Checkout with Cash App on WooCommerce
Checkout with Cash App on WooCommerce
Researcher
CVE-ID
CVE-2024-11446
CVE-2024-11446
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Chessgame Shizzle
Chessgame Shizzle
Researcher
Co-marquage service-public.fr <= 0.5.76 - Reflected Cross-Site Scripting via add_query_arg Parameter
6.1
CVE-ID
CVE-2024-10522
CVE-2024-10522
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Co-marquage service-public.fr
Co-marquage service-public.fr
Researcher
CVE-ID
CVE-2024-11447
CVE-2024-11447
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Community by PeepSo – Download from PeepSo.com
Community by PeepSo – Download from PeepSo.com
Researcher
Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes <= 1.1.6 - Reflected Cross-Site Scripting
6.1
CVE-ID
CVE-2024-11365
CVE-2024-11365
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes
Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes
Researcher
CVE-ID
CVE-2024-11330
CVE-2024-11330
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Custom CSS, JS & PHP
Custom CSS, JS & PHP
Researcher
CVE-ID
CVE-2024-11463
CVE-2024-11463
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
DeBounce Email Validator
DeBounce Email Validator
Researcher
CVE-ID
CVE-2024-52470
CVE-2024-52470
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Dynamic URL SEO
Dynamic URL SEO
Researcher
CVE-ID
CVE-2024-10792
CVE-2024-10792
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels
Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels
Researcher
CVE-ID
CVE-2024-52466
CVE-2024-52466
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Explara Events
Explara Events
Researcher
CVE-ID
CVE-2024-52471
CVE-2024-52471
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Extensions for Elementor
Extensions for Elementor
Researcher
CVE-ID
CVE-2024-53732
CVE-2024-53732
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Footer Flyout Widget
Footer Flyout Widget
Researcher
CVE-ID
CVE-2024-11188
CVE-2024-11188
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-10623
CVE-2024-10623
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
ForumEngine
ForumEngine
Researcher
Friendly Functions for Welcart <= 1.2.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2024-10726
CVE-2024-10726
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Friendly Functions for Welcart
Friendly Functions for Welcart
Researcher
CVE-ID
CVE-2024-11278
CVE-2024-11278
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
GD bbPress Attachments
GD bbPress Attachments
Researcher
CVE-ID
CVE-2024-52454
CVE-2024-52454
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
GoQMieruca
GoQMieruca
Researcher
CVE-ID
CVE-2024-10869
CVE-2024-10869
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WordPress Brute Force Protection – Stop Brute Force Attacks
WordPress Brute Force Protection – Stop Brute Force Attacks
Researcher
CVE-ID
CVE-2024-52473
CVE-2024-52473
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
HTML5 Lyrics Karaoke Player
HTML5 Lyrics Karaoke Player
Researcher
CVE-ID
CVE-2024-11400
CVE-2024-11400
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
HUSKY – Products Filter Professional for WooCommerce
HUSKY – Products Filter Professional for WooCommerce
Researcher
CVE-ID
CVE-2024-52461
CVE-2024-52461
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Infinite Slider
Infinite Slider
Researcher
CVE-ID
CVE-2024-53735
CVE-2024-53735
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
iPhone Webclip Manager
iPhone Webclip Manager
Researcher
CVE-ID
CVE-2024-10880
CVE-2024-10880
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
JobBoardWP – Job Board Listings and Submissions
JobBoardWP – Job Board Listings and Submissions
Researcher
CVE-ID
CVE-2024-52465
CVE-2024-52465
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
LGPD Framework By Data443
LGPD Framework By Data443
Researcher
CVE-ID
CVE-2024-52453
CVE-2024-52453
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Library Bookshelves
Library Bookshelves
Researcher
CVE-ID
CVE-2024-53727
CVE-2024-53727
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
LinkLaunder SEO
LinkLaunder SEO
Researcher
CVE-ID
CVE-2024-8726
CVE-2024-8726
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
MailChimp Forms by MailMunch
MailChimp Forms by MailMunch
Researcher
CVE-ID
CVE-2024-8735
CVE-2024-8735
Patch Status
Patched
Patched
Published
Nov 21, 2024
Nov 21, 2024
Affected Software
MailMunch – Grow your Email List
MailMunch – Grow your Email List
Researcher
CVE-ID
CVE-2024-52452
CVE-2024-52452
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Open edX LMS and WordPress integrator (LITE)
Open edX LMS and WordPress integrator (LITE)
Researcher
CVE-ID
CVE-2024-52482
CVE-2024-52482
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Ortto
Ortto
Researcher
CVE-ID
CVE-2024-11360
CVE-2024-11360
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Page Parts
Page Parts
Researcher
CVE-ID
CVE-2024-11362
CVE-2024-11362
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net
Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net
Researcher
PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting
6.1
CVE-ID
CVE-2024-11361
CVE-2024-11361
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
PDF Invoices & Packing Slips Generator for WooCommerce
PDF Invoices & Packing Slips Generator for WooCommerce
Researcher
CVE-ID
CVE-2024-52463
CVE-2024-52463
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Post By Email
Post By Email
Researcher
CVE-ID
CVE-2024-11225
CVE-2024-11225
Patch Status
Unpatched
Unpatched
Published
Nov 21, 2024
Nov 21, 2024
Affected Software
Premium Packages – Sell Digital Products Securely
Premium Packages – Sell Digital Products Securely
Researcher
CVE-ID
CVE-2024-53728
CVE-2024-53728
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Protect Your Content
Protect Your Content
Researcher
Restaurant Menu – Food Ordering System – Table Reservation <= 2.4.2 - Reflected Cross-Site Scripting
6.1
CVE-ID
CVE-2024-9653
CVE-2024-9653
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Restaurant Menu – Food Ordering System – Table Reservation
Restaurant Menu – Food Ordering System – Table Reservation
Researcher
CVE-ID
CVE-2024-11456
CVE-2024-11456
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Run Contests, Raffles, and Giveaways with ContestsWP
Run Contests, Raffles, and Giveaways with ContestsWP
Researcher
CVE-ID
CVE-2024-11435
CVE-2024-11435
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
salavat counter Plugin
salavat counter Plugin
Researcher
CVE-ID
CVE-2024-11370
CVE-2024-11370
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Subaccounts for WooCommerce
Subaccounts for WooCommerce
Researcher
CVE-ID
CVE-2024-10878
CVE-2024-10878
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Researcher
CVE-ID
CVE-2024-11371
CVE-2024-11371
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Theater for WordPress
Theater for WordPress
Researcher
CVE-ID
CVE-2024-52458
CVE-2024-52458
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
TM Islamic Helper
TM Islamic Helper
Researcher
CVE-ID
CVE-2024-52484
CVE-2024-52484
Patch Status
Unpatched
Unpatched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Wc Recently viewed products
Wc Recently viewed products
Researcher
CVE-ID
CVE-2024-52472
CVE-2024-52472
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Weather Atlas Widget
Weather Atlas Widget
Researcher
CVE-ID
CVE-2024-11416
CVE-2024-11416
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
WIP Incoming Lite
WIP Incoming Lite
Researcher
CVE-ID
CVE-2024-10519
CVE-2024-10519
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Wishlist for WooCommerce: Multi Wishlists Per Customer PRO
Wishlist for WooCommerce: Multi Wishlists Per Customer PRO
Researcher
CVE-ID
CVE-2024-52469
CVE-2024-52469
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
WooCommerce Price Alert
WooCommerce Price Alert
Researcher
CVE-ID
CVE-2024-52462
CVE-2024-52462
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
WP e-Commerce Style Email
WP e-Commerce Style Email
Researcher
CVE-ID
CVE-2024-10890
CVE-2024-10890
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
WPAdverts – Classifieds Plugin
WPAdverts – Classifieds Plugin
Researcher
CVE-ID
CVE-2024-52457
CVE-2024-52457
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Youneeq Recommendations
Youneeq Recommendations
Researcher
CVE-ID
CVE-2024-10034
CVE-2024-10034
Patch Status
Patched
Patched
Published
Nov 21, 2024
Nov 21, 2024
SVG Block <= 1.1.24 - Authenticated (Administrator+) Stored Cross-Site Scripting via SVG File Upload
5.5
CVE-ID
CVE-2024-11098
CVE-2024-11098
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
SVG Block
SVG Block
Researcher
CVE-ID
CVE-2024-53730
CVE-2024-53730
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
April's Call Posts
April's Call Posts
Researcher
CVE-ID
CVE-2024-53714
CVE-2024-53714
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Continue Shopping From Cart
Continue Shopping From Cart
Researcher
CVE-ID
CVE-2024-53736
CVE-2024-53736
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Custom Shortcode Sidebars
Custom Shortcode Sidebars
Researcher
CVE-ID
CVE-2024-53733
CVE-2024-53733
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Fence URL wp-login.php
Fence URL wp-login.php
Researcher
Idealien Category Enhancements <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
5.4
CVE-ID
CVE-2024-53734
CVE-2024-53734
Patch Status
Unpatched
Unpatched
Published
Nov 23, 2024
Nov 23, 2024
Affected Software
Idealien Category Enhancements
Idealien Category Enhancements
Researcher
CVE-ID
CVE-2024-53720
CVE-2024-53720
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WP-ISPConfig 3
WP-ISPConfig 3
Researcher
CVE-ID
CVE-2024-10665
CVE-2024-10665
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Yaad Sarig Payment Gateway For WC
Yaad Sarig Payment Gateway For WC
Researcher
CVE-ID
CVE-2024-11089
CVE-2024-11089
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Anonymous Restricted Content
Anonymous Restricted Content
Researcher
CVE-ID
CVE-2024-10486
CVE-2024-10486
Patch Status
Patched
Patched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
Google for WooCommerce
Google for WooCommerce
Researcher
CVE-ID
CVE-2024-52480
CVE-2024-52480
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
jobify
jobify
Researcher
Product Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information Exposure
5.3
CVE-ID
CVE-2024-10813
CVE-2024-10813
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Product Table for WooCommerce by CodeAstrology (wooproducttable.com)
Product Table for WooCommerce by CodeAstrology (wooproducttable.com)
Researcher
CVE-ID
CVE-2024-11088
CVE-2024-11088
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Simple Membership
Simple Membership
Researcher
CVE-ID
CVE-2024-10393
CVE-2024-10393
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Tutor LMS – eLearning and online course solution
Researcher
WP Project Manager <= 2.6.14 - Missing Authorization to Project Milestone and Task Creation/Deletion
5.3
CVE-ID
CVE-2024-10520
CVE-2024-10520
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
CVE-ID
CVE-2024-53722
CVE-2024-53722
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Favicon My Blog
Favicon My Blog
Researcher
CVE-ID
CVE-2024-52494
CVE-2024-52494
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Dynamic "To Top" Plugin
Dynamic "To Top" Plugin
Researcher
CVE-ID
CVE-2024-52492
CVE-2024-52492
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Image horizontal reel scroll slideshow
Image horizontal reel scroll slideshow
Researcher
CVE-ID
CVE-2024-52493
CVE-2024-52493
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Meteor Slides
Meteor Slides
Researcher
CVE-ID
CVE-2024-52491
CVE-2024-52491
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Sticky Social Icons
Sticky Social Icons
Researcher
CVE-ID
CVE-2024-51900
CVE-2024-51900
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
What Would Seth Godin Do
What Would Seth Godin Do
Researcher
CVE-ID
CVE-2024-53707
CVE-2024-53707
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Ahmeti Wp Güzel Sözler
Ahmeti Wp Güzel Sözler
Researcher
CVE-ID
CVE-2024-10532
CVE-2024-10532
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Bard Extra
Bard Extra
Researcher
CVE-ID
CVE-2024-10671
CVE-2024-10671
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Button Block – Get fully customizable & multi-functional buttons
Button Block – Get fully customizable & multi-functional buttons
Researcher
CVE-ID
CVE-2024-52477
CVE-2024-52477
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
Document & Data Automation
Document & Data Automation
Researcher
CVE-ID
CVE-2024-10666
CVE-2024-10666
Patch Status
Unpatched
Unpatched
Published
Nov 21, 2024
Nov 21, 2024
Affected Software
Easy Twitter Feed – Twitter feeds plugin for WP
Easy Twitter Feed – Twitter feeds plugin for WP
Researcher
CVE-ID
CVE-2024-10868
CVE-2024-10868
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Enter Addons – Ultimate Template Builder for Elementor
Enter Addons – Ultimate Template Builder for Elementor
Researcher
CVE-ID
CVE-2024-53723
CVE-2024-53723
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Google Plus Share and +1 Button
Google Plus Share and +1 Button
Researcher
CVE-ID
CVE-2024-53711
CVE-2024-53711
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Hotlink2Watermark
Hotlink2Watermark
Researcher
CVE-ID
CVE-2024-10796
CVE-2024-10796
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
If-So Dynamic Content Personalization
If-So Dynamic Content Personalization
Researcher
CVE-ID
CVE-2024-52479
CVE-2024-52479
Patch Status
Unpatched
Unpatched
Published
Nov 18, 2024
Nov 18, 2024
Affected Software
jobify
jobify
Researcher
CVE-ID
CVE-2024-53712
CVE-2024-53712
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Kevin's Plugin
Kevin's Plugin
Researcher
CVE-ID
CVE-2024-53718
CVE-2024-53718
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Multi Feed Reader
Multi Feed Reader
Researcher
CVE-ID
CVE-2024-11334
CVE-2024-11334
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
My Contador lesr
My Contador lesr
Researcher
CVE-ID
CVE-2024-11154
CVE-2024-11154
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes
PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes
Researcher
CVE-ID
CVE-2024-53726
CVE-2024-53726
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
RealtyCandy IDX Broker Extended
RealtyCandy IDX Broker Extended
Researcher
CVE-ID
CVE-2024-53713
CVE-2024-53713
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Silverlight Video Player
Silverlight Video Player
Researcher
CVE-ID
CVE-2024-53715
CVE-2024-53715
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Simple Travel Map
Simple Travel Map
Researcher
CVE-ID
CVE-2024-9542
CVE-2024-9542
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
CVE-ID
CVE-2024-10316
CVE-2024-10316
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Stratum – Elementor Widgets
Stratum – Elementor Widgets
Researcher
CVE-ID
CVE-2024-10365
CVE-2024-10365
Patch Status
Patched
Patched
Published
Nov 19, 2024
Nov 19, 2024
Affected Software
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
Researcher
CVE-ID
CVE-2024-10782
CVE-2024-10782
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Theme Builder For Elementor
Theme Builder For Elementor
Researcher
CVE-ID
CVE-2024-10528
CVE-2024-10528
Patch Status
Patched
Patched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
Researcher
CVE-ID
CVE-2024-11354
CVE-2024-11354
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Ultimate YouTube Video & Shorts Player With Vimeo
Ultimate YouTube Video & Shorts Player With Vimeo
Researcher
CVE-ID
CVE-2024-11355
CVE-2024-11355
Patch Status
Unpatched
Unpatched
Published
Nov 21, 2024
Nov 21, 2024
Affected Software
Ultimate YouTube Video & Shorts Player With Vimeo
Ultimate YouTube Video & Shorts Player With Vimeo
Researcher
CVE-ID
CVE-2024-10696
CVE-2024-10696
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
CVE-ID
CVE-2024-53716
CVE-2024-53716
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
wp auto top
wp auto top
Researcher
CVE-ID
CVE-2024-11265
CVE-2024-11265
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Increase Maximum Upload File Size | Increase Execution Time
Increase Maximum Upload File Size | Increase Execution Time
Researcher
CVE-ID
CVE-2024-10606
CVE-2024-10606
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WP Travel Engine – Tour Booking Plugin – Tour Operator Software
WP Travel Engine – Tour Booking Plugin – Tour Operator Software
Researcher
CVE-ID
CVE-2024-10537
CVE-2024-10537
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WP User Manager – User Profile Builder & Membership
WP User Manager – User Profile Builder & Membership
Researcher
CVE-ID
CVE-2024-10216
CVE-2024-10216
Patch Status
Patched
Patched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WP User Manager – User Profile Builder & Membership
WP User Manager – User Profile Builder & Membership
Researcher
CVE-ID
CVE-2024-9223
CVE-2024-9223
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
WPDash Notes
WPDash Notes
Researcher
CVE-ID
CVE-2024-53719
CVE-2024-53719
Patch Status
Unpatched
Unpatched
Published
Nov 22, 2024
Nov 22, 2024
Affected Software
Zajax – Ajax Navigation
Zajax – Ajax Navigation
Researcher
CVE-ID
CVE-2024-11197
CVE-2024-11197
Patch Status
Unpatched
Unpatched
Published
Nov 20, 2024
Nov 20, 2024
Affected Software
Lock User Account
Lock User Account
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments