Wordfence Intelligence Weekly WordPress Vulnerability Report (March 11, 2024 to March 17, 2024)
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 167 vulnerabilities disclosed in 129 WordPress Plugins and 1 WordPress Theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 70 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 14,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- WAF-RULE-684 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 156 |
| Unpatched | 11 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 140 |
| High Severity | 20 |
| Critical Severity | 7 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 110 |
| Missing Authorization | 18 |
| Cross-Site Request Forgery (CSRF) | 15 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 4 |
| Deserialization of Untrusted Data | 3 |
| Improper Control of Generation of Code ('Code Injection') | 3 |
| Exposure of Sensitive Information to an Unauthorized Actor | 2 |
| Server-Side Request Forgery (SSRF) | 2 |
| Unrestricted Upload of File with Dangerous Type | 2 |
| Authorization Bypass Through User-Controlled Key | 1 |
| Exposure of Sensitive Information Through Data Queries | 1 |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 1 |
| Improper Input Validation | 1 |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 1 |
| Incorrect Authorization | 1 |
| Insufficiently Protected Credentials | 1 |
| Missing Critical Step in Authentication | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 18 | |
| 12 | |
| 12 | |
| 8 | |
| 8 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Accordion | accordions |
| Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | advanced-access-manager |
| Advanced Sermons | advanced-sermons |
| Anti-Malware Security and Brute-Force Firewall | gotmls |
| AntiSpam for Contact Form 7 | cf7-antispam |
| ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | armember-membership |
| Auto Affiliate Links | wp-auto-affiliate-links |
| Awesome Support – WordPress HelpDesk & Support Plugin | awesome-support |
| Backuply – Backup, Restore, Migrate and Clone | backuply |
| Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. | barcode-scanner-lite-pos-to-manage-products-inventory-and-orders |
| Beaver Builder Addons by WPZOOM | wpzoom-addons-for-beaver-builder |
| Beaver Builder – WordPress Page Builder | beaver-builder-lite-version |
| Builder for WooCommerce product reviews shortcodes – ReviewShort | woo-product-reviews-shortcode |
| Bulgarisation for WooCommerce | bulgarisation-for-woocommerce |
| Burst Statistics – Privacy-Friendly Analytics for WordPress | burst-statistics |
| Calendarista Basic Edition – WordPress appointment booking system | calendarista-basic-edition |
| Contact Form 7 | contact-form-7 |
| Contact Form 7 – PayPal & Stripe Add-on | contact-form-7-paypal-add-on |
| Contact Form by BestWebSoft – Advanced Contact Us Form Builder for WordPress | contact-form-plugin |
| Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder | bit-form |
| Coupon Affiliates – Affiliate Plugin for WooCommerce | woo-coupon-usage |
| Crisp – Live Chat and Chatbot | crisp |
| Cryptocurrency Widgets – Price Ticker & Coins List | cryptocurrency-price-ticker-widget |
| CWW Companion | cww-companion |
| Database for Contact Form 7 | cf7-database |
| Download Manager Pro | download-manager |
| DSGVO All in one for WP | dsgvo-all-in-one-for-wp |
| Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels | wpfunnels |
| Easy Social Feed – Social Photos Gallery – Post Feed – Like Box | easy-facebook-likebox |
| ElementInvader Addons for Elementor | elementinvader-addons-for-elementor |
| Elementor Addon Elements | addon-elements-for-elementor-page-builder |
| Elementor Addons by Livemesh | addons-for-elementor |
| Elementor Header & Footer Builder | header-footer-elementor |
| Elements Plus! | elements-plus |
| ElementsKit Elementor addons | elementskit-lite |
| Email Subscription Popup | email-subscribe |
| Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders | essential-addons-for-elementor-lite |
| Everest Forms – Build Contact Forms, Surveys, Polls, Quizzes, Newsletter & Application Forms, and Many More with Ease! | everest-forms |
| Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | evergreen-content-poster |
| Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) | extensions-for-cf7 |
| f(x) Private Site | fx-private-site |
| Five Star Restaurant Menu and Food Ordering | food-and-drink-menu |
| Free Downloads WooCommerce | download-now-for-woocommerce |
| FV Flowplayer Video Player | fv-wordpress-flowplayer |
| GiveWP – Donation Plugin and Fundraising Platform | give |
| Gutenberg Blocks with AI by Kadence WP – Page Builder Features | kadence-blocks |
| HT Easy GA4 – Google Analytics WordPress Plugin | ht-easy-google-analytics |
| HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
| Hubbub Lite – Fast, Reliable Social Sharing Buttons | social-pug |
| HUSKY – Products Filter Professional for WooCommerce | woocommerce-products-filter |
| Hustle – Email Marketing, Lead Generation, Optins, Popups | wordpress-popup |
| Inline Related Posts | intelly-related-posts |
| JetWidgets For Elementor | jetwidgets-for-elementor |
| Knight Lab Timeline | knight-lab-timelinejs |
| LA-Studio Element Kit for Elementor | lastudio-element-kit |
| LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… | ladipage |
| Link Library | link-library |
| Link Whisper Free | link-whisper |
| Malware Scanner | miniorange-malware-protection |
| MasterStudy LMS WordPress Plugin – for Online Courses and Education | masterstudy-lms-learning-management-system |
| MJM Clinic | mjm-clinic |
| Mollie Forms | mollie-forms |
| Multiple Page Generator Plugin – MPG | multiple-pages-generator-by-porthas |
| News Announcement Scroll | news-announcement-scroll |
| Newsletter2Go | newsletter2go |
| oik | oik |
| Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | otter-blocks |
| OxyExtras | oxyextras |
| Page Builder Gutenberg Blocks – CoBlocks | coblocks |
| Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | wp-user-avatar |
| Permalink Manager Lite | permalink-manager |
| Post Grid and Gutenberg Blocks – ComboBlocks | post-grid |
| Premium Addons for Elementor | premium-addons-for-elementor |
| Premmerce Permalink Manager for WooCommerce | woo-permalink-manager |
| Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) | bdthemes-prime-slider-lite |
| PropertyHive | propertyhive |
| Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | quiz-master-next |
| Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction | pie-register |
| RegistrationMagic – User Registration Plugin with Custom Registration Forms | custom-registration-form-builder-with-submission-manager |
| Related Posts for WordPress | related-posts-for-wp |
| Scrollsequence – Cinematic Scroll Image Animation Plugin | scrollsequence |
| Sell Tickets – Event Ticketing and Event Registration – Ticket Tailor for WordPress | ticket-tailor |
| Shariff Wrapper | shariff |
| ShopLentor – WooCommerce Builder for Elementor & Gutenberg +16 Modules – All in One Solution (formerly WooLentor) | woolentor-addons |
| Simple Job Board | simple-job-board |
| Site Reviews | site-reviews |
| Sitekit | sitekit |
| Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery) | sky-elementor-addons |
| Smart Online Order for Clover | clover-online-orders |
| Social Media Share Buttons | social-media-builder |
| Specific Content For Mobile – Customize the mobile version without redirections | specific-content-for-mobile |
| Super Page Cache | wp-cloudflare-page-cache |
| SupportCandy – Helpdesk & Customer Support Ticket System | supportcandy |
| Survey Maker | survey-maker |
| Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent | tablesome |
| Team Circle Image Slider With Lightbox | circle-image-slider-with-lightbox |
| The Moneytizer | the-moneytizer |
| Themify – WooCommerce Product Filter | themify-wc-product-filter |
| Tutor LMS – eLearning and online course solution | tutor |
| Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons With Personalized Templates | woo-gift-cards-lite |
| User profile | user-profile |
| UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | userswp |
| Video Conferencing with Zoom | video-conferencing-with-zoom-api |
| Visual Composer Website Builder | visualcomposer |
| Visualizer: Tables and Charts Manager for WordPress | visualizer |
| WC Shop Sync – Square Payment Gateway for WooCommerce, Inventory Sync Between Square and WooCommerce, Ultimate WooCommerce Square Plugin | woosquare |
| Web Application Firewall – website security | web-application-firewall |
| weForms – Easy Drag & Drop Contact Form Builder For WordPress | weforms |
| WEN Responsive Columns | wen-responsive-columns |
| WooCommerce Cart Abandonment Recovery | woo-cart-abandonment-recovery |
| WooCommerce Google Feed Manager | wp-product-feed-manager |
| WooCommerce License Manager | fs-license-manager |
| WooThumbs for WooCommerce by Iconic | iconic-woothumbs |
| Word Replacer Pro | word-replacer-ultra |
| WordPress Automatic Plugin | wp-automatic |
| WordPress Contact Forms by Cimatti | contact-forms |
| WP Armour – Honeypot Anti Spam | honeypot |
| WP Calameo | wp-calameo |
| WP Fusion Lite – Marketing Automation and CRM Integration for WordPress | wp-fusion-lite |
| WP Go Maps (formerly WP Google Maps) | wp-google-maps |
| WP Popups – WordPress Popup builder | wp-popups-lite |
| WP Recipe Maker | wp-recipe-maker |
| WP Responsive Tabs horizontal vertical and accordion Tabs | responsive-horizontal-vertical-and-accordion-tabs |
| WP SendFox | wp-sendfox |
| WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin | wp-statistics |
| wp-mpdf | wp-mpdf |
| WPBakery Page Builder Addons by Livemesh | addons-for-visual-composer |
| YITH WooCommerce Product Add-Ons | yith-woocommerce-product-add-ons |
| Zippy | zippy |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Blossom Spa | blossom-spa |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2024-27954
CVE-2024-27954
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WordPress Automatic Plugin
WordPress Automatic Plugin
Researcher
CVE-ID
CVE-2024-27956
CVE-2024-27956
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WordPress Automatic Plugin
WordPress Automatic Plugin
Researcher
CVE-ID
CVE-2024-2172
CVE-2024-2172
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Researcher
CVE-ID
CVE-2024-27957
CVE-2024-27957
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
CVE-ID
CVE-2024-27971
CVE-2024-27971
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Premmerce Permalink Manager for WooCommerce
Premmerce Permalink Manager for WooCommerce
Researcher
CVE-ID
CVE-2024-1813
CVE-2024-1813
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Simple Job Board
Simple Job Board
Researcher
Anti-Malware Security and Brute-Force Firewall <= 4.21.96 - Unauthenticated Remote Code Execution
9.0
CVE-ID
CVE-2024-22144
CVE-2024-22144
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Anti-Malware Security and Brute-Force Firewall
Anti-Malware Security and Brute-Force Firewall
Researcher
CVE-ID
CVE-2024-27955
CVE-2024-27955
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WordPress Automatic Plugin
WordPress Automatic Plugin
Researcher
CVE-ID
CVE-2024-1795
CVE-2024-1795
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
HUSKY – Products Filter Professional for WooCommerce
HUSKY – Products Filter Professional for WooCommerce
Researchers
CVE-ID
CVE-2023-5663
CVE-2023-5663
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
News Announcement Scroll
News Announcement Scroll
Researcher
CVE-ID
CVE-2024-1991
CVE-2024-1991
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Researcher
CVE-ID
CVE-2024-1685
CVE-2024-1685
Patch Status
Unpatched
Unpatched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Social Media Share Buttons
Social Media Share Buttons
Researcher
CVE-ID
CVE-2024-1751
CVE-2024-1751
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Tutor LMS – eLearning and online course solution
Researcher
CVE-ID
CVE-2024-27972
CVE-2024-27972
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Researcher
CVE-ID
CVE-2024-0368
CVE-2024-0368
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Hustle – Email Marketing, Lead Generation, Optins, Popups
Hustle – Email Marketing, Lead Generation, Optins, Popups
Researcher
Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.68 - Information Exposure via get_posts API Endpoint
7.5
CVE-ID
CVE-2023-7072
CVE-2023-7072
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Post Grid and Gutenberg Blocks – ComboBlocks
Post Grid and Gutenberg Blocks – ComboBlocks
Researcher
CVE-ID
CVE-2024-1536
CVE-2024-1536
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders
Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders
Researcher
CVE-ID
CVE-2024-2395
CVE-2024-2395
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Bulgarisation for WooCommerce
Bulgarisation for WooCommerce
Researcher
CVE-ID
CVE-2024-0683
CVE-2024-0683
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Bulgarisation for WooCommerce
Bulgarisation for WooCommerce
Researcher
CVE-ID
CVE-2024-29117
CVE-2024-29117
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
WordPress Contact Forms by Cimatti
WordPress Contact Forms by Cimatti
Researcher
CVE-ID
CVE-2024-1812
CVE-2024-1812
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
CVE-ID
CVE-2024-29102
CVE-2024-29102
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Researcher
CVE-ID
CVE-2024-27951
CVE-2024-27951
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Multiple Page Generator Plugin – MPG
Multiple Page Generator Plugin – MPG
Researcher
CVE-ID
CVE-2024-0386
CVE-2024-0386
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
weForms – Easy Drag & Drop Contact Form Builder For WordPress
weForms – Easy Drag & Drop Contact Form Builder For WordPress
Researcher
CVE-ID
CVE-2024-2194
CVE-2024-2194
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin
WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin
Researcher
CVE-ID
CVE-2024-27964
CVE-2024-27964
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Zippy
Zippy
Researcher
CVE-ID
CVE-2024-1080
CVE-2024-1080
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Beaver Builder – WordPress Page Builder
Beaver Builder – WordPress Page Builder
Researcher
CVE-ID
CVE-2024-2181
CVE-2024-2181
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Beaver Builder Addons by WPZOOM
Beaver Builder Addons by WPZOOM
Researcher
CVE-ID
CVE-2024-2183
CVE-2024-2183
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Beaver Builder Addons by WPZOOM
Beaver Builder Addons by WPZOOM
Researcher
CVE-ID
CVE-2024-2185
CVE-2024-2185
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Beaver Builder Addons by WPZOOM
Beaver Builder Addons by WPZOOM
Researcher
CVE-ID
CVE-2024-2186
CVE-2024-2186
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Beaver Builder Addons by WPZOOM
Beaver Builder Addons by WPZOOM
Researcher
CVE-ID
CVE-2024-2187
CVE-2024-2187
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Beaver Builder Addons by WPZOOM
Beaver Builder Addons by WPZOOM
Researcher
CVE-ID
CVE-2024-1894
CVE-2024-1894
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Burst Statistics – Privacy-Friendly Analytics for WordPress
Burst Statistics – Privacy-Friendly Analytics for WordPress
Researcher
CVE-ID
CVE-2024-27963
CVE-2024-27963
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Crisp – Live Chat and Chatbot
Crisp – Live Chat and Chatbot
Researcher
CVE-ID
CVE-2024-2130
CVE-2024-2130
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
CWW Companion
CWW Companion
Researcher
CVE-ID
CVE-2024-29103
CVE-2024-29103
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Database for Contact Form 7
Database for Contact Form 7
Researcher
CVE-ID
CVE-2024-29114
CVE-2024-29114
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Download Manager Pro
Download Manager Pro
Researcher
CVE-ID
CVE-2024-1278
CVE-2024-1278
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Researcher
CVE-ID
CVE-2024-2308
CVE-2024-2308
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
ElementInvader Addons for Elementor
ElementInvader Addons for Elementor
Researcher
CVE-ID
CVE-2024-29107
CVE-2024-29107
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Elementor Addon Elements
Elementor Addon Elements
Researcher
CVE-ID
CVE-2024-1458
CVE-2024-1458
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-1465
CVE-2024-1465
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-1466
CVE-2024-1466
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-1464
CVE-2024-1464
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-1461
CVE-2024-1461
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-1237
CVE-2024-1237
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Elementor Header & Footer Builder
Elementor Header & Footer Builder
Researcher
Elements Plus! <= 2.16.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget links
6.4
CVE-ID
CVE-2024-2335
CVE-2024-2335
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
Elements Plus!
Elements Plus!
Researcher
ElementsKit Elementor addons <= 3.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-1239
CVE-2024-1239
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
ElementsKit Elementor addons
ElementsKit Elementor addons
Researcher
CVE-ID
CVE-2024-2042
CVE-2024-2042
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
ElementsKit Elementor addons
ElementsKit Elementor addons
Researcher
CVE-ID
CVE-2024-1537
CVE-2024-1537
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders
Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders
Researcher
CVE-ID
CVE-2024-29089
CVE-2024-29089
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Five Star Restaurant Menu and Food Ordering
Five Star Restaurant Menu and Food Ordering
Researcher
Free Downloads WooCommerce <= 3.5.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-27969
CVE-2024-27969
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Free Downloads WooCommerce
Free Downloads WooCommerce
Researcher
FV Flowplayer Video Player <= 7.5.41.7212 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-29122
CVE-2024-29122
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
FV Flowplayer Video Player
FV Flowplayer Video Player
Researcher
CVE-ID
CVE-2024-2509
CVE-2024-2509
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Researcher
CVE-ID
CVE-2024-1421
CVE-2024-1421
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-1397
CVE-2024-1397
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researchers
CVE-ID
CVE-2024-1796
CVE-2024-1796
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
HUSKY – Products Filter Professional for WooCommerce
HUSKY – Products Filter Professional for WooCommerce
Researcher
CVE-ID
CVE-2024-2138
CVE-2024-2138
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
JetWidgets For Elementor
JetWidgets For Elementor
Researcher
CVE-ID
CVE-2024-2287
CVE-2024-2287
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Knight Lab Timeline
Knight Lab Timeline
Researcher
CVE-ID
CVE-2024-2249
CVE-2024-2249
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
LA-Studio Element Kit for Elementor
LA-Studio Element Kit for Elementor
Researcher
CVE-ID
CVE-2024-1328
CVE-2024-1328
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Newsletter2Go
Newsletter2Go
Researcher
CVE-ID
CVE-2024-2256
CVE-2024-2256
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
oik
oik
Researcher
CVE-ID
CVE-2024-2226
CVE-2024-2226
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Researcher
CVE-ID
CVE-2024-2369
CVE-2024-2369
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Page Builder Gutenberg Blocks – CoBlocks
Page Builder Gutenberg Blocks – CoBlocks
Researcher
CVE-ID
CVE-2024-0326
CVE-2024-0326
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
Premium Addons for Elementor <= 4.10.23 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-2399
CVE-2024-2399
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
CVE-ID
CVE-2024-1508
CVE-2024-1508
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Researcher
CVE-ID
CVE-2024-1507
CVE-2024-1507
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Researcher
CVE-ID
CVE-2024-1535
CVE-2024-1535
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
CVE-ID
CVE-2024-29118
CVE-2024-29118
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Scrollsequence – Cinematic Scroll Image Animation Plugin
Scrollsequence – Cinematic Scroll Image Animation Plugin
Researcher
CVE-ID
CVE-2024-1450
CVE-2024-1450
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Shariff Wrapper
Shariff Wrapper
Researcher
CVE-ID
CVE-2024-0966
CVE-2024-0966
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Shariff Wrapper
Shariff Wrapper
Researcher
Shariff Wrapper <= 4.6.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-ID
CVE-2023-6500
CVE-2023-6500
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Shariff Wrapper
Shariff Wrapper
Researcher
CVE-ID
CVE-2024-1960
CVE-2024-1960
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Site Reviews <= 6.11.4 - Authenticated(Subscriber+) Stored Cross-Site Scripting via display name
6.4
CVE-ID
CVE-2024-2293
CVE-2024-2293
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Site Reviews
Site Reviews
Researcher
CVE-ID
CVE-2024-29095
CVE-2024-29095
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Site Reviews
Site Reviews
Researcher
CVE-ID
CVE-2024-2286
CVE-2024-2286
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Smart Online Order for Clover <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-29115
CVE-2024-29115
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Smart Online Order for Clover
Smart Online Order for Clover
Researcher
CVE-ID
CVE-2024-27991
CVE-2024-27991
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
SupportCandy – Helpdesk & Customer Support Ticket System
SupportCandy – Helpdesk & Customer Support Ticket System
Researcher
CVE-ID
CVE-2024-27990
CVE-2024-27990
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
The Moneytizer
The Moneytizer
Researcher
CVE-ID
CVE-2024-29104
CVE-2024-29104
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Sell Tickets – Event Ticketing and Event Registration – Ticket Tailor for WordPress
Sell Tickets – Event Ticketing and Event Registration – Ticket Tailor for WordPress
Researcher
CVE-ID
CVE-2024-29097
CVE-2024-29097
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
User profile
User profile
Researcher
CVE-ID
CVE-2024-2423
CVE-2024-2423
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP
Researcher
CVE-ID
CVE-2024-2031
CVE-2024-2031
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Video Conferencing with Zoom
Video Conferencing with Zoom
Researcher
CVE-ID
CVE-2024-27988
CVE-2024-27988
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
WEN Responsive Columns
WEN Responsive Columns
Researcher
CVE-ID
CVE-2024-29098
CVE-2024-29098
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
WP Calameo
WP Calameo
Researcher
CVE-ID
CVE-2024-1582
CVE-2024-1582
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
WP Go Maps (formerly WP Google Maps)
WP Go Maps (formerly WP Google Maps)
Researcher
CVE-ID
CVE-2024-27989
CVE-2024-27989
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
WP Responsive Tabs horizontal vertical and accordion Tabs
WP Responsive Tabs horizontal vertical and accordion Tabs
Researcher
CVE-ID
CVE-2024-2079
CVE-2024-2079
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WPBakery Page Builder Addons by Livemesh
WPBakery Page Builder Addons by Livemesh
Researcher
CVE-ID
CVE-2024-27952
CVE-2024-27952
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Advanced Sermons
Advanced Sermons
Researcher
CVE-ID
CVE-2024-27961
CVE-2024-27961
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
AntiSpam for Contact Form 7
AntiSpam for Contact Form 7
Researcher
CVE-ID
CVE-2024-27959
CVE-2024-27959
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
CVE-ID
CVE-2024-27998
CVE-2024-27998
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
CVE-ID
CVE-2024-27993
CVE-2024-27993
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Calendarista Basic Edition – WordPress appointment booking system
Calendarista Basic Edition – WordPress appointment booking system
Researcher
CVE-ID
CVE-2024-29130
CVE-2024-29130
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Contact Form 7 – PayPal & Stripe Add-on
Contact Form 7 – PayPal & Stripe Add-on
Researcher
CVE-ID
CVE-2024-2242
CVE-2024-2242
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Contact Form 7
Contact Form 7
Researcher
Contact Form by BestWebSoft <= 4.2.8 - Reflected Cross-Site Scripting via cntctfrm_contact_address
6.1
CVE-ID
CVE-2024-2198
CVE-2024-2198
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Researcher
Contact Form by BestWebSoft <= 4.2.8 - Reflected Cross-Site Scripting via cntctfrm_contact_subject
6.1
CVE-ID
CVE-2024-2200
CVE-2024-2200
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Researcher
CVE-ID
CVE-2024-29125
CVE-2024-29125
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Coupon Affiliates – Affiliate Plugin for WooCommerce
Coupon Affiliates – Affiliate Plugin for WooCommerce
Researcher
CVE-ID
CVE-2024-27960
CVE-2024-27960
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Email Subscription Popup
Email Subscription Popup
Researcher
CVE-ID
CVE-2024-29099
CVE-2024-29099
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media
Researcher
CVE-ID
CVE-2024-27987
CVE-2024-27987
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
GiveWP – Donation Plugin and Fundraising Platform
GiveWP – Donation Plugin and Fundraising Platform
Researcher
CVE-ID
CVE-2024-29094
CVE-2024-29094
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
HT Easy GA4 – Google Analytics WordPress Plugin
HT Easy GA4 – Google Analytics WordPress Plugin
Researcher
CVE-ID
CVE-2024-29123
CVE-2024-29123
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Link Library
Link Library
Researcher
CVE-ID
CVE-2024-2325
CVE-2024-2325
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Link Library
Link Library
Researcher
CVE-ID
CVE-2024-27992
CVE-2024-27992
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Link Whisper Free
Link Whisper Free
Researcher
CVE-ID
CVE-2024-29129
CVE-2024-29129
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
OxyExtras
OxyExtras
Researcher
CVE-ID
CVE-2024-29092
CVE-2024-29092
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Permalink Manager Lite
Permalink Manager Lite
Researcher
CVE-ID
CVE-2024-29113
CVE-2024-29113
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Researcher
CVE-ID
CVE-2024-29126
CVE-2024-29126
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Researcher
CVE-ID
CVE-2024-29110
CVE-2024-29110
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Researcher
Themify – WooCommerce Product Filter <= 1.4.3 - Authenticated (Admin+) Stored Cross-Site Scripting
6.1
CVE-ID
CVE-2024-2278
CVE-2024-2278
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Themify – WooCommerce Product Filter
Themify – WooCommerce Product Filter
Researcher
CVE-ID
CVE-2024-2263
CVE-2024-2263
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Themify – WooCommerce Product Filter
Themify – WooCommerce Product Filter
Researcher
CVE-ID
CVE-2024-27958
CVE-2024-27958
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Visualizer: Tables and Charts Manager for WordPress
Visualizer: Tables and Charts Manager for WordPress
Researcher
CVE-ID
CVE-2024-29121
CVE-2024-29121
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
WooCommerce License Manager
WooCommerce License Manager
Researcher
CVE-ID
CVE-2024-29116
CVE-2024-29116
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
WooThumbs for WooCommerce by Iconic
WooThumbs for WooCommerce by Iconic
Researcher
CVE-ID
CVE-2024-29091
CVE-2024-29091
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
WP Armour – Honeypot Anti Spam
WP Armour – Honeypot Anti Spam
Researcher
CVE-ID
CVE-2024-27962
CVE-2024-27962
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
wp-mpdf
wp-mpdf
Researcher
CVE-ID
CVE-2024-27994
CVE-2024-27994
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
YITH WooCommerce Product Add-Ons
YITH WooCommerce Product Add-Ons
Researcher
CVE-ID
CVE-2024-2107
CVE-2024-2107
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Blossom Spa
Blossom Spa
Researcher
CVE-ID
CVE-2024-29124
CVE-2024-29124
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More
Researcher
CVE-ID
CVE-2023-6525
CVE-2023-6525
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
ElementsKit Elementor addons
ElementsKit Elementor addons
Researcher
CVE-ID
CVE-2024-29096
CVE-2024-29096
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
MJM Clinic
MJM Clinic
Researcher
WooCommerce Google Feed Manager <= 2.2.0 - Authenticated (Shop manager+) Stored Cross-Site Scripting
5.5
CVE-ID
CVE-2024-29112
CVE-2024-29112
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
WooCommerce Google Feed Manager
WooCommerce Google Feed Manager
Researcher
CVE-ID
CVE-2024-1213
CVE-2024-1213
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Researcher
CVE-ID
CVE-2024-0592
CVE-2024-0592
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Related Posts for WordPress
Related Posts for WordPress
Researcher
CVE-ID
CVE-2024-1502
CVE-2024-1502
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Tutor LMS – eLearning and online course solution
Researcher
CVE-ID
CVE-2024-1640
CVE-2024-1640
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
CVE-ID
CVE-2024-0906
CVE-2024-0906
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
f(x) Private Site
f(x) Private Site
Researcher
CVE-ID
CVE-2024-1526
CVE-2024-1526
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Hubbub Lite – Fast, Reliable Social Sharing Buttons
Hubbub Lite – Fast, Reliable Social Sharing Buttons
Researcher
CVE-ID
CVE-2015-10130
CVE-2015-10130
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Team Circle Image Slider With Lightbox
Team Circle Image Slider With Lightbox
Researcher
CVE-ID
CVE-2024-1857
CVE-2024-1857
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
CVE-ID
CVE-2024-1733
CVE-2024-1733
Patch Status
Unpatched
Unpatched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Word Replacer Pro
Word Replacer Pro
Researcher
CVE-ID
CVE-2024-2294
CVE-2024-2294
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Backuply – Backup, Restore, Migrate and Clone
Backuply – Backup, Restore, Migrate and Clone
Researcher
CVE-ID
CVE-2024-27995
CVE-2024-27995
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
Researcher
CVE-ID
CVE-2024-2444
CVE-2024-2444
Patch Status
Patched
Patched
Published
Mar 16, 2024
Mar 16, 2024
Affected Software
Inline Related Posts
Inline Related Posts
Researcher
CVE-ID
CVE-2024-27966
CVE-2024-27966
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Researcher
CVE-ID
CVE-2024-27996
CVE-2024-27996
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Survey Maker
Survey Maker
Researcher
CVE-ID
CVE-2024-27997
CVE-2024-27997
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Visual Composer Website Builder
Visual Composer Website Builder
Researcher
CVE-ID
CVE-2023-4839
CVE-2023-4839
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
WP Go Maps (formerly WP Google Maps)
WP Go Maps (formerly WP Google Maps)
Researchers
CVE-ID
CVE-2024-29105
CVE-2024-29105
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
WP Popups – WordPress Popup builder
WP Popups – WordPress Popup builder
Researcher
CVE-ID
CVE-2024-1571
CVE-2024-1571
Patch Status
Patched
Patched
Published
Mar 14, 2024
Mar 14, 2024
Affected Software
WP Recipe Maker
WP Recipe Maker
Researcher
CVE-ID
CVE-2024-27965
CVE-2024-27965
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels
Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels
Researcher
CVE-ID
CVE-2024-1843
CVE-2024-1843
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Auto Affiliate Links
Auto Affiliate Links
Researcher
CVE-ID
CVE-2024-24716
CVE-2024-24716
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Awesome Support – WordPress HelpDesk & Support Plugin
Awesome Support – WordPress HelpDesk & Support Plugin
Researcher
Builder for WooCommerce reviews shortcodes – ReviewShort <= 1.01.3 - Cross-Site Request Forgery
4.3
CVE-ID
CVE-2024-29093
CVE-2024-29093
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
Builder for WooCommerce product reviews shortcodes – ReviewShort
Builder for WooCommerce product reviews shortcodes – ReviewShort
Researcher
CVE-ID
CVE-2024-27953
CVE-2024-27953
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Cryptocurrency Widgets – Price Ticker & Coins List
Cryptocurrency Widgets – Price Ticker & Coins List
Researcher
CVE-ID
CVE-2024-27967
CVE-2024-27967
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
DSGVO All in one for WP
DSGVO All in one for WP
Researcher
CVE-ID
CVE-2024-1214
CVE-2024-1214
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
Researcher
CVE-ID
CVE-2023-4628
CVE-2023-4628
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4629
CVE-2023-4629
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4626
CVE-2023-4626
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4627
CVE-2023-4627
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4731
CVE-2023-4731
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4729
CVE-2023-4729
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
CVE-ID
CVE-2023-4728
CVE-2023-4728
Patch Status
Unpatched
Unpatched
Published
Mar 11, 2024
Mar 11, 2024
Researcher
MasterStudy LMS <= 3.2.13 - Missing Authorization to Sensitive Information Exposure in search_posts
4.3
CVE-ID
CVE-2024-1904
CVE-2024-1904
Patch Status
Patched
Patched
Published
Mar 15, 2024
Mar 15, 2024
Affected Software
MasterStudy LMS WordPress Plugin – for Online Courses and Education
MasterStudy LMS WordPress Plugin – for Online Courses and Education
Researcher
CVE-ID
CVE-2024-1645
CVE-2024-1645
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Mollie Forms
Mollie Forms
Researcher
CVE-ID
CVE-2024-1400
CVE-2024-1400
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Mollie Forms
Mollie Forms
Researcher
CVE-ID
CVE-2024-27968
CVE-2024-27968
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
Super Page Cache
Super Page Cache
Researcher
CVE-ID
CVE-2024-2262
CVE-2024-2262
Patch Status
Patched
Patched
Published
Mar 11, 2024
Mar 11, 2024
Affected Software
Themify – WooCommerce Product Filter
Themify – WooCommerce Product Filter
Researcher
CVE-ID
CVE-2024-1503
CVE-2024-1503
Patch Status
Patched
Patched
Published
Mar 12, 2024
Mar 12, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Tutor LMS – eLearning and online course solution
Researcher
CVE-ID
CVE-2024-2322
CVE-2024-2322
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WooCommerce Cart Abandonment Recovery
WooCommerce Cart Abandonment Recovery
Researcher
CVE-ID
CVE-2024-27970
CVE-2024-27970
Patch Status
Patched
Patched
Published
Mar 13, 2024
Mar 13, 2024
Affected Software
WP SendFox
WP SendFox
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments