Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 214 vulnerabilities disclosed in 172 WordPress Plugins and 3 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 60 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- WP Datepicker <= 2.1.0 – Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
- WAF-RULE-691 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 179 |
| Unpatched | 35 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Low Severity | 1 |
| Medium Severity | 184 |
| High Severity | 17 |
| Critical Severity | 12 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 118 |
| Missing Authorization | 43 |
| Cross-Site Request Forgery (CSRF) | 15 |
| Authorization Bypass Through User-Controlled Key | 6 |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 5 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 5 |
| Exposure of Sensitive Information to an Unauthorized Actor | 3 |
| Unrestricted Upload of File with Dangerous Type | 3 |
| Deserialization of Untrusted Data | 2 |
| Improper Control of Generation of Code ('Code Injection') | 2 |
| Insertion of Sensitive Information into Log File | 2 |
| Server-Side Request Forgery (SSRF) | 2 |
| Exposure of Sensitive Information Through Metadata | 1 |
| Guessable CAPTCHA | 1 |
| Improper Authentication | 1 |
| Improper Authorization | 1 |
| Improper Input Validation | 1 |
| Incorrect Privilege Assignment | 1 |
| Not Failing Securely ('Failing Open') | 1 |
| Protection Mechanism Failure | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 15 | |
| 12 | |
| 12 | |
| 11 | |
| 11 | |
| 10 | |
| 10 | |
| 10 | |
| 9 | |
| 8 | |
| 8 | |
| 8 | |
| 7 | |
| 6 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| 2Checkout Payment Gateway for WooCommerce | woocommerce-2checkout-payment |
| Access Category Password | access-category-password |
| Active Products Tables for WooCommerce. Use constructor to create tables | profit-products-tables-for-woocommerce |
| Add Custom CSS and JS | add-custom-css-and-js |
| AI Infographic Maker | infographic-and-list-builder-ilist |
| App Builder – Create Native Android & iOS Apps On The Flight | app-builder |
| Attesa Extra | attesa-extra |
| Automatic QR Code Generator – QR Code Composer | qr-code-composer |
| BA Book Everything | ba-book-everything |
| Backend Designer | backend-designer |
| Backup Migration | backup-backup |
| Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. | barcode-scanner-lite-pos-to-manage-products-inventory-and-orders |
| BMI Adult & Kid Calculator | bmi-adultkid-calculator |
| Bulk Block Converter | bulk-block-converter |
| Canva – Design beautiful blog graphics | canva |
| CBX Bookmark & Favorite | cbxwpbookmark |
| Click to Chat – HoliThemes | click-to-chat-for-whatsapp |
| Code Insert Manager (Q2W3 Inc Manager) | q2w3-inc-manager |
| Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More | content-control |
| Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) | gdpr-cookie-consent |
| Cornerstone | cornerstone |
| Country State City Dropdown CF7 | country-state-city-auto-dropdown |
| Crelly Slider | crelly-slider |
| Custom Order Statuses for WooCommerce | custom-order-statuses-for-woocommerce |
| Custom Thank You Page Customize For WooCommerce by Binary Carpenter | bc-woo-custom-thank-you-pages |
| Customer Reviews for WooCommerce | customer-reviews-woocommerce |
| Debug Log Manager | debug-log-manager |
| Delete Custom Fields | delete-custom-fields |
| DethemeKit For Elementor | dethemekit-for-elementor |
| DirectoryPress – Business Directory And Classified Ad Listing | directorypress |
| Ditty – Responsive News Tickers, Sliders, and Lists | ditty-news-ticker |
| DSGVO Youtube | dsgvo-youtube |
| EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory | ean-for-woocommerce |
| Easy CountDowner | easy-countdowner |
| Easy Custom Auto Excerpt | easy-custom-auto-excerpt |
| Easy Textillate | easy-textillate |
| EasyEvent | easyevent |
| eCommerce Product Catalog Plugin for WordPress | ecommerce-product-catalog |
| EleForms – All In One Form Integration including DB for Elementor | all-contact-form-integration-for-elementor |
| Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) | bdthemes-element-pack-lite |
| Elements Plus! | elements-plus |
| ElementsKit Pro | elementskit |
| Email Subscribers by Icegram Express – Affordable, Powerful Email Marketing for WordPress & WooCommerce | email-subscribers |
| Enhanced Media Library | enhanced-media-library |
| Envo Extra | envo-extra |
| EnvÃaloSimple: Email Marketing y Newsletters | envialosimple-email-marketing-y-newsletters-gratis |
| ePoll – Best WordPress Voting Plugin for Poll & Contest | epoll-wp-voting |
| Essential Addons for Elementor Pro | essential-addons-elementor |
| Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders | essential-addons-for-elementor-lite |
| Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates | essential-blocks |
| Exclusive Addons for Elementor | exclusive-addons-for-elementor |
| Fancy Product Designer | fancy-product-designer |
| FileBird – WordPress Media Library Folders & File Manager | filebird |
| Fixed HTML Toolbar | fixed-html-toolbar |
| Flash Video Player | flash-video-player |
| Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder | form-maker |
| Forminator Forms – Contact Form, Payment Form & Custom Form Builder | forminator |
| Frontend Admin by DynamiApps | acf-frontend-form-element |
| GG Woo Feed for WooCommerce Shopping Feed on Google and Other Channels | gg-woo-feed |
| Happy Addons for Elementor | happy-elementor-addons |
| hCaptcha for WP | hcaptcha-for-forms-and-more |
| HelloAsso | helloasso |
| HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
| HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce | hurrytimer |
| HUSKY – Products Filter Professional for WooCommerce | woocommerce-products-filter |
| Icon Widget | icon-widget |
| Import Content in WordPress & WooCommerce with Excel | content-excel-importer |
| Jobs for WordPress | job-postings |
| Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms | embed-form |
| Knight Lab Timeline | knight-lab-timelinejs |
| Language Switcher for Transposh | language-switcher-for-transposh |
| LearnPress Export Import – WordPress extension for LearnPress | learnpress-import-export |
| LearnPress – WordPress LMS Plugin | learnpress |
| LetterPress – Elevate Your WordPress Site's E-Mail Campaigns and Marketing | letterpress |
| LH Add Media From Url | lh-add-media-from-url |
| LiveJournal Shortcode | livejournal-shortcode |
| Login with phone number | login-with-phone-number |
| LoginPress Pro | loginpress-pro |
| Mailster - Email Newsletter Plugin for WordPress | mailster |
| Master Slider – Responsive Touch Slider | master-slider |
| MaxGalleria | maxgalleria |
| Media Library Folders | media-library-plus |
| Mega Addons For Elementor | ultimate-addons-for-elementor |
| Mega Elements – Addons for Elementor | mega-elements-addons-for-elementor |
| MF Gig Calendar | mf-gig-calendar |
| MJ Update History | mj-update-history |
| Mortgage Calculators WP | mortgage-calculators-wp |
| Multi Currency For WooCommerce | wc-multi-currency |
| MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more | woorewards |
| Navigation menu as Dropdown Widget | navigation-menu-as-dropdown-widget |
| Netgsm | netgsm |
| Open Close WooCommerce Store – Best Business Schedules Manager | woc-open-close |
| Order Limit for WooCommerce | wc-order-limit-lite |
| Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | otter-blocks |
| Ovic Responsive WPBakery | ovic-vc-addon |
| Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | paid-memberships-pro |
| PeproDev CF7 Database | pepro-cf7-database |
| PeproDev Ultimate Invoice | pepro-ultimate-invoice |
| Poll Maker – Versus Polls, Anonymous Polls, Image Polls | poll-maker |
| Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions | popup-anything-on-click |
| Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX | ultimate-post |
| Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) | bdthemes-prime-slider-lite |
| Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds | woo-product-feed-pro |
| ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
| Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress | radio-player |
| Real Media Library: Media Library Folder & File Manager | real-media-library-lite |
| Real3D Flipbook Lite – 3D FlipBook, PDF Viewer, PDF Embedder | real3d-flipbook-lite |
| Really Simple Security – Simple and Performant Security (formerly Really Simple SSL) | really-simple-ssl |
| reCAPTCHA Jetpack | recaptcha-jetpack |
| Regenerate post permalink | regenerate-post-permalinks |
| Related Posts for WordPress | microkids-related-posts |
| Restaurant Menu – Food Ordering System – Table Reservation | menu-ordering-reservations |
| Royal Elementor Addons and Templates | royal-elementor-addons |
| RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator | feedzy-rss-feeds |
| RSS Feed Widget | rss-feed-widget |
| Salient Core | salient-core |
| Salient Shortcodes | salient-shortcodes |
| Save as PDF Plugin by Pdfcrowd | save-as-pdf-by-pdfcrowd |
| Shared Files – Frontend File Upload Form & Secure File Sharing | shared-files |
| ShopLentor – WooCommerce Builder for Elementor & Gutenberg +16 Modules – All in One Solution (formerly WooLentor) | woolentor-addons |
| Shortcodes and extra features for Phlox theme | auxin-elements |
| Simple Registration for WooCommerce | woocommerce-simple-registration |
| Simple Testimonials Showcase | simple-testimonials-showcase |
| Slider by 10Web – Responsive Image Slider | slider-wd |
| Smart Forms – when you need more than just a contact form | smart-forms |
| SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer | smartcrawl-seo |
| SP Project & Document Manager | sp-client-document-manager |
| Speed Optimizer – The All-In-One Performance-Boosting Plugin | sg-cachepress |
| SSL Certificate – Free SSL, HTTPS by SSL Zen | ssl-zen |
| Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce | support-genix-lite |
| Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | taggbox-widget |
| tagDiv Composer | td-composer |
| Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds | tagembed-widget |
| Tax Rate Upload | tax-rate-upload |
| Theme My Login | theme-my-login |
| TrackShip for WooCommerce | trackship-for-woocommerce |
| UnGallery | ungallery |
| User Registration & Membership – Custom Registration Form, Login Form, and User Profile | user-registration |
| VikBooking Hotel Booking Engine & PMS | vikbooking |
| Void Elementor WHMCS Elements For Elementor Page Builder | void-elementor-whmcs-elements |
| What's New Generator | whats-new-genarator |
| WooCommerce Google Feed Manager | wp-product-feed-manager |
| WooCommerce Multilingual & Multicurrency with WPML | woocommerce-multilingual |
| WordPress Automatic Plugin | wp-automatic |
| WordPress Menu Plugin — Superfly Responsive Menu | superfly-menu |
| WordPress Simple HTML Sitemap | wp-simple-html-sitemap |
| WP 2FA – Two-factor authentication for WordPress | wp-2fa |
| WP 404 Auto Redirect to Similar Post | wp-404-auto-redirect-to-similar-post |
| WP Club Manager – WordPress Sports Club Plugin | wp-club-manager |
| WP Cost Estimation & Payment Forms Builder | wp-estimation-form |
| WP Dummy Content Generator | wp-dummy-content-generator |
| WP Dynamic Keywords Injector | wp-dynamic-keywords-injector |
| WP File Download Light | wp-file-download-light |
| WP Helper Premium | wp-helper-lite |
| WP Meta SEO | wp-meta-seo |
| WP Show Posts | wp-show-posts |
| WP Smart Import : Import any XML File to WordPress | wp-smart-import |
| WP Social Comments | gs-facebook-comments |
| WP Stripe Checkout | wp-stripe-checkout |
| WP TradingView | wp-tradingview |
| WP Ultimate Review | wp-ultimate-review |
| WP-Cufon | wp-cufon |
| WP-FormAssembly | formassembly-web-forms |
| WP-Lister Lite for eBay | wp-lister-for-ebay |
| WP-Recall – Registration, Profile, Commerce & More | wp-recall |
| WPB Show Core | wpb-show-core |
| WPBITS Addons For Elementor Page Builder | wpbits-addons-for-elementor |
| WPC Frequently Bought Together for WooCommerce | woo-bought-together |
| WPC Grouped Product for WooCommerce | wpc-grouped-product |
| Yoga Schedule Momoyoga | momoyoga-integration |
| Zero Spam for WordPress | zero-spam |
| Zynith SEO | zynith-seo |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| GuCherry Blog | gucherry-blog |
| Newspaper - News & WooCommerce WordPress Theme | Newspaper |
| Tainacan Interface | tainacan-interface |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2024-32599
CVE-2024-32599
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Dummy Content Generator
WP Dummy Content Generator
Researcher
CVE-ID
CVE-2024-32680
CVE-2024-32680
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
HUSKY – Products Filter Professional for WooCommerce
HUSKY – Products Filter Professional for WooCommerce
Researcher
CVE-ID
CVE-2024-32514
CVE-2024-32514
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
ePoll – Best WordPress Voting Plugin for Poll & Contest
ePoll – Best WordPress Voting Plugin for Poll & Contest
Researcher
CVE-ID
CVE-2024-32551
CVE-2024-32551
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
SP Project & Document Manager
SP Project & Document Manager
Researcher
CVE-ID
CVE-2024-28890
CVE-2024-28890
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-3729
CVE-2024-3729
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Frontend Admin by DynamiApps
Frontend Admin by DynamiApps
Researcher
CVE-ID
CVE-2024-2876
CVE-2024-2876
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
CVE-ID
CVE-2024-32523
CVE-2024-32523
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Mailster - Email Newsletter Plugin for WordPress
Mailster - Email Newsletter Plugin for WordPress
Researcher
CVE-ID
CVE-2024-32600
CVE-2024-32600
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Master Slider – Responsive Touch Slider
Master Slider – Responsive Touch Slider
Researcher
CVE-ID
CVE-2024-32511
CVE-2024-32511
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Simple Registration for WooCommerce
Simple Registration for WooCommerce
Researcher
CVE-ID
CVE-2024-31077
CVE-2024-31077
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-32602
CVE-2024-32602
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WooCommerce Multilingual & Multicurrency with WPML
WooCommerce Multilingual & Multicurrency with WPML
Researcher
CVE-ID
CVE-2024-3849
CVE-2024-3849
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Click to Chat – HoliThemes
Click to Chat – HoliThemes
Researcher
Login with phone number <= 1.7.16 - Unauthorized Account Password Change to Privilege Escalation
8.8
CVE-ID
CVE-2024-32507
CVE-2024-32507
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Login with phone number
Login with phone number
Researcher
CVE-ID
CVE-2024-3810
CVE-2024-3810
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Salient Shortcodes
Salient Shortcodes
Researcher
CVE-ID
CVE-2024-3813
CVE-2024-3813
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
tagDiv Composer
tagDiv Composer
Researcher
CVE-ID
CVE-2024-2417
CVE-2024-2417
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
User Registration & Membership – Custom Registration Form, Login Form, and User Profile
User Registration & Membership – Custom Registration Form, Login Form, and User Profile
Researcher
CVE-ID
CVE-2024-1567
CVE-2024-1567
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Royal Elementor Addons and Templates
Royal Elementor Addons and Templates
Researcher
CVE-ID
CVE-2023-6214
CVE-2023-6214
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-3812
CVE-2024-3812
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Salient Core
Salient Core
Researcher
CVE-ID
CVE-2023-7064
CVE-2023-7064
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researchers
CVE-ID
CVE-2024-32582
CVE-2024-32582
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Debug Log Manager
Debug Log Manager
Researcher
CVE-ID
CVE-2024-32567
CVE-2024-32567
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
DirectoryPress – Business Directory And Classified Ad Listing
DirectoryPress – Business Directory And Classified Ad Listing
Researcher
CVE-ID
CVE-2024-2082
CVE-2024-2082
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
EleForms – All In One Form Integration including DB for Elementor
EleForms – All In One Form Integration including DB for Elementor
Researcher
CVE-ID
CVE-2024-3600
CVE-2024-3600
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Poll Maker – Versus Polls, Anonymous Polls, Image Polls
Poll Maker – Versus Polls, Anonymous Polls, Image Polls
Researcher
CVE-ID
CVE-2024-3067
CVE-2024-3067
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WooCommerce Google Feed Manager
WooCommerce Google Feed Manager
Researcher
CVE-ID
CVE-2023-6961
CVE-2023-6961
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Meta SEO
WP Meta SEO
Researcher
CVE-ID
CVE-2024-32541
CVE-2024-32541
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP-Cufon
WP-Cufon
Researcher
CVE-ID
CVE-2024-32562
CVE-2024-32562
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Zynith SEO
Zynith SEO
Researcher
CVE-ID
CVE-2024-32691
CVE-2024-32691
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Researcher
CVE-ID
CVE-2024-3295
CVE-2024-3295
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
User Registration & Membership – Custom Registration Form, Login Form, and User Profile
User Registration & Membership – Custom Registration Form, Login Form, and User Profile
Researcher
CVE-ID
CVE-2024-32565
CVE-2024-32565
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
App Builder – Create Native Android & iOS Apps On The Flight
App Builder – Create Native Android & iOS Apps On The Flight
Researcher
CVE-ID
CVE-2024-32594
CVE-2024-32594
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Attesa Extra
Attesa Extra
Researcher
BA Book Everything <= 1.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-ID
CVE-2024-3672
CVE-2024-3672
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
BA Book Everything
BA Book Everything
Researcher
CVE-ID
CVE-2024-32589
CVE-2024-32589
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
CVE-ID
CVE-2024-32577
CVE-2024-32577
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
CBX Bookmark & Favorite
CBX Bookmark & Favorite
Researcher
CVE-ID
CVE-2024-32508
CVE-2024-32508
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
DethemeKit For Elementor
DethemeKit For Elementor
Researcher
CVE-ID
CVE-2024-32596
CVE-2024-32596
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
DSGVO Youtube
DSGVO Youtube
Researcher
CVE-ID
CVE-2023-6892
CVE-2023-6892
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
Researcher
CVE-ID
CVE-2024-32526
CVE-2024-32526
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Easy Textillate
Easy Textillate
Researcher
CVE-ID
CVE-2024-1429
CVE-2024-1429
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Researcher
CVE-ID
CVE-2024-1426
CVE-2024-1426
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Researcher
CVE-ID
CVE-2024-32457
CVE-2024-32457
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Elements Plus!
Elements Plus!
Researcher
CVE-ID
CVE-2024-3598
CVE-2024-3598
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
ElementsKit Pro
ElementsKit Pro
Researcher
CVE-ID
CVE-2024-32456
CVE-2024-32456
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Envo Extra
Envo Extra
Researcher
CVE-ID
CVE-2024-3333
CVE-2024-3333
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
CVE-ID
CVE-2024-3645
CVE-2024-3645
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Essential Addons for Elementor Pro
Essential Addons for Elementor Pro
Researcher
CVE-ID
CVE-2024-2751
CVE-2024-2751
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Exclusive Addons for Elementor
Exclusive Addons for Elementor
Researcher
CVE-ID
CVE-2024-2503
CVE-2024-2503
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Exclusive Addons for Elementor
Exclusive Addons for Elementor
Researcher
CVE-ID
CVE-2024-2345
CVE-2024-2345
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
FileBird – WordPress Media Library Folders & File Manager
FileBird – WordPress Media Library Folders & File Manager
Researcher
CVE-ID
CVE-2024-3891
CVE-2024-3891
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Happy Addons for Elementor
Happy Addons for Elementor
Researcher
CVE-ID
CVE-2024-3724
CVE-2024-3724
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Happy Addons for Elementor
Happy Addons for Elementor
Researcher
CVE-ID
CVE-2024-4014
CVE-2024-4014
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
hCaptcha for WP
hCaptcha for WP
Researcher
CVE-ID
CVE-2024-2085
CVE-2024-2085
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-2084
CVE-2024-2084
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-2790
CVE-2024-2790
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researchers
CVE-ID
CVE-2024-3307
CVE-2024-3307
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-3308
CVE-2024-3308
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
HT Mega – Absolute Addons For Elementor
Researcher
CVE-ID
CVE-2024-32556
CVE-2024-32556
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce
HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce
Researcher
CVE-ID
CVE-2024-1993
CVE-2024-1993
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Icon Widget
Icon Widget
Researcher
CVE-ID
CVE-2024-2542
CVE-2024-2542
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Researcher
CVE-ID
CVE-2024-32554
CVE-2024-32554
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Knight Lab Timeline
Knight Lab Timeline
Researcher
CVE-ID
CVE-2024-3560
CVE-2024-3560
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
LearnPress – WordPress LMS Plugin
LearnPress – WordPress LMS Plugin
Researcher
CVE-ID
CVE-2024-3773
CVE-2024-3773
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
LiveJournal Shortcode
LiveJournal Shortcode
Researcher
CVE-ID
CVE-2024-32580
CVE-2024-32580
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Master Slider – Responsive Touch Slider
Master Slider – Responsive Touch Slider
Researcher
CVE-ID
CVE-2024-32575
CVE-2024-32575
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Mega Elements – Addons for Elementor
Mega Elements – Addons for Elementor
Researcher
CVE-ID
CVE-2024-32581
CVE-2024-32581
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Mortgage Calculators WP
Mortgage Calculators WP
Researcher
CVE-ID
CVE-2024-3725
CVE-2024-3725
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Researcher
CVE-ID
CVE-2024-32564
CVE-2024-32564
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX
Researcher
CVE-ID
CVE-2024-32560
CVE-2024-32560
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Automatic QR Code Generator – QR Code Composer
Automatic QR Code Generator – QR Code Composer
Researcher
CVE-ID
CVE-2024-2328
CVE-2024-2328
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Real Media Library: Media Library Folder & File Manager
Real Media Library: Media Library Folder & File Manager
Researcher
CVE-ID
CVE-2024-32579
CVE-2024-32579
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Restaurant Menu – Food Ordering System – Table Reservation
Restaurant Menu – Food Ordering System – Table Reservation
Researcher
CVE-ID
CVE-2023-6805
CVE-2023-6805
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
Researcher
Salient Shortcodes <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-ID
CVE-2024-3811
CVE-2024-3811
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Salient Shortcodes
Salient Shortcodes
Researcher
CVE-ID
CVE-2024-1057
CVE-2024-1057
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
CVE-ID
CVE-2024-3517
CVE-2024-3517
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researcher
CVE-ID
CVE-2024-1533
CVE-2024-1533
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researcher
CVE-ID
CVE-2024-3341
CVE-2024-3341
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researcher
CVE-ID
CVE-2024-1357
CVE-2024-1357
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researcher
CVE-ID
CVE-2024-1396
CVE-2024-1396
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researchers
CVE-ID
CVE-2024-1348
CVE-2024-1348
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Shortcodes and extra features for Phlox theme
Shortcodes and extra features for Phlox theme
Researcher
Simple Testimonials Showcase <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-32530
CVE-2024-32530
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Simple Testimonials Showcase
Simple Testimonials Showcase
Researcher
CVE-ID
CVE-2024-32552
CVE-2024-32552
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics
Researcher
CVE-ID
CVE-2024-32561
CVE-2024-32561
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds
Researcher
CVE-ID
CVE-2024-32592
CVE-2024-32592
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Void Elementor WHMCS Elements For Elementor Page Builder
Void Elementor WHMCS Elements For Elementor Page Builder
Researcher
CVE-ID
CVE-2024-32553
CVE-2024-32553
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WordPress Menu Plugin — Superfly Responsive Menu
WordPress Menu Plugin — Superfly Responsive Menu
Researcher
CVE-ID
CVE-2024-32566
CVE-2024-32566
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Club Manager – WordPress Sports Club Plugin
WP Club Manager – WordPress Sports Club Plugin
Researcher
CVE-ID
CVE-2024-32597
CVE-2024-32597
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Smart Import : Import any XML File to WordPress
WP Smart Import : Import any XML File to WordPress
Researcher
CVE-ID
CVE-2024-32571
CVE-2024-32571
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Stripe Checkout
WP Stripe Checkout
Researcher
CVE-ID
CVE-2024-32536
CVE-2024-32536
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP TradingView
WP TradingView
Researcher
CVE-ID
CVE-2023-49768
CVE-2023-49768
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP-FormAssembly
WP-FormAssembly
Researcher
CVE-ID
CVE-2024-32593
CVE-2024-32593
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WPBITS Addons For Elementor Page Builder
WPBITS Addons For Elementor Page Builder
Researcher
CVE-ID
CVE-2024-32529
CVE-2024-32529
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Yoga Schedule Momoyoga
Yoga Schedule Momoyoga
Researcher
CVE-ID
CVE-2024-32694
CVE-2024-32694
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Real3D Flipbook Lite – 3D FlipBook, PDF Viewer, PDF Embedder
Real3D Flipbook Lite – 3D FlipBook, PDF Viewer, PDF Embedder
Researcher
CVE-ID
CVE-2024-32535
CVE-2024-32535
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Access Category Password
Access Category Password
Researcher
CVE-ID
CVE-2024-3903
CVE-2024-3903
Patch Status
Unpatched
Unpatched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Add Custom CSS and JS
Add Custom CSS and JS
Researcher
CVE-ID
CVE-2024-32542
CVE-2024-32542
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Bulk Block Converter
Bulk Block Converter
Researcher
CVE-ID
CVE-2024-32545
CVE-2024-32545
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Canva – Design beautiful blog graphics
Canva – Design beautiful blog graphics
Researcher
CVE-ID
CVE-2024-32547
CVE-2024-32547
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Code Insert Manager (Q2W3 Inc Manager)
Code Insert Manager (Q2W3 Inc Manager)
Researcher
CVE-ID
CVE-2024-32570
CVE-2024-32570
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Cornerstone
Cornerstone
Researcher
CVE-ID
CVE-2024-3731
CVE-2024-3731
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Customer Reviews for WooCommerce
Customer Reviews for WooCommerce
Researcher
CVE-ID
CVE-2024-0613
CVE-2024-0613
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Delete Custom Fields
Delete Custom Fields
Researcher
CVE-ID
CVE-2024-32538
CVE-2024-32538
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Easy CountDowner
Easy CountDowner
Researcher
CVE-ID
CVE-2024-32558
CVE-2024-32558
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
eCommerce Product Catalog Plugin for WordPress
eCommerce Product Catalog Plugin for WordPress
Researcher
CVE-ID
CVE-2024-32587
CVE-2024-32587
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
EnvÃaloSimple: Email Marketing y Newsletters
EnvÃaloSimple: Email Marketing y Newsletters
Researcher
CVE-ID
CVE-2024-31857
CVE-2024-31857
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-32531
CVE-2024-32531
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
GuCherry Blog
GuCherry Blog
Researcher
CVE-ID
CVE-2024-32585
CVE-2024-32585
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Import Content in WordPress & WooCommerce with Excel
Import Content in WordPress & WooCommerce with Excel
Researcher
CVE-ID
CVE-2024-2833
CVE-2024-2833
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Jobs for WordPress
Jobs for WordPress
Researcher
CVE-ID
CVE-2024-32695
CVE-2024-32695
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Language Switcher for Transposh
Language Switcher for Transposh
Researcher
CVE-ID
CVE-2024-32588
CVE-2024-32588
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
LearnPress Export Import – WordPress extension for LearnPress
LearnPress Export Import – WordPress extension for LearnPress
Researcher
CVE-ID
CVE-2024-32533
CVE-2024-32533
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
LH Add Media From Url
LH Add Media From Url
Researcher
CVE-ID
CVE-2024-3615
CVE-2024-3615
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Media Library Folders
Media Library Folders
Researcher
CVE-ID
CVE-2024-32543
CVE-2024-32543
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
MJ Update History
MJ Update History
Researcher
CVE-ID
CVE-2024-32544
CVE-2024-32544
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Netgsm
Netgsm
Researcher
CVE-ID
CVE-2024-3941
CVE-2024-3941
Patch Status
Unpatched
Unpatched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
reCAPTCHA Jetpack
reCAPTCHA Jetpack
Researcher
CVE-ID
CVE-2024-32578
CVE-2024-32578
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Slider by 10Web – Responsive Image Slider
Slider by 10Web – Responsive Image Slider
Researcher
CVE-ID
CVE-2024-3867
CVE-2024-3867
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Tainacan Interface
Tainacan Interface
Researcher
CVE-ID
CVE-2024-32546
CVE-2024-32546
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Tax Rate Upload
Tax Rate Upload
Researcher
CVE-ID
CVE-2024-3582
CVE-2024-3582
Patch Status
Unpatched
Unpatched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
UnGallery
UnGallery
Researcher
CVE-ID
CVE-2024-32563
CVE-2024-32563
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
VikBooking Hotel Booking Engine & PMS
VikBooking Hotel Booking Engine & PMS
Researcher
CVE-ID
CVE-2024-32574
CVE-2024-32574
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WordPress Simple HTML Sitemap
WordPress Simple HTML Sitemap
Researcher
CVE-ID
CVE-2024-32568
CVE-2024-32568
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP 2FA – Two-factor authentication for WordPress
WP 2FA – Two-factor authentication for WordPress
Researcher
WP 404 Auto Redirect to Similar Post <= 1.0.4 - Reflected Cross-Site Scripting via Debug Mode URI
6.1
CVE-ID
CVE-2024-32559
CVE-2024-32559
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP 404 Auto Redirect to Similar Post
WP 404 Auto Redirect to Similar Post
Researcher
CVE-ID
CVE-2024-32510
CVE-2024-32510
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP Cost Estimation & Payment Forms Builder
WP Cost Estimation & Payment Forms Builder
Researcher
CVE-ID
CVE-2024-32528
CVE-2024-32528
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP Dynamic Keywords Injector
WP Dynamic Keywords Injector
Researcher
CVE-ID
CVE-2024-32595
CVE-2024-32595
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Helper Premium
WP Helper Premium
Researcher
CVE-ID
CVE-2024-1958
CVE-2024-1958
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
WPB Show Core
WPB Show Core
Researcher
CVE-ID
CVE-2024-3815
CVE-2024-3815
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Newspaper - News & WooCommerce WordPress Theme
Newspaper - News & WooCommerce WordPress Theme
Researcher
CVE-ID
CVE-2024-31229
CVE-2024-31229
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)
Really Simple Security – Simple and Performant Security (formerly Really Simple SSL)
Researcher
tagDiv Composer <= 4.8 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta
5.5
CVE-ID
CVE-2024-3814
CVE-2024-3814
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
tagDiv Composer
tagDiv Composer
Researcher
CVE-ID
CVE-2024-32696
CVE-2024-32696
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
AI Infographic Maker
AI Infographic Maker
Researcher
CVE-ID
CVE-2024-32569
CVE-2024-32569
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Ditty – Responsive News Tickers, Sliders, and Lists
Ditty – Responsive News Tickers, Sliders, and Lists
Researcher
CVE-ID
CVE-2024-2840
CVE-2024-2840
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Enhanced Media Library
Enhanced Media Library
Researcher
CVE-ID
CVE-2024-3818
CVE-2024-3818
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
Researcher
CVE-ID
CVE-2024-2346
CVE-2024-2346
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
FileBird – WordPress Media Library Folders & File Manager
FileBird – WordPress Media Library Folders & File Manager
Researcher
CVE-ID
CVE-2024-32688
CVE-2024-32688
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
CVE-ID
CVE-2024-1730
CVE-2024-1730
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Researcher
CVE-ID
CVE-2024-2749
CVE-2024-2749
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
VikBooking Hotel Booking Engine & PMS
VikBooking Hotel Booking Engine & PMS
Researcher
CVE-ID
CVE-2024-32693
CVE-2024-32693
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
WordPress Automatic Plugin
WordPress Automatic Plugin
Researcher
CVE-ID
CVE-2024-0629
CVE-2024-0629
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
2Checkout Payment Gateway for WooCommerce
2Checkout Payment Gateway for WooCommerce
Researcher
CVE-ID
CVE-2024-32686
CVE-2024-32686
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Backup Migration
Backup Migration
Researcher
CVE-ID
CVE-2024-0615
CVE-2024-0615
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
CVE-ID
CVE-2024-3312
CVE-2024-3312
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Easy Custom Auto Excerpt
Easy Custom Auto Excerpt
Researcher
CVE-ID
CVE-2024-2043
CVE-2024-2043
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
EleForms – All In One Form Integration including DB for Elementor
EleForms – All In One Form Integration including DB for Elementor
Researcher
CVE-ID
CVE-2024-32676
CVE-2024-32676
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
LoginPress Pro
LoginPress Pro
Researcher
CVE-ID
CVE-2024-32677
CVE-2024-32677
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
LoginPress Pro
LoginPress Pro
Researcher
CVE-ID
CVE-2024-32675
CVE-2024-32675
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Order Limit for WooCommerce
Order Limit for WooCommerce
Researcher
CVE-ID
CVE-2024-3215
CVE-2024-3215
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions
Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions
Researcher
CVE-ID
CVE-2024-32518
CVE-2024-32518
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
PeproDev Ultimate Invoice
PeproDev Ultimate Invoice
Researcher
CVE-ID
CVE-2024-3601
CVE-2024-3601
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Poll Maker – Versus Polls, Anonymous Polls, Image Polls
Poll Maker – Versus Polls, Anonymous Polls, Image Polls
Researcher
CVE-ID
CVE-2024-32601
CVE-2024-32601
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions
Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions
Researcher
CVE-ID
CVE-2024-32682
CVE-2024-32682
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Researcher
CVE-ID
CVE-2024-32513
CVE-2024-32513
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Researcher
CVE-ID
CVE-2024-32679
CVE-2024-32679
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Shared Files – Frontend File Upload Form & Secure File Sharing
Shared Files – Frontend File Upload Form & Secure File Sharing
Researcher
CVE-ID
CVE-2024-3287
CVE-2024-3287
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer
Researcher
CVE-ID
CVE-2024-32532
CVE-2024-32532
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Speed Optimizer – The All-In-One Performance-Boosting Plugin
Speed Optimizer – The All-In-One Performance-Boosting Plugin
Researcher
CVE-ID
CVE-2024-1076
CVE-2024-1076
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
SSL Certificate – Free SSL, HTTPS by SSL Zen
SSL Certificate – Free SSL, HTTPS by SSL Zen
Researcher
CVE-ID
CVE-2023-49742
CVE-2023-49742
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce
Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce
Researcher
CVE-ID
CVE-2024-32678
CVE-2024-32678
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
TrackShip for WooCommerce
TrackShip for WooCommerce
Researcher
CVE-ID
CVE-2024-3599
CVE-2024-3599
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
CVE-ID
CVE-2024-32509
CVE-2024-32509
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP Cost Estimation & Payment Forms Builder
WP Cost Estimation & Payment Forms Builder
Researcher
CVE-ID
CVE-2023-6962
CVE-2023-6962
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Meta SEO
WP Meta SEO
Researcher
CVE-ID
CVE-2024-32684
CVE-2024-32684
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
WP Ultimate Review
WP Ultimate Review
Researcher
CVE-ID
CVE-2024-32683
CVE-2024-32683
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
WP Ultimate Review
WP Ultimate Review
Researcher
CVE-ID
CVE-2024-32685
CVE-2024-32685
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
WP Ultimate Review
WP Ultimate Review
Researcher
CVE-ID
CVE-2024-32521
CVE-2024-32521
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Zero Spam for WordPress
Zero Spam for WordPress
Researcher
CVE-ID
CVE-2024-32598
CVE-2024-32598
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
BA Book Everything
BA Book Everything
Researcher
CVE-ID
CVE-2024-32591
CVE-2024-32591
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Backend Designer
Backend Designer
Researcher
CVE-ID
CVE-2024-3752
CVE-2024-3752
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Crelly Slider
Crelly Slider
Researcher
CVE-ID
CVE-2024-3628
CVE-2024-3628
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
EasyEvent
EasyEvent
Researchers
CVE-ID
CVE-2024-0904
CVE-2024-0904
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Fancy Product Designer
Fancy Product Designer
Researcher
CVE-ID
CVE-2024-32540
CVE-2024-32540
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Fixed HTML Toolbar
Fixed HTML Toolbar
Researcher
CVE-ID
CVE-2024-32534
CVE-2024-32534
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Researcher
CVE-ID
CVE-2024-3755
CVE-2024-3755
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
MF Gig Calendar
MF Gig Calendar
Researcher
Navigation menu as Dropdown Widget <= 1.3.4 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-ID
CVE-2024-32126
CVE-2024-32126
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Navigation menu as Dropdown Widget
Navigation menu as Dropdown Widget
Researcher
CVE-ID
CVE-2024-32690
CVE-2024-32690
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
RSS Feed Widget
RSS Feed Widget
Researcher
CVE-ID
CVE-2023-5971
CVE-2023-5971
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
Affected Software
Save as PDF Plugin by Pdfcrowd
Save as PDF Plugin by Pdfcrowd
Researcher
CVE-ID
CVE-2024-32548
CVE-2024-32548
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
What's New Generator
What's New Generator
Researcher
CVE-ID
CVE-2024-32539
CVE-2024-32539
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WP File Download Light
WP File Download Light
Researcher
CVE-ID
CVE-2024-32573
CVE-2024-32573
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP-Lister Lite for eBay
WP-Lister Lite for eBay
Researcher
CVE-ID
CVE-2024-32550
CVE-2024-32550
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
BMI Adult & Kid Calculator
BMI Adult & Kid Calculator
Researcher
CVE-ID
CVE-2024-3520
CVE-2024-3520
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Country State City Dropdown CF7
Country State City Dropdown CF7
Researcher
CVE-ID
CVE-2024-32524
CVE-2024-32524
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Custom Order Statuses for WooCommerce
Custom Order Statuses for WooCommerce
Researcher
CVE-ID
CVE-2024-32517
CVE-2024-32517
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Custom Thank You Page Customize For WooCommerce by Binary Carpenter
Custom Thank You Page Customize For WooCommerce by Binary Carpenter
Researcher
CVE-ID
CVE-2024-3243
CVE-2024-3243
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Customer Reviews for WooCommerce
Customer Reviews for WooCommerce
Researcher
CVE-ID
CVE-2024-3869
CVE-2024-3869
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Customer Reviews for WooCommerce
Customer Reviews for WooCommerce
Researcher
CVE-ID
CVE-2023-6897
CVE-2023-6897
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory
Researcher
CVE-ID
CVE-2024-32537
CVE-2024-32537
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Flash Video Player
Flash Video Player
Researcher
CVE-ID
CVE-2024-32519
CVE-2024-32519
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
GG Woo Feed for WooCommerce Shopping Feed on Google and Other Channels
GG Woo Feed for WooCommerce Shopping Feed on Google and Other Channels
Researcher
CVE-ID
CVE-2024-3590
CVE-2024-3590
Patch Status
Unpatched
Unpatched
Published
Apr 18, 2024
Apr 18, 2024
Researcher
CVE-ID
CVE-2024-3581
CVE-2024-3581
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
MaxGalleria
MaxGalleria
Researcher
CVE-ID
CVE-2024-32515
CVE-2024-32515
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Mega Addons For Elementor
Mega Addons For Elementor
Researcher
CVE-ID
CVE-2024-3756
CVE-2024-3756
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
MF Gig Calendar
MF Gig Calendar
Researcher
CVE-ID
CVE-2024-32516
CVE-2024-32516
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Multi Currency For WooCommerce
Multi Currency For WooCommerce
Researcher
CVE-ID
CVE-2024-32522
CVE-2024-32522
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Open Close WooCommerce Store – Best Business Schedules Manager
Open Close WooCommerce Store – Best Business Schedules Manager
Researcher
CVE-ID
CVE-2024-32142
CVE-2024-32142
Patch Status
Unpatched
Unpatched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
Ovic Responsive WPBakery
Ovic Responsive WPBakery
Researcher
CVE-ID
CVE-2023-41864
CVE-2023-41864
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
PeproDev CF7 Database
PeproDev CF7 Database
Researcher
ProfileGrid – User Profiles, Memberships, Groups and Communities <= 5.8.3 - Missing Authorization
4.3
CVE-ID
CVE-2024-3606
CVE-2024-3606
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
ProfileGrid – User Profiles, Groups and Communities
Researcher
CVE-ID
CVE-2024-32506
CVE-2024-32506
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
Researcher
CVE-ID
CVE-2024-3940
CVE-2024-3940
Patch Status
Unpatched
Unpatched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
reCAPTCHA Jetpack
reCAPTCHA Jetpack
Researcher
CVE-ID
CVE-2024-33681
CVE-2024-33681
Patch Status
Unpatched
Unpatched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
Regenerate post permalink
Regenerate post permalink
Researcher
CVE-ID
CVE-2024-32549
CVE-2024-32549
Patch Status
Unpatched
Unpatched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Related Posts for WordPress
Related Posts for WordPress
Researcher
CVE-ID
CVE-2023-7067
CVE-2023-7067
Patch Status
Patched
Patched
Published
Apr 18, 2024
Apr 18, 2024
CVE-ID
CVE-2024-1306
CVE-2024-1306
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Smart Forms – when you need more than just a contact form
Smart Forms – when you need more than just a contact form
Researcher
CVE-ID
CVE-2024-32525
CVE-2024-32525
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
Theme My Login
Theme My Login
Researcher
VikBooking Hotel Booking Engine & PMS <= 1.6.7 - Insecure Direct Object Reference to Menu Access
4.3
CVE-ID
CVE-2024-2441
CVE-2024-2441
Patch Status
Patched
Patched
Published
Apr 19, 2024
Apr 19, 2024
Affected Software
VikBooking Hotel Booking Engine & PMS
VikBooking Hotel Booking Engine & PMS
Researcher
CVE-ID
CVE-2023-6731
CVE-2023-6731
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP Show Posts
WP Show Posts
Researcher
CVE-ID
CVE-2024-32689
CVE-2024-32689
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
WP Social Comments
WP Social Comments
Researcher
WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Insecure Direct Object Reference
4.3
CVE-ID
CVE-2024-32604
CVE-2024-32604
Patch Status
Patched
Patched
Published
Apr 16, 2024
Apr 16, 2024
Affected Software
WP-Recall – Registration, Profile, Commerce & More
WP-Recall – Registration, Profile, Commerce & More
Researcher
CVE-ID
CVE-2024-32687
CVE-2024-32687
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
WPC Frequently Bought Together for WooCommerce
WPC Frequently Bought Together for WooCommerce
Researcher
CVE-ID
CVE-2024-32520
CVE-2024-32520
Patch Status
Patched
Patched
Published
Apr 15, 2024
Apr 15, 2024
Affected Software
WPC Grouped Product for WooCommerce
WPC Grouped Product for WooCommerce
Researcher
CVE-ID
CVE-2024-32681
CVE-2024-32681
Patch Status
Patched
Patched
Published
Apr 17, 2024
Apr 17, 2024
Affected Software
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments