Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 221 vulnerabilities disclosed in 210 WordPress Plugins, 22 WordPress Themes, and one in WordPress Core that have been added to the Wordfence Intelligence Vulnerability Database, and there were 69 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- Forminator – Contact Form, Payment Form & Custom Form Builder <= 1.29.2 – Authenticated (Contributor+) Stored Cross-Site Scripting
- WordPress Core < 6.5.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block
- WAF-RULE-690 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 190 |
| Unpatched | 31 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 197 |
| High Severity | 11 |
| Critical Severity | 13 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Cross-Site Request Forgery (CSRF) | 103 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 62 |
| Missing Authorization | 24 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 14 |
| Deserialization of Untrusted Data | 3 |
| Exposure of Sensitive Information to an Unauthorized Actor | 3 |
| Server-Side Request Forgery (SSRF) | 3 |
| Improper Authorization | 2 |
| Improper Input Validation | 2 |
| Unrestricted Upload of File with Dangerous Type | 2 |
| URL Redirection to Untrusted Site ('Open Redirect') | 2 |
| Improper Access Control | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 53 | |
| 12 | |
| 11 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Account Engagement | pardot |
| ActiveCampaign – Forms, Site Tracking, Live Chat | activecampaign-subscription-forms |
| Ads.txt Admin | ads-txt-admin |
| Advanced Cron Manager – debug & control | advanced-cron-manager |
| Advanced iFrame | advanced-iframe |
| Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress | advanced-page-visit-counter |
| Advanced Post Block- Great solution for displaying Posts | advanced-post-block |
| AffiEasy | affieasy |
| AIKit - WordPress AI Automatic Writer, Chatbot, Writing Assistant & Content Repurposer / OpenAI GPT | aikit-wordpress-ai-writing-assistant-using-gpt3 |
| All-in-One Addons for Elementor – WidgetKit | widgetkit-for-elementor |
| Appointment Bookings for Zoom GoogleMeet and more – Wappointment | wappointment |
| AppPresser – Mobile App Framework | apppresser |
| Asgaros Forum | asgaros-forum |
| Aspose.Words – Import and Export word documents | aspose-doc-exporter |
| BA Book Everything | ba-book-everything |
| Backup Migration | backup-backup |
| BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | woo-bulk-editor |
| Before And After: Lead Capture Forms For WordPress | before-and-after |
| Benchmark Email Lite | benchmark-email-lite |
| BizCalendar Web | bizcalendar-web |
| Blocksy Companion | blocksy-companion |
| Bold Page Builder | bold-page-builder |
| Booking for Appointments and Events Calendar – Amelia | ameliabooking |
| Boostify Header Footer Builder for Elementor | boostify-header-footer-builder |
| Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg | 5-stars-rating-funnel |
| bunny.net – WordPress CDN Plugin | bunnycdn |
| Button Generator – easily Button Builder | button-generation |
| BWL Advanced FAQ Manager | bwl-advanced-faq-manager |
| Calendarista Basic Edition – WordPress appointment booking system | calendarista-basic-edition |
| Carousel Slider | carousel-slider |
| Carousel, Slider, Gallery by WP Carousel – Image Carousel with Lightbox & Photo Gallery, Video Slider, Post Carousel & Post Grid, Product Carousel & Product Grid | wp-carousel-free |
| CBX Bookmark & Favorite | cbxwpbookmark |
| Church Admin | church-admin |
| Church Content – Sermons, Events and More | church-theme-content |
| Citadela Directory | citadela-directory |
| Clone | wp-clone-by-wp-academy |
| Contact Form Plugin | contact-form-lite |
| Convert Post Types | convert-post-types |
| Counter Box: Add Engaging Countdowns, Timers & Counters to Your WordPress Site | counter-box |
| Crony Cronjob Manager | crony |
| Currency per Product for WooCommerce | currency-per-product-for-woocommerce |
| Customily Product Personalizer | customily-v2 |
| Dashboard To-Do List | dashboard-to-do-list |
| Dashboard Welcome for Elementor | dashboard-welcome-for-elementor |
| Disable Comments | WPZest | disable-comments-wpz |
| Download Manager | downloadmanager |
| Duplicate Post | copy-delete-posts |
| E2Pdf – Export Pdf Tool for WordPress | e2pdf |
| Easy Logo | easylogo |
| eCommerce Product Catalog Plugin for WordPress | ecommerce-product-catalog |
| Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) | bdthemes-element-pack-lite |
| Elementor Addons by Livemesh | addons-for-elementor |
| ELEX WooCommerce Dynamic Pricing and Discounts | elex-woocommerce-dynamic-pricing-and-discounts |
| Email Marketing for WooCommerce by Omnisend | omnisend-connect |
| Enhanced Text Widget | enhanced-text-widget |
| eRoom – Zoom Meetings & Webinars | eroom-zoom-meetings-webinar |
| Essential Grid Gallery WordPress Plugin | essential-grid |
| Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin | mage-eventpress |
| EWWW Image Optimizer | ewww-image-optimizer |
| Exclusive Addons for Elementor | exclusive-addons-for-elementor |
| Extra Product Options Builder for WooCommerce | additional-product-fields-for-woocommerce |
| EZ Form Calculator | ez-form-calculator |
| F4 Improvements | f4-improvements |
| Favicon by RealFaviconGenerator | favicon-by-realfavicongenerator |
| Filter Custom Fields & Taxonomies Light | filter-custom-fields-taxonomies-light |
| Finale Lite – Sales Countdown Timer & Discount for WooCommerce | finale-woocommerce-sales-countdown-timer-discount |
| Find Duplicates | find-duplicates |
| Float menu – awesome floating side menu | float-menu |
| Forminator Forms – Contact Form, Payment Form & Custom Form Builder | forminator |
| Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook | forms-to-zapier |
| Freshdesk (official) | freshdesk-support |
| FV Flowplayer Video Player | fv-wordpress-flowplayer |
| Gallery Box | gallery-box |
| GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress | gamipress |
| GEO my WP | geo-my-wp |
| Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) | gift-voucher |
| GiveWP – Donation Plugin and Fundraising Platform | give |
| GP Unique ID | gp-unique-id |
| Gutenberg | gutenberg |
| Gutenberg Blocks with AI by Kadence WP – Page Builder Features | kadence-blocks |
| Gutenverse – Ultimate Block Addons and Page Builder for Site Editor | gutenverse |
| Happy WooCommerce FAQs & AI FAQ Generator (Formarly XPlainer) | faq-for-woocommerce |
| Import any XML or CSV File to WordPress | wp-all-import |
| Import Users from CSV | import-users-from-csv |
| Inline Related Posts | intelly-related-posts |
| InstaWP Connect – 1-click WP Staging & Migration | instawp-connect |
| Intagrate Lite | instagrate-to-wordpress |
| IP2Location Country Blocker | ip2location-country-blocker |
| Ivory Search – WordPress Search Plugin | add-search-to-menu |
| Jobs for WordPress | job-postings |
| Kattene | kattene |
| Kimili Flash Embed | kimili-flash-embed |
| Language Translate Widget for WP – ConveyThis | conveythis-translate |
| Leadinfo | leadinfo |
| Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) | leaflet-maps-marker |
| Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator | legal-pages |
| Libsyn Publisher Hub | libsyn-podcasting |
| LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes | lifterlms |
| Link Whisper Free | link-whisper |
| Live Composer – Free WordPress Website Builder | live-composer-page-builder |
| Load More Anything | ajax-load-more-anything |
| Login With Ajax – Fast Logins, 2FA, Redirects | login-with-ajax |
| Login with phone number | login-with-phone-number |
| Login | Login Page | Login Logo | Rename Login Page | Custom Login Page | Temporary Users | Rebrand Login | Login Captcha | feather-login-page |
| Mail logging – WP Mail Catcher | wp-mail-catcher |
| MailChimp Forms by MailMunch | mailchimp-forms-by-mailmunch |
| Marker.io – Visual Website Feedback | marker-io |
| Matterport Shortcode | shortcode-gallery-for-matterport-showcase |
| Membership Plugin – Restrict Content | restrict-content |
| Migration, Backup, Staging – WPvivid Backup & Migration | wpvivid-backuprestore |
| MihanPanel – User Login , Registration and Dashboard | mihanpanel-lite |
| Modal Window – create popup modal window | modal-window |
| MultiParcels Shipping For WooCommerce | multiparcels-shipping-for-woocommerce |
| MWW Disclaimer Buttons | mww-disclaimer-buttons |
| Newsletter – Send awesome emails from WordPress | newsletter |
| NextMove Lite – Thank You Page for WooCommerce | woo-thank-you-page-nextmove-lite |
| Ninja Forms – The Contact Form Builder That Grows With You | ninja-forms |
| No-Bot Registration | no-bot-registration |
| Novelist | novelist |
| Ocean Extra | ocean-extra |
| Order Delivery Date for WooCommerce | order-delivery-date-for-woocommerce |
| Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | otter-blocks |
| Ovic Addon Toolkit | ovic-addon-toolkit |
| Pagely [Show Current Template Info] | current-template-name |
| Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | wp-user-avatar |
| Podlove Podcast Publisher | podlove-podcasting-plugin-for-wordpress |
| POEditor | poeditor |
| Pop-up | pop-up-pop-up |
| Popup Box: Create Popups Easily | popup-box |
| Popup by Supsystic | popup-by-supsystic |
| Popup Like box – Page Plugin | ays-facebook-popup-likebox |
| Post Type Builder | themify-ptb |
| Premium Addons for Elementor | premium-addons-for-elementor |
| Premmerce Product Filter for WooCommerce | premmerce-woocommerce-product-filter |
| Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More | purple-xmls-google-product-feed-for-woocommerce |
| Product Input Fields for WooCommerce | product-input-fields-for-woocommerce |
| ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
| Realtyna Organic IDX plugin + WPL Real Estate | real-estate-listing-realtyna-wpl |
| ReDi Restaurant Reservation | redi-restaurant-reservation |
| Redirection | redirect-redirection |
| Remove Footer Credit | remove-footer-credit |
| Responsive Contact Form Builder & Lead Generation Plugin | lead-form-builder |
| Responsive Slider – Sangar Slider | sangar-slider-lite |
| RestroPress – Online Food Ordering System | restropress |
| RSS Redirect & Feedburner Alternative | feedburner-alternative-and-rss-redirect |
| Save as Image Plugin by Pdfcrowd | save-as-image-by-pdfcrowd |
| Save as PDF Plugin by Pdfcrowd | save-as-pdf-by-pdfcrowd |
| Search Keyword Redirect | wp-search-keyword-redirect |
| SEO Booster | seo-booster |
| Sheets to WP Table Live Sync | Google Sheets Table Plugin for WordPress with Spreadsheet Integration – FlexTable | sheets-to-wp-table-live-sync |
| Shopkeeper Extender | shopkeeper-extender |
| Shopping Cart & eCommerce Store | wp-easycart |
| Short URL | shorten-url |
| Side Menu Lite – add sticky fixed buttons | side-menu-lite |
| Simple Post Notes | simple-post-notes |
| Siteimprove | siteimprove |
| Slider Revolution | revslider |
| Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | ml-slider |
| Smart Forms – when you need more than just a contact form | smart-forms |
| Smart Slider 3 | smart-slider-3 |
| Smash Balloon Social Post Feed – Simple Social Feeds for WordPress | custom-facebook-feed |
| Social Media Social Share Icon | add-social-share |
| Social Proof Popups & Real-Time Notifications – Herd Effects | mwp-herd-effect |
| Social Share Icons & Social Share Buttons | ultimate-social-media-plus |
| Spotlight Social Feeds – Block, Shortcode, and Widget | spotlight-social-photo-feeds |
| SSL Mixed Content Fix | http-https-remover |
| Sticky Buttons – floating buttons builder | sticky-buttons |
| Subscribe2 – Form, Email Subscribers & Newsletters | subscribe2 |
| Sync Post With Other Site | sync-post-with-other-site |
| Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent | tablesome |
| The Events Calendar | the-events-calendar |
| Top Bar | top-bar |
| TOP Table Of Contents | top-table-of-contents |
| TWIPLA (Visitor Analytics IO) – Privacy-First Website Stats, Session Recordings, Heatmaps, Polls and Surveys | visitor-analytics-io |
| Ultimate Before After Image Slider & Gallery – BEAF | beaf-before-and-after-gallery |
| Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | ultimate-member |
| Ultimate Posts Widget | ultimate-posts-widget |
| Ultimate Product Catalog | ultimate-product-catalogue |
| Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider | ultimate-store-kit |
| Unlimited Elementor Inner Sections By BoomDevs | unlimited-elementor-inner-sections-by-boomdevs |
| User Activity Log Pro | user-activity-log-pro |
| UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | userswp |
| USPS Shipping for WooCommerce – Live Rates | flexible-shipping-usps |
| WA Chat Help – Chat Bubble, Chat Button, WooCommerce Button with Gutenberg, Elementor and Shortcode | chat-help |
| Wallet System for WooCommerce – Wallet, Secure Online Payments, Cashback, Refunds, Partial Payment, Wallet Restriction, WooCommerce Payment | wallet-system-for-woocommerce |
| Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition | webinar-ignition |
| Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode | coming-soon |
| Welcart e-Commerce | usc-e-shop |
| WOLF – WordPress Posts Bulk Editor and Manager Professional | bulk-editor |
| WooCommerce UPS Shipping – Live Rates and Access Points | flexible-shipping-ups |
| WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds | another-wordpress-classifieds-plugin |
| WordPress Flipbook by Supsystic | digital-publications-by-supsystic |
| WordPress Hosting Benchmark tool | wpbenchmark |
| WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly | tour-booking-manager |
| Wow Skype Buttons | mwp-skype |
| WP Accessibility Helper (WAH) | wp-accessibility-helper |
| WP Activity Log Premium | wp-security-audit-log-premium |
| WP Client Reports | wp-client-reports |
| WP Compress – Instant Performance & Speed Optimization | wp-compress-image-optimizer |
| WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, Security+ | wp-letsencrypt-ssl |
| WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress | wp-event-aggregator |
| WP Google Analytics Events – No-Code Custom Event Tracking for Google Analytics | wp-google-analytics-events |
| WP Login and Logout Redirect | wp-login-and-logout-redirect |
| WP Radio – Worldwide Online Radio Stations Directory for WordPress | wp-radio |
| WP Synchro – WordPress Migration Plugin for Database & Files | wpsynchro |
| WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden | wp2leads |
| WPBakery Visual Composer | js_composer |
| WPC Smart Quick View for WooCommerce | woo-smart-quick-view |
| WPZOOM Social Feed Widget & Block | instagram-widget-by-wpzoom |
| Zoho Campaigns | zoho-campaigns |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Blocksy | blocksy |
| CityLogic | citylogic |
| Decode | decode |
| Default Mag | default-mag |
| Emmet Lite | emmet-lite |
| Gridsby | gridsby |
| HappenStance | happenstance |
| i-excel | i-excel |
| i-max | i-max |
| Lightning | lightning |
| Namaha | namaha |
| NewsXpress | newsxpress |
| Panoramic | panoramic |
| PopularFX | popularfx |
| Sarada Lite | sarada-lite |
| Sensible WP | sensible-wp |
| Shopstar! | shopstar |
| Sliding Door | sliding-door |
| Soledad | soledad |
| Spa and Salon | spa-and-salon |
| The Conference | the-conference |
| X-T9 | x-t9 |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVE-ID
CVE-2024-32128
CVE-2024-32128
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Realtyna Organic IDX plugin + WPL Real Estate
Realtyna Organic IDX plugin + WPL Real Estate
Researcher
CVE-ID
CVE-2024-31370
CVE-2024-31370
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
CVE-ID
CVE-2024-32125
CVE-2024-32125
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
BA Book Everything
BA Book Everything
Researcher
CVE-ID
CVE-2024-32127
CVE-2024-32127
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Find Duplicates
Find Duplicates
Researcher
CVE-ID
CVE-2024-32139
CVE-2024-32139
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Podlove Podcast Publisher
Podlove Podcast Publisher
Researcher
CVE-ID
CVE-2024-32137
CVE-2024-32137
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
User Activity Log Pro
User Activity Log Pro
Researcher
CVE-ID
CVE-2024-2667
CVE-2024-2667
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
InstaWP Connect – 1-click WP Staging & Migration
InstaWP Connect – 1-click WP Staging & Migration
Researcher
CVE-ID
CVE-2024-32098
CVE-2024-32098
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Researcher
CVE-ID
CVE-2024-32136
CVE-2024-32136
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
BWL Advanced FAQ Manager
BWL Advanced FAQ Manager
Researcher
CVE-ID
CVE-2024-32132
CVE-2024-32132
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
CBX Bookmark & Favorite
CBX Bookmark & Favorite
Researcher
CVE-ID
CVE-2024-32135
CVE-2024-32135
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Disable Comments | WPZest
Disable Comments | WPZest
Researcher
CVE-ID
CVE-2024-32134
CVE-2024-32134
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook
Researcher
CVE-ID
CVE-2024-32087
CVE-2024-32087
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More
Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More
Researcher
CVE-ID
CVE-2024-3211
CVE-2024-3211
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Shopping Cart & eCommerce Store
Shopping Cart & eCommerce Store
Researcher
CVE-ID
CVE-2024-2018
CVE-2024-2018
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
WP Activity Log Premium
WP Activity Log Premium
Researcher
CVE-ID
CVE-2023-6964
CVE-2023-6964
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Researcher
CVE-ID
CVE-2024-32086
CVE-2024-32086
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Citadela Directory
Citadela Directory
Researcher
CVE-ID
CVE-2023-7046
CVE-2023-7046
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, Security+
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, Security+
Researcher
CVE-ID
CVE-2024-3020
CVE-2024-3020
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
CVE-ID
CVE-2024-1774
CVE-2024-1774
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Customily Product Personalizer
Customily Product Personalizer
Researcher
CVE-ID
CVE-2024-32431
CVE-2024-32431
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Import Users from CSV
Import Users from CSV
Researcher
CVE-ID
CVE-2023-6811
CVE-2023-6811
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Language Translate Widget for WP – ConveyThis
Language Translate Widget for WP – ConveyThis
Researcher
CVE-ID
CVE-2024-4439
CVE-2024-4439
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
WordPress
WordPress
Researchers
CVE-ID
CVE-2024-3054
CVE-2024-3054
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Migration, Backup, Staging – WPvivid Backup & Migration
Migration, Backup, Staging – WPvivid Backup & Migration
Researcher
CVE-ID
CVE-2024-3637
CVE-2024-3637
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Responsive Contact Form Builder & Lead Generation Plugin
Responsive Contact Form Builder & Lead Generation Plugin
Researcher
Advanced iFrame <= 2024.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
CVE-ID
CVE-2024-32079
CVE-2024-32079
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Advanced iFrame
Advanced iFrame
Researcher
CVE-ID
CVE-2024-2137
CVE-2024-2137
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
All-in-One Addons for Elementor – WidgetKit
All-in-One Addons for Elementor – WidgetKit
Researcher
CVE-ID
CVE-2024-2735
CVE-2024-2735
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Bold Page Builder
Bold Page Builder
Researcher
CVE-ID
CVE-2024-2734
CVE-2024-2734
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Bold Page Builder
Bold Page Builder
Researcher
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags
6.4
CVE-ID
CVE-2024-2736
CVE-2024-2736
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Bold Page Builder
Bold Page Builder
Researcher
CVE-ID
CVE-2024-32147
CVE-2024-32147
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Contact Form Plugin
Contact Form Plugin
Researcher
CVE-ID
CVE-2024-2655
CVE-2024-2655
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-2539
CVE-2024-2539
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Elementor Addons by Livemesh
Elementor Addons by Livemesh
Researcher
CVE-ID
CVE-2024-3053
CVE-2024-3053
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
CVE-ID
CVE-2024-1957
CVE-2024-1957
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
GiveWP – Donation Plugin and Fundraising Platform
GiveWP – Donation Plugin and Fundraising Platform
Researcher
CVE-ID
Unknown
Unknown
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Gutenberg
Gutenberg
Researchers
CVE-ID
CVE-2024-3692
CVE-2024-3692
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Gutenverse – Ultimate Block Addons and Page Builder for Site Editor
Gutenverse – Ultimate Block Addons and Page Builder for Site Editor
Researcher
CVE-ID
CVE-2024-3670
CVE-2024-3670
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
Researcher
CVE-ID
CVE-2024-32140
CVE-2024-32140
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Libsyn Publisher Hub
Libsyn Publisher Hub
Researcher
CVE-ID
CVE-2024-3167
CVE-2024-3167
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Ocean Extra
Ocean Extra
Researcher
CVE-ID
CVE-2024-3344
CVE-2024-3344
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Researcher
CVE-ID
CVE-2024-3343
CVE-2024-3343
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Researcher
CVE-ID
CVE-2024-2867
CVE-2024-2867
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
CVE-ID
CVE-2024-3210
CVE-2024-3210
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
CVE-ID
CVE-2024-0376
CVE-2024-0376
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
Premium Addons for Elementor <= 4.10.24 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-ID
CVE-2024-2664
CVE-2024-2664
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
CVE-ID
CVE-2024-2665
CVE-2024-2665
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
CVE-ID
CVE-2024-2306
CVE-2024-2306
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Slider Revolution
Slider Revolution
Researchers
CVE-ID
CVE-2024-2801
CVE-2024-2801
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Shopkeeper Extender
Shopkeeper Extender
Researcher
CVE-ID
CVE-2024-3285
CVE-2024-3285
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Researcher
CVE-ID
CVE-2024-3027
CVE-2024-3027
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Smart Slider 3
Smart Slider 3
Researcher
CVE-ID
CVE-2024-31357
CVE-2024-31357
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
CVE-ID
CVE-2024-1041
CVE-2024-1041
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
WP Radio – Worldwide Online Radio Stations Directory for WordPress
WP Radio – Worldwide Online Radio Stations Directory for WordPress
Researcher
CVE-ID
CVE-2024-1042
CVE-2024-1042
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
WP Radio – Worldwide Online Radio Stations Directory for WordPress
WP Radio – Worldwide Online Radio Stations Directory for WordPress
Researcher
CVE-ID
CVE-2024-1805
CVE-2024-1805
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WPBakery Visual Composer
WPBakery Visual Composer
Researcher
CVE-ID
CVE-2024-1842
CVE-2024-1842
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WPBakery Visual Composer
WPBakery Visual Composer
Researcher
CVE-ID
CVE-2024-1840
CVE-2024-1840
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WPBakery Visual Composer
WPBakery Visual Composer
Researcher
CVE-ID
CVE-2024-1841
CVE-2024-1841
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WPBakery Visual Composer
WPBakery Visual Composer
Researcher
CVE-ID
CVE-2024-1780
CVE-2024-1780
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
BizCalendar Web
BizCalendar Web
Researchers
CVE-ID
CVE-2024-32133
CVE-2024-32133
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
EZ Form Calculator
EZ Form Calculator
Researcher
CVE-ID
CVE-2024-32129
CVE-2024-32129
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Freshdesk (official)
Freshdesk (official)
Researcher
CVE-ID
CVE-2024-32149
CVE-2024-32149
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Jobs for WordPress
Jobs for WordPress
Researcher
CVE-ID
CVE-2024-31365
CVE-2024-31365
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Post Type Builder
Post Type Builder
Researcher
CVE-ID
CVE-2024-32138
CVE-2024-32138
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Short URL
Short URL
Researcher
CVE-ID
CVE-2024-32145
CVE-2024-32145
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Researcher
CVE-ID
CVE-2024-32107
CVE-2024-32107
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Finale Lite – Sales Countdown Timer & Discount for WooCommerce
Finale Lite – Sales Countdown Timer & Discount for WooCommerce
Researcher
CVE-ID
CVE-2024-32430
CVE-2024-32430
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
ActiveCampaign – Forms, Site Tracking, Live Chat
ActiveCampaign – Forms, Site Tracking, Live Chat
Researcher
CVE-ID
CVE-2024-32454
CVE-2024-32454
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Appointment Bookings for Zoom GoogleMeet and more – Wappointment
Appointment Bookings for Zoom GoogleMeet and more – Wappointment
Researcher
CVE-ID
CVE-2024-2733
CVE-2024-2733
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Bold Page Builder
Bold Page Builder
Researcher
CVE-ID
CVE-2024-32078
CVE-2024-32078
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
FV Flowplayer Video Player
FV Flowplayer Video Player
Researcher
CVE-ID
CVE-2024-2666
CVE-2024-2666
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Premium Addons for Elementor
Premium Addons for Elementor
Researcher
CVE-ID
CVE-2024-2765
CVE-2024-2765
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-31943
CVE-2024-31943
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
USPS Shipping for WooCommerce – Live Rates
USPS Shipping for WooCommerce – Live Rates
Researcher
CVE-ID
CVE-2024-32144
CVE-2024-32144
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Welcart e-Commerce
Welcart e-Commerce
Researcher
CVE-ID
CVE-2024-31358
CVE-2024-31358
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg
Researcher
CVE-ID
CVE-2024-0908
CVE-2024-0908
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Advanced Post Block- Great solution for displaying Posts
Advanced Post Block- Great solution for displaying Posts
Researcher
CVE-ID
CVE-2024-31430
CVE-2024-31430
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-31932
CVE-2024-31932
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Blocksy Companion
Blocksy Companion
Researcher
CVE-ID
CVE-2024-32131
CVE-2024-32131
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Download Manager
Download Manager
Researcher
CVE-ID
CVE-2024-2966
CVE-2024-2966
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-32105
CVE-2024-32105
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
ELEX WooCommerce Dynamic Pricing and Discounts
ELEX WooCommerce Dynamic Pricing and Discounts
Researcher
CVE-ID
CVE-2024-3235
CVE-2024-3235
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Essential Grid Gallery WordPress Plugin
Essential Grid Gallery WordPress Plugin
Researcher
CVE-ID
CVE-2024-0710
CVE-2024-0710
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
GP Unique ID
GP Unique ID
Researcher
CVE-ID
CVE-2024-32112
CVE-2024-32112
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Leadinfo
Leadinfo
Researcher
CVE-ID
CVE-2024-31359
CVE-2024-31359
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Premmerce Product Filter for WooCommerce
Premmerce Product Filter for WooCommerce
Researcher
CVE-ID
CVE-2024-31432
CVE-2024-31432
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Membership Plugin – Restrict Content
Membership Plugin – Restrict Content
Researcher
CVE-ID
CVE-2024-31368
CVE-2024-31368
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Soledad
Soledad
Researcher
CVE-ID
CVE-2024-31926
CVE-2024-31926
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Advanced Cron Manager – debug & control
Advanced Cron Manager – debug & control
Researcher
CVE-ID
CVE-2024-31361
CVE-2024-31361
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
bunny.net – WordPress CDN Plugin
bunny.net – WordPress CDN Plugin
Researcher
CVE-ID
CVE-2024-3703
CVE-2024-3703
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Carousel Slider
Carousel Slider
Researcher
CVE-ID
CVE-2024-31925
CVE-2024-31925
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
F4 Improvements
F4 Improvements
Researcher
CVE-ID
CVE-2024-31929
CVE-2024-31929
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Intagrate Lite
Intagrate Lite
Researcher
CVE-ID
CVE-2024-32428
CVE-2024-32428
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
MWW Disclaimer Buttons
MWW Disclaimer Buttons
Researcher
CVE-ID
CVE-2024-29220
CVE-2024-29220
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Ninja Forms – The Contact Form Builder That Grows With You
Ninja Forms – The Contact Form Builder That Grows With You
Researcher
CVE-ID
CVE-2024-26019
CVE-2024-26019
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Ninja Forms – The Contact Form Builder That Grows With You
Ninja Forms – The Contact Form Builder That Grows With You
Researcher
CVE-ID
CVE-2024-32453
CVE-2024-32453
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
POEditor
POEditor
Researcher
CVE-ID
CVE-2024-31387
CVE-2024-31387
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Popup Like box – Page Plugin
Popup Like box – Page Plugin
Researcher
CVE-ID
CVE-2024-32429
CVE-2024-32429
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Remove Footer Credit
Remove Footer Credit
Researcher
CVE-ID
CVE-2024-31931
CVE-2024-31931
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Save as Image Plugin by Pdfcrowd
Save as Image Plugin by Pdfcrowd
Researchers
CVE-ID
CVE-2024-31930
CVE-2024-31930
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Save as PDF Plugin by Pdfcrowd
Save as PDF Plugin by Pdfcrowd
Researchers
CVE-ID
CVE-2024-32080
CVE-2024-32080
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Search Keyword Redirect
Search Keyword Redirect
Researcher
CVE-ID
CVE-2024-1905
CVE-2024-1905
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Smart Forms – when you need more than just a contact form
Smart Forms – when you need more than just a contact form
Researcher
CVE-ID
CVE-2024-31928
CVE-2024-31928
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Top Bar
Top Bar
Researcher
CVE-ID
CVE-2024-31937
CVE-2024-31937
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-31927
CVE-2024-31927
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
WP Login and Logout Redirect
WP Login and Logout Redirect
Researcher
CVE-ID
CVE-2023-6494
CVE-2023-6494
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
WPC Smart Quick View for WooCommerce
WPC Smart Quick View for WooCommerce
Researcher
CVE-ID
CVE-2024-32448
CVE-2024-32448
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Ads.txt Admin
Ads.txt Admin
Researcher
CVE-ID
CVE-2024-32435
CVE-2024-32435
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
AffiEasy
AffiEasy
Researcher
CVE-ID
CVE-2024-31425
CVE-2024-31425
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Booking for Appointments and Events Calendar – Amelia
Booking for Appointments and Events Calendar – Amelia
Researcher
CVE-ID
CVE-2024-31374
CVE-2024-31374
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
AppPresser – Mobile App Framework
AppPresser – Mobile App Framework
Researcher
CVE-ID
CVE-2024-32110
CVE-2024-32110
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Subscribe2 – Form, Email Subscribers & Newsletters
Sheets to WP Table Live Sync | Google Sheets Table Plugin for WordPress with Spreadsheet Integration – FlexTable
Dashboard Welcome for Elementor
Happy WooCommerce FAQs & AI FAQ Generator (Formarly XPlainer)
Load More Anything
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin
Pagely [Show Current Template Info]
Exclusive Addons for Elementor
TOP Table Of Contents
WA Chat Help – Chat Bubble, Chat Button, WooCommerce Button with Gutenberg, Elementor and Shortcode
and 3 more...
Subscribe2 – Form, Email Subscribers & Newsletters
Sheets to WP Table Live Sync | Google Sheets Table Plugin for WordPress with Spreadsheet Integration – FlexTable
Dashboard Welcome for Elementor
Happy WooCommerce FAQs & AI FAQ Generator (Formarly XPlainer)
Load More Anything
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin
Pagely [Show Current Template Info]
Exclusive Addons for Elementor
TOP Table Of Contents
WA Chat Help – Chat Bubble, Chat Button, WooCommerce Button with Gutenberg, Elementor and Shortcode
and 3 more...
Researcher
CVE-ID
CVE-2024-32440
CVE-2024-32440
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Asgaros Forum
Asgaros Forum
Researcher
CVE-ID
CVE-2024-32146
CVE-2024-32146
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Aspose.Words – Import and Export word documents
Aspose.Words – Import and Export word documents
Researcher
CVE-ID
CVE-2024-32447
CVE-2024-32447
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Researcher
CVE-ID
CVE-2024-32433
CVE-2024-32433
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Ultimate Before After Image Slider & Gallery – BEAF
Ultimate Before After Image Slider & Gallery – BEAF
Researcher
CVE-ID
CVE-2024-32084
CVE-2024-32084
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Before And After: Lead Capture Forms For WordPress
Before And After: Lead Capture Forms For WordPress
Researcher
CVE-ID
CVE-2024-31360
CVE-2024-31360
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
Benchmark Email Lite
Benchmark Email Lite
Researcher
CVE-ID
CVE-2024-31382
CVE-2024-31382
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Blocksy
Blocksy
Researcher
CVE-ID
CVE-2024-3471
CVE-2024-3471
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Button Generator – easily Button Builder
Button Generator – easily Button Builder
Researcher
CVE-ID
CVE-2024-31942
CVE-2024-31942
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Calendarista Basic Edition – WordPress appointment booking system
Calendarista Basic Edition – WordPress appointment booking system
Researcher
CVE-ID
CVE-2024-32090
CVE-2024-32090
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Church Admin
Church Admin
Researcher
Church Content – Sermons, Events and More <= 2.6 - Cross-Site Request Forgery to Notice Dismissal
4.3
CVE-ID
CVE-2024-32094
CVE-2024-32094
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Church Content – Sermons, Events and More
Church Content – Sermons, Events and More
Researcher
CVE-ID
CVE-2024-32085
CVE-2024-32085
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Citadela Directory
Citadela Directory
Researcher
CVE-ID
CVE-2024-32088
CVE-2024-32088
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode
Researcher
CVE-ID
CVE-2024-32108
CVE-2024-32108
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Convert Post Types
Convert Post Types
Researcher
Counter Box – WordPress plugin for countdown, timer, counter <= 1.2.3 - Cross-Site Request Forgery
4.3
CVE-ID
CVE-2024-3481
CVE-2024-3481
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Researcher
CVE-ID
CVE-2024-32102
CVE-2024-32102
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Crony Cronjob Manager
Crony Cronjob Manager
Researcher
CVE-ID
CVE-2024-31920
CVE-2024-31920
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Currency per Product for WooCommerce
Currency per Product for WooCommerce
Researcher
CVE-ID
CVE-2024-31376
CVE-2024-31376
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Dashboard To-Do List
Dashboard To-Do List
Researcher
CVE-ID
CVE-2024-32089
CVE-2024-32089
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WordPress Flipbook by Supsystic
WordPress Flipbook by Supsystic
Researcher
CVE-ID
CVE-2024-32443
CVE-2024-32443
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
IP2Location Country Blocker
IP2Location Country Blocker
Researcher
CVE-ID
CVE-2024-31373
CVE-2024-31373
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
E2Pdf – Export Pdf Tool for WordPress
E2Pdf – Export Pdf Tool for WordPress
Researcher
CVE-ID
CVE-2024-32437
CVE-2024-32437
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
eCommerce Product Catalog Plugin for WordPress
eCommerce Product Catalog Plugin for WordPress
Researcher
CVE-ID
CVE-2024-31364
CVE-2024-31364
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
ELEX WooCommerce Dynamic Pricing and Discounts
ELEX WooCommerce Dynamic Pricing and Discounts
Researcher
CVE-ID
CVE-2024-32101
CVE-2024-32101
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Email Marketing for WooCommerce by Omnisend
Email Marketing for WooCommerce by Omnisend
Researcher
CVE-ID
CVE-2024-3275
CVE-2024-3275
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
eRoom – Zoom Meetings & Webinars
eRoom – Zoom Meetings & Webinars
Researcher
CVE-ID
CVE-2024-31924
CVE-2024-31924
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
EWWW Image Optimizer
EWWW Image Optimizer
Researcher
CVE-ID
CVE-2024-31940
CVE-2024-31940
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Extra Product Options Builder for WooCommerce
Extra Product Options Builder for WooCommerce
Researcher
CVE-ID
CVE-2024-31422
CVE-2024-31422
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Favicon by RealFaviconGenerator
Favicon by RealFaviconGenerator
Researcher
CVE-ID
CVE-2024-31923
CVE-2024-31923
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-32081
CVE-2024-32081
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Filter Custom Fields & Taxonomies Light
Filter Custom Fields & Taxonomies Light
Researcher
CVE-ID
CVE-2024-2405
CVE-2024-2405
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Float menu – awesome floating side menu
Float menu – awesome floating side menu
Researcher
CVE-ID
CVE-2024-2505
CVE-2024-2505
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress
GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress
Researcher
CVE-ID
CVE-2024-32436
CVE-2024-32436
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported)
Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported)
Researcher
Herd Effects – fake notifications and social proof plugin <= 5.2.6 - Cross-Site Request Forgery
4.3
CVE-ID
CVE-2024-3478
CVE-2024-3478
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Social Proof Popups & Real-Time Notifications – Herd Effects
Social Proof Popups & Real-Time Notifications – Herd Effects
Researcher
Import any XML or CSV File to WordPress <= 3.7.3 - Cross-Site Request Forgery to Notice Dismissal
4.3
CVE-ID
CVE-2024-31939
CVE-2024-31939
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Import any XML or CSV File to WordPress
Import any XML or CSV File to WordPress
Researcher
CVE-ID
CVE-2024-31435
CVE-2024-31435
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-31426
CVE-2024-31426
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Inline Related Posts
Inline Related Posts
Researcher
CVE-ID
CVE-2024-3233
CVE-2024-3233
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Ivory Search – WordPress Search Plugin
Ivory Search – WordPress Search Plugin
Researcher
CVE-ID
CVE-2024-32092
CVE-2024-32092
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Kimili Flash Embed
Kimili Flash Embed
Researcher
CVE-ID
CVE-2024-32451
CVE-2024-32451
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
Researcher
CVE-ID
CVE-2024-32141
CVE-2024-32141
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Libsyn Publisher Hub
Libsyn Publisher Hub
Researcher
CVE-ID
CVE-2024-31363
CVE-2024-31363
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes
LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes
Researcher
CVE-ID
CVE-2024-31934
CVE-2024-31934
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Link Whisper Free
Link Whisper Free
Researcher
CVE-ID
CVE-2024-30546
CVE-2024-30546
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Login With Ajax – Fast Logins, 2FA, Redirects
Login With Ajax – Fast Logins, 2FA, Redirects
Researcher
CVE-ID
CVE-2024-31424
CVE-2024-31424
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Login with phone number
Login with phone number
Researcher
CVE-ID
CVE-2024-31378
CVE-2024-31378
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
MailChimp Forms by MailMunch
MailChimp Forms by MailMunch
Researcher
CVE-ID
CVE-2024-31427
CVE-2024-31427
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Marker.io – Visual Website Feedback
Marker.io – Visual Website Feedback
Researcher
CVE-ID
CVE-2024-31389
CVE-2024-31389
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
MihanPanel – User Login , Registration and Dashboard
MihanPanel – User Login , Registration and Dashboard
Researcher
CVE-ID
CVE-2024-3472
CVE-2024-3472
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Modal Window – create popup modal window
Modal Window – create popup modal window
Researcher
CVE-ID
CVE-2024-32095
CVE-2024-32095
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
MultiParcels Shipping For WooCommerce
MultiParcels Shipping For WooCommerce
Researcher
CVE-ID
CVE-2024-31386
CVE-2024-31386
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Sliding Door
CityLogic
Lightning
i-max
Default Mag
Shopstar!
HappenStance
Emmet Lite
X-T9
i-excel
and 5 more...
Sliding Door
CityLogic
Lightning
i-max
Default Mag
Shopstar!
HappenStance
Emmet Lite
X-T9
i-excel
and 5 more...
Researcher
CVE-ID
CVE-2024-31434
CVE-2024-31434
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Newsletter – Send awesome emails from WordPress
Newsletter – Send awesome emails from WordPress
Researcher
CVE-ID
CVE-2024-31938
CVE-2024-31938
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
NewsXpress
NewsXpress
Researcher
CVE-ID
CVE-2024-32104
CVE-2024-32104
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
NextMove Lite – Thank You Page for WooCommerce
NextMove Lite – Thank You Page for WooCommerce
Researcher
CVE-ID
CVE-2024-31372
CVE-2024-31372
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
No-Bot Registration
No-Bot Registration
Researcher
CVE-ID
CVE-2024-32093
CVE-2024-32093
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Novelist
Novelist
Researcher
CVE-ID
CVE-2024-32434
CVE-2024-32434
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Order Delivery Date for WooCommerce
Order Delivery Date for WooCommerce
Researcher
CVE-ID
CVE-2024-32432
CVE-2024-32432
Patch Status
Unpatched
Unpatched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Ovic Addon Toolkit
Ovic Addon Toolkit
Researcher
CVE-ID
CVE-2024-31933
CVE-2024-31933
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Live Composer – Free WordPress Website Builder
Live Composer – Free WordPress Website Builder
Researcher
CVE-ID
CVE-2024-32148
CVE-2024-32148
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Account Engagement
Account Engagement
Researcher
CVE-ID
CVE-2024-32143
CVE-2024-32143
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Podlove Podcast Publisher
Podlove Podcast Publisher
Researcher
CVE-ID
CVE-2024-31383
CVE-2024-31383
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
PopularFX
PopularFX
Researcher
CVE-ID
CVE-2024-3477
CVE-2024-3477
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Popup Box: Create Popups Easily
Popup Box: Create Popups Easily
Researcher
CVE-ID
CVE-2024-31421
CVE-2024-31421
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Popup by Supsystic
Popup by Supsystic
Researcher
CVE-ID
CVE-2024-31366
CVE-2024-31366
Patch Status
Unpatched
Unpatched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Post Type Builder
Post Type Builder
Researcher
CVE-ID
CVE-2024-31431
CVE-2024-31431
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Product Input Fields for WooCommerce
Product Input Fields for WooCommerce
Researcher
CVE-ID
CVE-2024-31362
CVE-2024-31362
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
ProfileGrid – User Profiles, Groups and Communities
Researcher
CVE-ID
CVE-2024-31385
CVE-2024-31385
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
ReDi Restaurant Reservation
ReDi Restaurant Reservation
Researcher
CVE-ID
CVE-2024-1415
CVE-2024-1415
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Responsive Contact Form Builder & Lead Generation Plugin
Responsive Contact Form Builder & Lead Generation Plugin
Researcher
CVE-ID
CVE-2024-1416
CVE-2024-1416
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Responsive Contact Form Builder & Lead Generation Plugin
Responsive Contact Form Builder & Lead Generation Plugin
Researcher
RestroPress <= 3.1.2 - Cross-Site Request Forgery via rpress_orders_list_table_process_bulk_actions
4.3
CVE-ID
CVE-2024-32449
CVE-2024-32449
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
RestroPress – Online Food Ordering System
RestroPress – Online Food Ordering System
Researcher
CVE-ID
CVE-2024-32091
CVE-2024-32091
Patch Status
Unpatched
Unpatched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Responsive Slider – Sangar Slider
Responsive Slider – Sangar Slider
Researcher
CVE-ID
CVE-2024-31429
CVE-2024-31429
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Sarada Lite
Sarada Lite
Researcher
CVE-ID
CVE-2024-32438
CVE-2024-32438
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
SEO Booster
SEO Booster
Researcher
CVE-ID
CVE-2024-3476
CVE-2024-3476
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Side Menu Lite – add sticky fixed buttons
Side Menu Lite – add sticky fixed buttons
Researcher
CVE-ID
CVE-2024-31935
CVE-2024-31935
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Simple Post Notes
Simple Post Notes
Researcher
CVE-ID
CVE-2024-32103
CVE-2024-32103
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Siteimprove
Siteimprove
Researcher
CVE-ID
CVE-2024-31379
CVE-2024-31379
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress
Researcher
CVE-ID
CVE-2024-31369
CVE-2024-31369
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Soledad
Soledad
Researcher
CVE-ID
CVE-2024-31367
CVE-2024-31367
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
Affected Software
Soledad
Soledad
Researcher
CVE-ID
CVE-2024-31384
CVE-2024-31384
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Spa and Salon
Spa and Salon
Researcher
CVE-ID
CVE-2024-31381
CVE-2024-31381
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Spotlight Social Feeds – Block, Shortcode, and Widget
Spotlight Social Feeds – Block, Shortcode, and Widget
Researcher
CVE-ID
CVE-2024-3475
CVE-2024-3475
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Sticky Buttons – floating buttons builder
Sticky Buttons – floating buttons builder
Researcher
CVE-ID
CVE-2024-32082
CVE-2024-32082
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Sync Post With Other Site
Sync Post With Other Site
Researcher
CVE-ID
CVE-2024-31388
CVE-2024-31388
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Researcher
CVE-ID
CVE-2024-31428
CVE-2024-31428
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
The Conference
The Conference
Researcher
CVE-ID
CVE-2024-31433
CVE-2024-31433
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
The Events Calendar
The Events Calendar
Researcher
CVE-ID
CVE-2024-31921
CVE-2024-31921
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
Ultimate Product Catalog
Ultimate Product Catalog
Researcher
CVE-ID
CVE-2024-31936
CVE-2024-31936
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
CVE-ID
CVE-2024-32446
CVE-2024-32446
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
CVE-ID
CVE-2024-32445
CVE-2024-32445
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
CVE-ID
CVE-2024-31944
CVE-2024-31944
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WooCommerce UPS Shipping – Live Rates and Access Points
WooCommerce UPS Shipping – Live Rates and Access Points
Researcher
CVE-ID
CVE-2024-31922
CVE-2024-31922
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
WordPress Hosting Benchmark tool
WordPress Hosting Benchmark tool
Researcher
CVE-ID
CVE-2024-3474
CVE-2024-3474
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Wow Skype Buttons
Wow Skype Buttons
Researcher
CVE-ID
CVE-2024-31423
CVE-2024-31423
Patch Status
Patched
Patched
Published
Apr 10, 2024
Apr 10, 2024
Affected Software
WP Accessibility Helper (WAH)
WP Accessibility Helper (WAH)
Researcher
CVE-ID
CVE-2024-32439
CVE-2024-32439
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
WP Client Reports
WP Client Reports
Researcher
CVE-ID
CVE-2024-32106
CVE-2024-32106
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WP Compress – Instant Performance & Speed Optimization
WP Compress – Instant Performance & Speed Optimization
Researcher
CVE-ID
CVE-2024-32452
CVE-2024-32452
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Shopping Cart & eCommerce Store
Shopping Cart & eCommerce Store
Researcher
CVE-ID
CVE-2024-31371
CVE-2024-31371
Patch Status
Patched
Patched
Published
Apr 9, 2024
Apr 9, 2024
CVE-ID
CVE-2024-32099
CVE-2024-32099
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Mail logging – WP Mail Catcher
Mail logging – WP Mail Catcher
Researcher
CVE-ID
CVE-2024-32109
CVE-2024-32109
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
Matterport Shortcode
Matterport Shortcode
Researcher
CVE-ID
CVE-2024-32096
CVE-2024-32096
Patch Status
Patched
Patched
Published
Apr 11, 2024
Apr 11, 2024
Affected Software
WP Synchro – WordPress Migration Plugin for Database & Files
WP Synchro – WordPress Migration Plugin for Database & Files
Researcher
CVE-ID
CVE-2024-31375
CVE-2024-31375
Patch Status
Patched
Patched
Published
Apr 8, 2024
Apr 8, 2024
Affected Software
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden
Researcher
CVE-ID
CVE-2024-32450
CVE-2024-32450
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly
Researcher
CVE-ID
CVE-2024-3662
CVE-2024-3662
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
WPZOOM Social Feed Widget & Block
WPZOOM Social Feed Widget & Block
Researcher
CVE-ID
CVE-2024-32442
CVE-2024-32442
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Zoho Campaigns
Zoho Campaigns
Researcher
CVE-ID
CVE-2024-32441
CVE-2024-32441
Patch Status
Patched
Patched
Published
Apr 12, 2024
Apr 12, 2024
Affected Software
Zoho Campaigns
Zoho Campaigns
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments