Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024)


🎉 Did you know we’re running a Bug Bounty Extravaganza again?

Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!


Last week, there were 309 vulnerabilities disclosed in 234 WordPress Plugins and 23 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 65 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Patched 256
Unpatched 53


Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Low Severity 4
Medium Severity 251
High Severity 32
Critical Severity 22


Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 98
Missing Authorization 82
Cross-Site Request Forgery (CSRF) 34
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 13
Exposure of Sensitive Information to an Unauthorized Actor 12
Server-Side Request Forgery (SSRF) 12
Authorization Bypass Through User-Controlled Key 6
Deserialization of Untrusted Data 6
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 6
Insertion of Sensitive Information into Log File 6
Unrestricted Upload of File with Dangerous Type 5
Improper Privilege Management 4
Use of Less Trusted Source 4
External Control of Assumed-Immutable Web Parameter 3
Improper Control of Generation of Code ('Code Injection') 2
Improper Input Validation 2
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') 2
Authentication Bypass Using an Alternate Path or Channel 1
Guessable CAPTCHA 1
Improper Access Control 1
Improper Authorization 1
Improper Neutralization of Alternate XSS Syntax 1
URL Redirection to Untrusted Site ('Open Redirect') 1


Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
30
23
18
17
17
14
13
13
13
10
10
8
7
7
7
7
6
6
6
5
4
4
4
4
4
3
3
2
2
2
2
2
2
2
2
2
2
1
1
1
1
1
ST
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
Academy LMS – WordPress LMS Plugin for Complete eLearning Solution academy
Accessibility Widget accessibility-widget
ActiveDEMAND activedemand
Admin and Customer Messages After Order for WooCommerce: OrderConvo admin-and-client-message-after-order-for-woocommerce
Admin Bar Editor – Hide Toolbar by User Roles admin-bar
Advanced Floating Content Lite advanced-floating-content-lite
Advanced Local Pickup for WooCommerce advanced-local-pickup-for-woocommerce
Advanced Most Recent Posts Mod advanced-most-recent-posts-mod
Advanced Post List advanced-post-list
Advanced Testimonial Carousel for Elementor advanced-testimonial-carousel-for-elementor
AGCA – Custom Dashboard & Login Page ag-custom-admin
All-in-one Like Widget all-in-one-facebook-like-widget
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) wp-analytify
Annual Archive anual-archive
Appointment Hour Booking – WordPress Booking Plugin appointment-hour-booking
AppPresser – Mobile App Framework apppresser
Arconix FAQ arconix-faq
Arconix Shortcodes arconix-shortcodes
ARforms arforms
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup armember-membership
Assistant – Every Day Productivity Apps assistant
Auto Featured Image (Auto Post Thumbnail) auto-post-thumbnail
BackUpWordPress backupwordpress
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
Base64 Encoder/Decoder base64-encoderdecoder
Better Elementor Addons better-elementor-addons
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss bp-better-messages
Blog2Social: Social Media Auto Post & Scheduler blog2social
Booking Ultra Pro Appointments Booking Calendar Plugin booking-ultra-pro
Brevo for WooCommerce woocommerce-sendinblue-newsletter-subscription
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg 5-stars-rating-funnel
Car Dealer (Dealership) and Vehicle sales cardealer
CF7 File Download – File Download for CF7 cf7-file-download
ChatBot Conversational Forms conversational-forms
Classified Listing – Classified ads & Business Directory Plugin classified-listing
ClickCease Click Fraud Protection clickcease-click-fraud-protection
Client Dash client-dash
CM Tooltip Glossary enhanced-tooltipglossary
Colibri Page Builder colibri-page-builder
Collapse-O-Matic jquery-collapse-o-matic
Comments – wpDiscuz wpdiscuz
Contact Form 7 Database Addon – CFDB7 contact-form-cfdb7
Contact Form 7 Extension For Mailchimp contact-form-7-mailchimp-extension
Contact Form, Survey, Quiz & Popup Form Builder – ARForms arforms-form-builder
Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Blocks, and Elementor Widgets) content-views-query-and-display-post-page
Cookie Information | Free GDPR Consent Solution wp-gdpr-compliance
CookieHub – Cookie Consent Banner (DSGVO, CCPA, RGPD and GDPR compliance) cookiehub
Cornerstone cornerstone
Coupon & Discount Code Reveal Button coupon-reveal-button
Crelly Slider crelly-slider
Culqi culqi-checkout
Custom field finder custom-field-finder
Customify Site Library customify-sites
Data Tables Generator by Supsystic data-tables-generator-by-supsystic
Database for Contact Form 7, WPforms, Elementor forms contact-form-entries
Easy Accept Payments via PayPal wordpress-easy-paypal-payment-or-donation-accept-plugin
Easy Property Listings easy-property-listings
Easy Set Favicon easy-set-favicon
Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin bdthemes-element-pack
ElementsKit Elementor addons elementskit-lite
ElementsKit Pro elementskit
EleSpare: Elementor Newspaper, Magazine and Blog Addons – 35+ Post Grid, Slider, Carousel, List & Tile, 350+ Templates, Drag & Drop Header/Footer and Page Builder, 1-Click Import – No Coding Hassle! elespare
Email Customizer for WooCommerce | Drag and Drop Email Templates Builder email-customizer-for-woocommerce
Embed Google Photos album embed-google-photos-album-easily
ENL Newsletter enl-newsletter
EPROLO Dropshipping eprolo-dropshipping
Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders essential-addons-for-elementor-lite
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media evergreen-content-poster
Exclusive Addons for Elementor exclusive-addons-for-elementor
Export and Import Users and Customers users-customers-import-export-for-wp-woocommerce
FameTheme Demo Importer famethemes-demo-importer
Fan Page Widget by ThemeNcode facebook-fan-page-widget
Fancy Product Designer fancy-product-designer
FG Joomla to WordPress fg-joomla-to-wordpress
FileOrganizer – Manage WordPress and Website Files fileorganizer
Filterable Portfolio jungbillig-portfolio-gallery
Five Star Restaurant Reservations – WordPress Booking Plugin restaurant-reservations
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder form-maker
FOX – Currency Switcher Professional for WooCommerce woocommerce-currency-switcher
Frontend Dashboard frontend-dashboard
FV Flowplayer Video Player fv-wordpress-flowplayer
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory geodirectory
Getwid – Gutenberg Blocks getwid
Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers rafflepress
GiveWP – Donation Plugin and Fundraising Platform give
Happy Addons for Elementor happy-elementor-addons
Header Footer Code Manager Pro 99robots-header-footer-code-manager-pro
Headline Analyzer headline-analyzer
Hide Dashboard Notifications wp-hide-backed-notices
HL Twitter hl-twitter
HT Mega – Absolute Addons For Elementor ht-mega-for-elementor
Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN hummingbird-performance
Image Optimizer, Resizer and CDN – Sirv sirv
Image Slider image-slider-widget
Import and export users and customers import-users-from-csv-with-meta
InstaWP Connect – 1-click WP Staging & Migration instawp-connect
Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site integrate-google-drive
Interactive World Maps interactive-world-maps
Jeg Elementor Kit jeg-elementor-kit
KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin kb-support
Knowledge Base documentation & wiki plugin – BasePress Docs basepress
Leaky Paywall leaky-paywall
List Custom Taxonomy Widget list-custom-taxonomy-widget
Live Composer – Free WordPress Website Builder live-composer-page-builder
Login with phone number login-with-phone-number
Maintenance Mode hkdev-maintenance-mode
MainWP Child Reports mainwp-child-reports
Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations master-addons
Max Addons Pro for Bricks max-addons-pro-bricks
MDTF – Meta Data and Taxonomies Filter wp-meta-data-filter-and-taxonomy-filter
Meks Smart Social Widget meks-smart-social-widget
Meks ThemeForest Smart Widget meks-themeforest-smart-widget
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor metform
MF Gig Calendar mf-gig-calendar
month name translation benaceur month-name-translation-benaceur
myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification mycred
Newsletter Popup newsletter-popup
Newsletters newsletters-lite
Nexter Blocks – WordPress Gutenberg Blocks & 1000+ Starter Templates the-plus-addons-for-block-editor
Opal Widgets For Elementor opal-widgets-for-elementor
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction paid-member-subscriptions
Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions paid-memberships-pro
Payment Gateway Based Fees and Discounts for WooCommerce checkout-fees-for-woocommerce
PDF Invoices & Packing Slips for WooCommerce woocommerce-pdf-invoices-packing-slips
Photo Gallery by 10Web – Mobile-Friendly Image Gallery photo-gallery
Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery gt3-photo-video-gallery
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery nextgen-gallery
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons contest-gallery
Piotnet Addons For Elementor piotnet-addons-for-elementor
Piotnet Addons For Elementor Pro piotnet-addons-for-elementor-pro
Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress
Poll | Vote | Contest – Best Poll Plugin for WordPress totalpoll-lite
Popup Box – Create Countdown, Coupon, Video, Contact Form Popups ays-popup-box
Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation optinmonster
Popup4Phone popup4phone
PopupAlly popupally
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) buddyforms
Post Grid and Gutenberg Blocks – ComboBlocks post-grid
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX ultimate-post
PPOM – Product Addons & Custom Fields for WooCommerce woocommerce-product-addon
Premium Addons for Elementor premium-addons-for-elementor
Pretty Google Calendar pretty-google-calendar
Pricing Table by Supsystic pricing-table-by-supsystic
Print Anywhere & Create PDFs of Order Receipts, Invoices, Labels & More. print-google-cloud-print-gcp-woocommerce
Print Invoice & Delivery Notes for WooCommerce woocommerce-delivery-notes
ProfileGrid – User Profiles, Groups and Communities profilegrid-user-profiles-groups-and-communities
PropertyHive propertyhive
Qi Addons For Elementor qi-addons-for-elementor
Quick Featured Images quick-featured-images
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress radio-player
Radio Station by netmix® – Manage and play your Show Schedule in WordPress! radio-station
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings seo-by-rank-math
Rate My Post – Star Rating Plugin by FeedbackWP rate-my-post
Recencio Book Reviews recencio-book-reviews
Reviews Plus reviews-plus
RomethemeForm For Elementor romethemeform
RomethemeKit For Elementor rometheme-for-elementor
Royal Elementor Addons and Templates royal-elementor-addons
rtMedia for WordPress, BuddyPress and bbPress buddypress-media
Salon Booking System salon-booking-system
Save as PDF Plugin by Pdfcrowd save-as-pdf-by-pdfcrowd
SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher wp-scheduled-posts
Schema & Structured Data for WP & AMP schema-and-structured-data-for-wp
Secure Copy Content Protection and Content Locking secure-copy-content-protection
Seers | GDPR & CCPA Cookie Consent & Compliance seers-cookie-consent-banner-privacy-policy
Send PDF for Contact Form 7 send-pdf-for-contact-form-7
Serious Slider cryout-serious-slider
SharkDropship and Affiliate for AliExpress, Temu, eBay, Amazon and Etsy to woocommerce woo-aliexpress-dropshipping
ShortPixel Critical CSS shortpixel-critical-css
Simple Membership simple-membership
Simply Static – The WordPress Static Site Generator simply-static
Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) sina-extension-for-elementor
Slash Admin slash-admin
Smart Forms – when you need more than just a contact form smart-forms
Smart Maintenance Mode smart-maintenance-mode
Smart Recent Posts Widget smart-recent-posts-widget
Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap socialsnap
Social Sharing Plugin – Social Warfare social-warfare
Solid Affiliate solid-affiliate
Solid Mail – SMTP email and logging made by SolidWP wp-smtp
SP Project & Document Manager sp-client-document-manager
Spectra – WordPress Gutenberg Blocks ultimate-addons-for-gutenberg
SSU – WordPress Amazon S3 & Wasabi Smart File Uploads Plugin wp-s3-smart-upload
Sticky Anything toast-stick-anything
StreamWeasels Twitch Integration streamweasels-twitch-integration
Survey Maker survey-maker
Table Rate Shipping Method for WooCommerce by Flexible Shipping flexible-shipping
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) the-pack-addon
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce the-plus-addons-for-elementor-page-builder
Timetable and Event Schedule by MotoPress mp-timetable
Tutor LMS – eLearning and online course solution tutor
Ultimate 410 Gone Status Code ultimate-410
Ultimate Blocks – WordPress Blocks Plugin ultimate-blocks
User Meta – User Profile Builder and User management plugin user-meta
USPS Shipping for WooCommerce – Live Rates flexible-shipping-usps
Video Conferencing with Zoom video-conferencing-with-zoom-api
VikRentCar Car Rental Management System vikrentcar
Vision – Interactive Image Map Builder vision
Vitepos – Point of sale (POS) plugin for WooCommerce vitepos-lite
VK Block Patterns vk-block-patterns
VOD Infomaniak vod-infomaniak
Wallet for WooCommerce woo-wallet
WebToffee WP Backup and Migration wp-migration-duplicator
Widget Post Slider widget-post-slider
WooCommerce Amazon Affiliates - Wordpress Plugin woozone
WooCommerce Shipping Label shipping-labels-for-woo
WordPress Ad Widget ad-widget
WP ADA Compliance Check Basic – Most Comprehensive Web Accessibility Solution for WordPress wp-ada-compliance-check-basic
WP Club Manager – WordPress Sports Club Plugin wp-club-manager
WP Datepicker wp-datepicker
WP Fusion Lite – Marketing Automation and CRM Integration for WordPress wp-fusion-lite
WP GoToWebinar wp-gotowebinar
WP LinkedIn Auto Publish wp-linkedin-auto-publish
WP Masquerade wp-masquerade
WP Media Category Management wp-media-category-management
WP Migrate Pro wp-migrate-db-pro
WP Page Post Widget Clone wp-page-post-widget-clone
WP Prayer wp-prayer
WP Shortcodes Plugin — Shortcodes Ultimate shortcodes-ultimate
WP STAGING Pro WordPress Backup Plugin wp-staging-pro
WP STAGING WordPress Backup Plugin – Migration Backup Restore wp-staging
WP Time Slots Booking Form wp-time-slots-booking-form
WP Travel Engine – Tour Booking Plugin – Tour Operator Software wp-travel-engine
WP ULike – All-in-One Engagement Toolkit wp-ulike
WP-Lister Lite for eBay wp-lister-for-ebay
WP-Members Membership Plugin wp-members
WP-Recall – Registration, Profile, Commerce & More wp-recall
WPC Composite Products for WooCommerce wpc-composite-products
WPCal.io – Easy Meeting Scheduler wpcal
WPPizza – A Restaurant Plugin wppizza
WPZOOM Addons for Elementor (Templates, Widgets) wpzoom-elementor-addons
XforWooCommerce xforwoocommerce
XStore Core et-core-plugin
YITH WooCommerce Compare yith-woocommerce-compare


WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Accountra accountra
Althea WP althea-wp
Blocksy blocksy
Brite brite
Calliope calliope
Colibri WP colibri-wp
ColorNews colornews
Elevate WP elevate-wp
Financio financio
Hugo WP hugo-wp
Intrace intrace
Pathway pathway
Photology photology
Royal Elementor Kit royal-elementor-kit
Startupzy startupzy
Teluro teluro
Travey travey
uDesign - Responsive WordPress Theme u-design
Vertice vertice
Virtue virtue
WP Portfolio wp-portfolio
XStore xstore
Zeever zeever


Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32809
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ActiveDEMAND
Researcher
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33644
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Customify Site Library
Researcher
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33544
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32709
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33559
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33551
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33568
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-3342
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33546
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32710
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33556
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33566
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32959
Patch Status
Patched
Published
Apr 23, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-30225
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WP Migrate Pro
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33560
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33553
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33552
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-3060
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
ENL Newsletter
Researcher
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32954
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Newsletters
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32706
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33541
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Better Elementor Addons
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32960
Patch Status
Patched
Published
Apr 23, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33641
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Custom field finder
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3499
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ElementsKit Elementor addons
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3500
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
ElementsKit Pro
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33549
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3895
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
WP Datepicker
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33550
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WP Masquerade
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33628
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XforWooCommerce
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33564
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33557
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-32703
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-32729
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ChatBot Conversational Forms
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3715
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32835
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32817
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3641
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Newsletter Popup
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3047
Patch Status
Patched
Published
Apr 24, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3045
Patch Status
Patched
Published
Apr 24, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33634
Patch Status
Unpatched
Published
Apr 25, 2024
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3231
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Popup4Phone
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33592
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32807
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Brevo for WooCommerce
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33646
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Sticky Anything
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2023-34423
Patch Status
Patched
Published
Apr 27, 2024
Affected Software
Survey Maker
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-1789
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32836
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP-Lister Lite for eBay
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32725
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32814
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3553
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-33558
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32831
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Accessibility Widget
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33643
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33629
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32961
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Blocksy
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3747
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Blocksy
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3337
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Colibri Page Builder
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-7030
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Collapse-O-Matic
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33540
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
ColorNews
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32819
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Culqi
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32775
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Embed Google Photos album
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2750
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3985
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3489
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32955
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
FV Flowplayer Video Player
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3588
Patch Status
Patched
Published
Apr 26, 2024
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3890
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3819
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Jeg Elementor Kit
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33649
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Opal Widgets For Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33630
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33631
Patch Status
Unpatched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32791
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Premium Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3885
Patch Status
Patched
Published
Apr 23, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3647
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Premium Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33640
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Pretty Google Calendar
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-30241
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3309
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Qi Addons For Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-29811
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33648
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32956
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
RomethemeKit For Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2798
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33684
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Save as PDF Plugin by Pdfcrowd
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3677
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Ultimate 410 Gone Status Code
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4034
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Virtue
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33537
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP Portfolio
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1572
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1759
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2838
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2477
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33539
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-33555
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32702
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3823
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3822
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-28002
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Cornerstone
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33645
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Easy Set Favicon
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-0905
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Fancy Product Designer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3473
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Header Footer Code Manager Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3681
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Interactive World Maps
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32952
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Max Addons Pro for Bricks
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33633
Patch Status
Unpatched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32789
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32958
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Slash Admin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4077
Patch Status
Unpatched
Published
Apr 23, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33584
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Video Conferencing with Zoom
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33571
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
VOD Infomaniak
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33548
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32950
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP Media Category Management
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33562
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33554
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-33627
Patch Status
Patched
Published
Apr 24, 2024
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32714
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33542
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Crelly Slider
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32793
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3730
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Simple Membership
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32783
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32720
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32776
Patch Status
Patched
Published
Apr 22, 2024
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33538
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32777
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3678
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32802
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33652
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Client Dash
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3870
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32784
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33591
Patch Status
Patched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32799
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Easy Property Listings
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32788
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
FG Joomla to WordPress
Researcher(s): Unknown
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32726
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Frontend Dashboard
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33594
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Leaky Paywall
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32832
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Login with phone number
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32708
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Maintenance Mode
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32951
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Max Addons Pro for Bricks
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32953
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Newsletters
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33586
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33635
Patch Status
Unpatched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32774
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32823
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32727
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
RomethemeForm For Elementor
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32786
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33587
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3585
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Send PDF for Contact Form 7
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32825
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32805
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33637
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Solid Affiliate
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33597
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32716
Patch Status
Patched
Published
Apr 22, 2024
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2023-35764
Patch Status
Patched
Published
Apr 27, 2024
Affected Software
Survey Maker
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33575
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32811
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32780
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32779
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32826
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
VK Block Patterns
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33545
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32719
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33543
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP Time Slots Booking Form
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32798
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2920
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP-Members Membership Plugin
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33561
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32723
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Advanced Floating Content Lite
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33642
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Advanced Post List
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32815
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
All-in-one Like Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33598
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Annual Archive
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33697
Patch Status
Unpatched
Published
Apr 26, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3338
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Colibri Page Builder
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32722
Patch Status
Patched
Published
Apr 22, 2024
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33695
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Fan Page Widget by ThemeNcode
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2324
Patch Status
Patched
Published
Apr 23, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4234
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Filterable Portfolio
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3630
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32707
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Image Slider
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32833
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
List Custom Taxonomy Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33693
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Meks Smart Social Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33694
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Meks ThemeForest Smart Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3634
Patch Status
Patched
Published
Apr 24, 2024
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3644
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Newsletter Popup
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2744
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3580
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Popup4Phone
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33639
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
PopupAlly
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33692
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Smart Recent Posts Widget
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32801
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Widget Post Slider
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33696
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
WordPress Ad Widget
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1716
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32704
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32705
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3824
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33678
Patch Status
Patched
Published
Apr 26, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4086
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
CM Tooltip Glossary
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33686
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33677
Patch Status
Unpatched
Published
Apr 26, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32829
Patch Status
Patched
Published
Apr 22, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33573
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
EPROLO Dropshipping
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32824
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33679
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33690
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Financio
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33596
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32828
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32806
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Headline Analyzer
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33683
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Hide Dashboard Notifications
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3629
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3631
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32782
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32701
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33589
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33588
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33680
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33651
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
MF Gig Calendar
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33685
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3643
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Newsletter Popup
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3642
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Newsletter Popup
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32957
Patch Status
Patched
Published
Apr 23, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33632
Patch Status
Unpatched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32812
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Podlove Podcast Publisher
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32712
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Podlove Podcast Publisher
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3607
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
PropertyHive
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3664
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Quick Featured Images
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32822
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Reviews Plus
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32773
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Kit
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-2429
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Salon Booking System
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32787
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33650
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Serious Slider
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32810
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ShortPixel Critical CSS
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33593
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33638
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Smart Maintenance Mode
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3748
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
SP Project & Document Manager
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3749
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
SP Project & Document Manager
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3107
Patch Status
Patched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33572
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32821
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33574
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3546
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32818
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33682
Patch Status
Unpatched
Published
Apr 26, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32804
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP GoToWebinar
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32797
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP LinkedIn Auto Publish
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33636
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WP Page Post Widget Clone
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3407
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3406
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3405
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32795
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33576
Patch Status
Patched
Published
Apr 25, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33547
Patch Status
Unpatched
Published
Apr 25, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33563
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32699
Patch Status
Patched
Published
Apr 22, 2024
CVSS Rating
Low (3.3)
CVE-ID
CVE-2024-32834
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WooCommerce Shipping Label
Researcher
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-3034
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
BackUpWordPress
Researcher
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-4214
Patch Status
Patched
Published
Apr 25, 2024
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-32790
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Pricing Table by Supsystic
Researcher


As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

Did you enjoy this post? Share it!

Comments

No Comments