Wordfence Intelligence Weekly WordPress Vulnerability Report (October 14, 2024 to October 20, 2024)


🦸 👻 Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024:

  • All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
  • Top-tier researchers earn automatic bonuses of between 10% to 120% for valid submissions
  • Pending report limits are increased for all
  • It’s possible to earn up to $31,200 for high impact vulnerabilities!

Last week, there were 234 vulnerabilities disclosed in 215 WordPress Plugins and 4 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 56 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 19,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.


New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our PremiumCare, and Response customers last week:

  • WAF-RULE-756 – Data redacted while we work with the vendor on a patch.

Wordfence PremiumCare, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Patched 114
Unpatched 120


Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Medium Severity 162
High Severity 40
Critical Severity 32


Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 111
Cross-Site Request Forgery (CSRF) 32
Unrestricted Upload of File with Dangerous Type 17
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 15
Missing Authorization 12
Deserialization of Untrusted Data 10
Exposure of Sensitive Information to an Unauthorized Actor 7
Improper Control of Generation of Code ('Code Injection') 5
Authentication Bypass Using an Alternate Path or Channel 4
Authorization Bypass Through User-Controlled Key 4
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 4
Incorrect Privilege Assignment 4
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 3
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) 1
Improper Check or Handling of Exceptional Conditions 1
Improper Privilege Management 1
Reliance on Cookies without Validation and Integrity Checking in a Security Decision 1
Server-Side Request Forgery (SSRF) 1
Weak Password Recovery Mechanism for Forgotten Password 1


Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
26
22
18
16
13
12
8
6
6
6
6
5
4
4
4
4
4
4
4
4
4
3
3
Gab
3
2
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
UKO
1
1
1
FX
1
1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
AADMY – Add Auto Date Month Year Into Posts auto-date-year-month
AB Categories Search Widget ab-categories-search-widget
Accordion Slider accordion-slider
Ad Inserter – Ad Manager & AdSense Ads ad-inserter
Add Categories Post Footer add-categories-post-footer
Add Widget After Content add-widget-after-content
Adding drop down roles in registration user-drop-down-roles-in-registration
ADIF Log Search Widget adif-log-search-widget
Admin Management Xtended admin-management-xtended
Advanced Advertising System advanced-advertising-system
Advanced Category and Custom Taxonomy Image advanced-category-and-custom-taxonomy-image
Advanced Custom Fields advanced-custom-fields
Advanced Custom Fields (ACF) advanced-custom-fields
Advanced Custom Fields Pro advanced-custom-fields-pro
Affiliator affiliator-lite
Ahime Image Printer ahime-image-printer
Ahmeti Wp Timeline ahmeti-wp-timeline
Ajax Custom CSS/JS ajax-awesome-css
Ajax Rating with Custom Login ajax-rating-with-custom-login
ajax-extend ajax-extend
Akismet htaccess writer akismet-htaccess-writer
All in One Slider all-in-one-slider
Analyse Uploads analyse-uploads
Animator – Scroll Triggered Animations scroll-triggered-animations
Apa Banner Slider apa-banner-slider
APA Register Newsletter Form apa-register-newsletter-form
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin simply-schedule-appointments
AppPresser – Mobile App Framework apppresser
Arconix Shortcodes arconix-shortcodes
Arkhe Blocks arkhe-blocks
Author Discussion author-discussion
Awesome Contact Form7 for Elementor awesome-contact-form7-for-elementor
Azz Anonim Posting azz-anonim-posting
Back Link Tracker back-link-tracker
Better Author Bio better-author-bio
Booking.com Banner Creator bookingcom-banner-creator
Branding branding
BuddyPress Better Registration better-bp-registration
Bulk images optimizer: Resize, optimize, convert to webp, rename … bulk-image-resizer
bVerse Convert bverse-convert
Calculated Fields Form calculated-fields-form
CJ Change Howdy cj-change-howdy
Click to Chat – WP Support All-in-One Floating Widget support-chat
Clio Grow Form clio-grow-form
Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors publishpress-authors
Community by PeepSo – Download from PeepSo.com peepso-core
Community Lite Video Chat avchat-3
Contact Form by Supsystic contact-form-by-supsystic
Contact Forms, Live Support, CRM, Video Messages live-support-tickets
Cooked Pro cooked-pro
Cookie Scanner – automated cookie list cookie-scanner
Country Flags for Elementor country-flags-for-elementor
Crazy Call To Action Box crazy-call-to-action-box
cSlider cslider
CSV Product Import Export for WooCommerce csv-wc-product-import-export
CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x woo-multi-currency
Custom Add to Cart Button Label and Link woo-custom-cart-button
Customer Email Verification for WooCommerce emails-verification-for-woocommerce
Da Reactions da-reactions
Debrandify · Remove or Replace WordPress Branding debrandify
Digital Lottery digital-lottery
Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons woo-discount-rules
DPD Baltic Shipping woo-shipping-dpd-baltic
Duplicate Title Validator duplicate-title-validate
Dynamic Elementor Addons dynamic-elementor-addons
Easy Addons for Elementor easy-addons-for-elementor
Easy Menu Manager | WPZest easy-menu-manager-wpzest
Edit WooCommerce Templates woo-edit-templates
Edwiser Bridge – WordPress Moodle LMS Integration edwiser-bridge
El mejor Cluster mejorcluster
Elemenda elemenda
ElementInvader Addons for Elementor elementinvader-addons-for-elementor
Elementor Website Builder – More Than Just a Page Builder elementor
ElementsReady Addons for Elementor element-ready-lite
Email Template Customizer for WooCommerce email-template-customizer-for-woo
Encyclopedia / Glossary / Wiki encyclopedia-lexicon-glossary-wiki-dictionary
Endless Posts Navigation endless-posts-navigation
EventON Pro eventon
Events Addon for Elementor events-addon-for-elementor
Exclusive Addons for Elementor exclusive-addons-for-elementor
Feed Comments Number feed-comments-number
FERMA.ru.net ferma-ru-net-checkout
File Manager Pro wp-file-manager-pro
Flat UI Button flat-ui-button
Flexmls® IDX Plugin flexmls-idx
Fonto – Custom Web Fonts Manager fonto
Forminator Forms – Contact Form, Payment Form & Custom Form Builder forminator
FREE DOWNLOAD MANAGER free-download-manager
Free Stock Photos Foter free-stock-photos-foter
G Meta Keywords g-meta-keywords
Gantry 4 Framework gantry
GERRYWORKS Post by Mail gerryworks-post-by-mail
GetResponse Forms by Optin Cat getresponse
Giveaway Boost giveaway-boost
GiveWP – Donation Plugin and Fundraising Platform give
Google Map Locations google-map-locations
GoogleDrive folder list googledrive-folder-list
Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file htaccess-file-editor
Hyperlink Group Block hyperlink-group-block
IdeaPush ideapush
Infinite-Scroll infinite-scroll
Jetpack – WP Security, Backup, Speed, & Growth jetpack
JiangQie Free Mini Program jiangqie-free-mini-program
jLayer Parallax Slider jlayer-parallax-slider-wp
Job Board Manager for WordPress jemployee
Kama SpamBlock kama-spamblock
Leyka leyka
Lightbox slider – Responsive Lightbox Gallery simple-lightbox-gallery
Limb Gallery | Create Beautiful Image & Video Galleries limb-gallery
Linked Variation for WooCommerce linked-variation-for-woocommerce
Locatoraid Store Locator locatoraid
Maan Addons For Elementor maan-elementor-addons
MAS Companies For WP Job Manager mas-wp-job-manager-company
MAS Elementor mas-addons-for-elementor
Mighty Builder – Drag & Drop WordPress Page Builder mighty-builder
Miniorange OTP Verification with Firebase miniorange-firebase-sms-otp-verification
Mitm Bug Tracker mitm-bug-tracker
Most And Least Read Posts Widget most-and-least-read-posts-widget
Movie Database movie-database
Multiline files upload for contact form 7 multiline-files-for-contact-form-7
My Favorites my-favorites
My Reading Library my-reading-library
MyTweetLinks mytweetlinks
Nextend Social Login Pro nextend-social-login-pro
Nice Backgrounds nicebackgrounds
Omnipress omnipress
Parallax Image parallax-image
Parcel Pro woo-parcel-pro
PeproDev Ultimate Invoice pepro-ultimate-invoice
Photo Gallery Builder photo-gallery-builder
Photo Gallery Slideshow & Masonry Tiled Gallery wp-responsive-photo-gallery
photokit photokit
Pinpoint Booking System – #1 WordPress Booking Plugin booking-system
Plexx Elementor Extension plexx-elementor-extension
Plugin Name: Sovratec Case Management sovratec-case-management
Pods – Custom Content Types and Fields pods
Point Maker point-maker
Post From Frontend post-from-frontend
Primary Addon for Elementor primary-addon-for-elementor
Product Customizer Light product-customizer-light
Product Website Showcase product-websites-showcase
ProfileGrid – User Profiles, Groups and Communities profilegrid-user-profiles-groups-and-communities
Property Lot Management System plms
Rate Own Post rate-own-post
Recently – Viewed, Most Viewed and Sold Products for WooCommerce recently-viewed-most-viewed-and-sold-products-for-woocommerce
ReDi Restaurant Reservation redi-restaurant-reservation
Registrations for the Events Calendar – Event Registration Plugin registrations-for-the-events-calendar
Responsive Lightbox & Gallery responsive-lightbox
Responsive Pricing Table Builder – wpPricing Builder wppricing-builder-lite-responsive-pricing-table-builder
Royal Elementor Addons and Templates royal-elementor-addons
RS-Members rs-members
RSS Feed Widget rss-feed-widget
Safe SVG safe-svg
SafetyForms – Create forms with Real-time Email Validation safetymails-forms
SendGrid for WordPress wp-sendgrid-mailer
SendPulse Free Web Push sendpulse-web-push
SEO Manager seo-manager
SermonAudio Widgets sermonaudio-widgets
Shipyaari Shipping Management shipyaari-shipping-managment
Simple Code Insert Shortcode simple-code-insert-shortcode
Simple Custom Post Order simple-custom-post-order
Simple Testimonials Showcase simple-testimonials-showcase
Simple User Registration wp-registration
Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) sina-extension-for-elementor
SiteBuilder Dynamic Components sitebuilder-dynamic-components
SlimStat Analytics wp-slimstat
Smart Blocks smart-blocks
Smart Online Order for Clover clover-online-orders
Social Auto Poster social-auto-poster
Social Link Groups social-link-groups
Social Share With Floating Bar social-share-with-floating-bar
StreamWeasels Twitch Integration streamweasels-twitch-integration
Suki Sites Import suki-sites-import
Surfer – WordPress Plugin surferseo
SW Contact Form sw-contact-form
Table of Contents Plus table-of-contents-plus
TAKETIN To WP Membership taketin-to-wp-membership
The Ultimate WordPress Toolkit – WP Extended wpextended
Themesflat Addons For Elementor themesflat-addons-for-elementor
Time Clock Pro time-clock-pro
Time Clock – A WordPress Employee & Volunteer Time Clock Plugin time-clock
Tito tito
Ultimate AI Ultimate_AI
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) ultraaddons-elementor-lite
Unlimited Addon For Elementor unlimited-addon-for-elementor
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor
VKontakte Wall Post vkontakte-wall-post
VOD Infomaniak vod-infomaniak
Woo Manage Fraud Orders woo-manage-fraud-orders
WooCommerce woocommerce
Woostagram Connect woostagram-connect
WordPress Image SEO wp-image-seo
WordPress Portfolio Builder – Portfolio Gallery uber-grid
WordPress Social Share Buttons share-button
WordPress Video wordpress-video
WP 2FA with Telegram two-factor-login-telegram
WP Booking Calendar booking
WP Content Copy Protection & No Right Click wp-content-copy-protector
WP Dropbox Dropins wp-dropbox-dropins
WP Easy Post Types easy-post-types
WP Education – Education WordPress Plugin for Elementor wp-education
WP Photo Album Plus wp-photo-album-plus
WP Popup Builder – Popup Forms and Marketing Lead Generation wp-popup-builder
WP REST API FNS Plugin rest-api-fns
WP SendFox wp-sendfox
WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin timetics
WP ULike – All-in-One Engagement Toolkit wp-ulike
WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress wpvr
Wp-ImageZoom wp-imagezoom
WP-Spreadplugin wp-spreadplugin
WPIDE – File Manager & Code Editor wpide
Wsify widget wsify-widget
Zita Elementor Site Library zita-site-library
Zoho CRM Lead Magnet zoho-crm-forms
افزونه پیامک ووکامرس Persian WooCommerce SMS persian-woocommerce-sms


WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Digitally digitally
Disconnected disconnected
my flatonica my-flatonica
my wooden under construction my-wooden-under-construction


Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49217
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49624
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Advanced Advertising System
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49326
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Affiliator
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49245
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ahime Image Printer
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49254
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
ajax-extend
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49253
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Analyse Uploads
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49257
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Azz Anonim Posting
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49247
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
BuddyPress Better Registration
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49291
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49242
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Digital Lottery
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49216
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Feed Comments Number
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49332
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Giveaway Boost
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9634
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49314
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
JiangQie Free Mini Program
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49322
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9862
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49318
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
My Reading Library
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9893
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Nextend Social Login Pro
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49610
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
photokit
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49611
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Product Website Showcase
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49218
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49626
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Shipyaari Shipping Management
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49604
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Simple User Registration
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49625
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
SiteBuilder Dynamic Components
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49324
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9105
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Ultimate AI
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49327
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49607
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Dropbox Dropins
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49328
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49329
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49622
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49621
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49617
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49623
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
Duplicate Title Validator
Researcher(s): Unknown
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49243
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49620
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
FERMA.ru.net
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-8507
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49227
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Free Stock Photos Foter
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49608
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
GERRYWORKS Post by Mail
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49251
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49618
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
MyTweetLinks
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49330
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Nice Backgrounds
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49317
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Point Maker
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49616
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Rate Own Post
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49219
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
RS-Members
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49615
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49614
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49613
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49619
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Social Link Groups
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49612
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
SW Contact Form
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49226
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
TAKETIN To WP Membership
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49260
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-9687
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WP 2FA with Telegram
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10079
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-9305
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-9861
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49246
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ajax Rating with Custom Login
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49305
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-8746
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49315
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
FREE DOWNLOAD MANAGER
Researcher
CVSS Rating
High (7.4)
CVE-ID
CVE-2024-8918
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (7.3)
CVE-ID
CVE-2024-9837
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-49331
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Property Lot Management System
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-9184
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
SendPulse Free Web Push
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-9548
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
SlimStat Analytics
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49609
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Author Discussion
Researcher(s): Unknown
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49244
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49258
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-9820
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WP 2FA with Telegram
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49297
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9582
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Accordion Slider
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49307
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9703
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Arconix Shortcodes
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49261
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Arkhe Blocks
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49319
Patch Status
Patched
Published
Oct 15, 2024
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49265
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Booking.com Banner Creator
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9452
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Branding
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49228
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
bVerse Convert
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49289
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49262
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49236
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Crazy Call To Action Box
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49296
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49255
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Da Reactions
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49631
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Easy Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9366
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Easy Menu Manager | WPZest
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49312
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49311
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49232
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
El mejor Cluster
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9373
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Elemenda
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9444
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49264
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49292
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10014
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Flat UI Button
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8920
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49301
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
G Meta Keywords
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49279
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Hyperlink Group Block
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49280
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49233
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
MAS Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-48049
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49263
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
My Favorites
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49278
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Omnipress
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9898
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Parallax Image
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49298
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
PeproDev Ultimate Invoice
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49234
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Plexx Elementor Extension
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49259
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9848
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Product Customizer Light
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49282
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Responsive Lightbox & Gallery
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10057
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
RSS Feed Widget
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9521
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
SEO Manager
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49270
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Smart Blocks
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9895
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Smart Online Order for Clover
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9897
Patch Status
Patched
Published
Oct 18, 2024
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8916
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Suki Sites Import
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49310
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49241
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Tito
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49267
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49302
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49231
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
WordPress Video
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10080
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49630
Patch Status
Patched
Published
Oct 18, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49225
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8921
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Zita Elementor Site Library
Researcher
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-10078
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49240
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
AB Categories Search Widget
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49248
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49239
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Add Categories Post Footer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49238
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
ADIF Log Search Widget
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49237
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ahmeti Wp Timeline
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49230
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ajax Custom CSS/JS
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49316
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Akismet htaccess writer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49323
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49308
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49605
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Community Lite Video Chat
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49223
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
CJ Change Howdy
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49276
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Clio Grow Form
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49220
Patch Status
Unpatched
Published
Oct 14, 2024
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49221
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
cSlider
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49283
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49309
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Digitally
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49268
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Disconnected
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9350
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
DPD Baltic Shipping
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10049
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Edit WooCommerce Templates
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49320
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Encyclopedia / Glossary / Wiki
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8719
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Flexmls® IDX Plugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9382
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Gantry 4 Framework
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8740
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
GetResponse Forms by Optin Cat
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49606
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49335
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
GoogleDrive folder list
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49334
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9647
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Kama SpamBlock
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9652
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Locatoraid Store Locator
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9206
Patch Status
Patched
Published
Oct 17, 2024
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49224
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Mitm Bug Tracker
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49269
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9383
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Parcel Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9213
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49304
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9240
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
ReDi Restaurant Reservation
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8787
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Smart Online Order for Clover
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8790
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Social Share With Floating Bar
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9347
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49313
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
VKontakte Wall Post
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9937
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Woo Manage Fraud Orders
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9951
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
WP Photo Album Plus
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9219
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
WordPress Social Share Buttons
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9934
Patch Status
Unpatched
Published
Oct 16, 2024
Affected Software
Wp-ImageZoom
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-48048
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Wsify widget
Researcher
CVSS Rating
Medium (5.6)
CVE-ID
CVE-2024-9104
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Ultimate AI
Researcher
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-5578
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Table of Contents Plus
Researcher
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-49266
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
WP-Spreadplugin
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-49229
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Better Author Bio
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-9873
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-9888
Patch Status
Patched
Published
Oct 15, 2024
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-8378
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Safe SVG
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9940
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Calculated Fields Form
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-49235
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10040
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Infinite-Scroll
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9689
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Post From Frontend
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9944
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WooCommerce
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-49284
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
WP SendFox
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9546
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2019-25218
Patch Status
Patched
Published
Oct 18, 2024
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2024-49299
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Surfer – WordPress Plugin
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-9892
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Add Widget After Content
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-48046
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Contact Form by Supsystic
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-49288
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-43300
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Movie Database
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-9883
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-49295
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Simple Testimonials Showcase
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-10027
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
WP Booking Calendar
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-7879
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49290
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9889
Patch Status
Patched
Published
Oct 18, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6757
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49629
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
Endless Posts Navigation
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-6243
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
EventON Pro
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49256
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49275
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
IdeaPush
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9926
Patch Status
Patched
Published
Oct 14, 2024
Researcher(s): Unknown
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49252
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Leyka
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-48047
Patch Status
Unpatched
Published
Oct 14, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49628
Patch Status
Patched
Published
Oct 18, 2024
Researcher(s): Unknown
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49325
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Photo Gallery Builder
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49273
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-7417
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9364
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
SendGrid for WordPress
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49321
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Simple Custom Post Order
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49272
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Social Auto Poster
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49250
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Table of Contents Plus
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49274
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
VOD Infomaniak
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49627
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
WordPress Image SEO
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49306
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9649
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49293
Patch Status
Patched
Published
Oct 15, 2024


As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

Did you enjoy this post? Share it!

Comments

No Comments