WordPress Security Archives

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

WordPress Security

String Locator Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6987 | WordPress Plugin Vulnerability Report

Plugin Name: String Locator Key Information: Software Type: Plugin Software Slug: string-locator Software Status: Active Software Author: instawp Software Downloads:...

CVE-2024-280002 weeks ago

LiteSpeed Cache Vulnerability – Unauthenticated Privilege Escalation – CVE-2024-28000 | WordPress Plugin Vulnerability Report

Plugin Name: LiteSpeed Cache Key Information: Software Type: Plugin Software Slug: litespeed-cache Software Status: Active Software Author: litespeedtech Software Downloads: 75,818,864 Active Installs: 5,000,000 Last Updated:...
CVE-2024-55833 weeks ago

The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings – CVE-2024-5583 | WordPress Plugin Vulnerability Report

Plugin Name: The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Key Information: Software Type: Plugin Software Slug: the-plus-addons-for-elementor-page-builder Software Status:...
Cross-Site Scripting3 weeks ago

Jeg Elementor Kit Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File – CVE-2024-6804 | WordPress Plugin Vulnerability Report

Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,587,316 Active Installs: 200,000 Last...
CVE-2024-64483 weeks ago

Mollie Payments for WooCommerce Vulnerability – Unauthenticated Full Path Disclosure – CVE-2024-6448 | WordPress Plugin Vulnerability Report

Plugin Name: Mollie Payments for WooCommerce Key Information: Software Type: Plugin Software Slug: mollie-payments-for-woocommerce Software Status: Active Software Author: mollieintegration Software Downloads: 3,421,407 Active Installs: 100,000...
Beaver Builder vulnerability3 weeks ago

Beaver Builder – WordPress Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter – CVE-2024-7895 | WordPress Plugin Vulnerability Report

Plugin Name: Beaver Builder – WordPress Page Builder Key Information: Software Type: Plugin Software Slug: beaver-builder-lite-version Software Status: Active Software Author: justinbusa Software Downloads: 10,741,953 Active...
CVE-2024-65513 weeks ago

GiveWP – Donation Plugin and Fundraising Platform Vulnerability – Unauthenticated Full Path Disclosure – CVE-2024-6551 | WordPress Plugin Vulnerability Report

Plugin Name: GiveWP – Donation Plugin and Fundraising Platform Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 7,990,636...
content management security3 weeks ago

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Plugin Name: The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Key Information: Software Type: Plugin Software Slug: the-post-grid Software Status: Active...
Cross-Site Scripting3 weeks ago

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

Plugin Name: Elementor Addon Elements Key Information: Software Type: Plugin Software Slug: addon-elements-for-elementor-page-builder Software Status: Active Software Author: webtechstreet Software Downloads: 2,783,086 Active Installs: 100,000 Last...
CVE-2024-440003 weeks ago

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Plugin Name: LiteSpeed Cache Key Information: Software Type: Plugin Software Slug: litespeed-cache Software Status: Active Software Author: litespeedtech Software Downloads: 79,208,611 Active Installs: 6,000,000 Last Updated:...

WP Guy News

WordPress Security

String Locator Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6987 | WordPress Plugin Vulnerability Report

LiteSpeed Cache Vulnerability – Unauthenticated Privilege Escalation – CVE-2024-28000 | WordPress Plugin Vulnerability Report

The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonials Widget Settings – CVE-2024-5583 | WordPress Plugin Vulnerability Report

Jeg Elementor Kit Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File – CVE-2024-6804 | WordPress Plugin Vulnerability Report

Mollie Payments for WooCommerce Vulnerability – Unauthenticated Full Path Disclosure – CVE-2024-6448 | WordPress Plugin Vulnerability Report

Beaver Builder – WordPress Page Builder Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter – CVE-2024-7895 | WordPress Plugin Vulnerability Report

GiveWP – Donation Plugin and Fundraising Platform Vulnerability – Unauthenticated Full Path Disclosure – CVE-2024-6551 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report