CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.0%
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors?__Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. _
Last week, there were 261 vulnerabilities disclosed in 212 WordPress Plugins and 14 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 75 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 17,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Patch Status | Number of Vulnerabilities |
---|---|
Patched | 165 |
Unpatched | 96 |
Severity Rating | Number of Vulnerabilities |
---|---|
Low Severity | 1 |
Medium Severity | 203 |
High Severity | 34 |
Critical Severity | 23 |
Vulnerability Type by CWE | Number of Vulnerabilities |
---|---|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 111 |
Missing Authorization | 41 |
Cross-Site Request Forgery (CSRF) | 37 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 14 |
Information Exposure | 13 |
Unrestricted Upload of File with Dangerous Type | 9 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 6 |
Server-Side Request Forgery (SSRF) | 6 |
Information Exposure Through Log Files | 5 |
Authentication Bypass Using an Alternate Path or Channel | 4 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 4 |
Improper Privilege Management | 3 |
Authorization Bypass Through User-Controlled Key | 2 |
Improper Control of Generation of Code ('Code Injection') | 2 |
Deserialization of Untrusted Data | 1 |
File and Directory Information Exposure | 1 |
Use of Hard-coded Credentials | 1 |
Use of Less Trusted Source | 1 |
Researcher Name | Number of Vulnerabilities |
---|
| 18
| 15
| 14
| 14
| 14
| 13
| 12
| 11
| 9
João Pedro Soares de Alcântara
| 7
| 7
| 6
| 6
| 6
| 5
| 4
| 4
| 4
| 4
| 4
| 4
| 4
| 3
| 3
| 3
| 3
| 3
| 3
| 3
| 3
| 2
| 2
| 2
| 2
| 2
Tieu Pham Trong Nhan (aptx4869)
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 1
| 1
| 1
| 1
| 1
Dikshita Trivedi (Cybersecdexter)
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
Vuln Seeker Cybersecurity Team
| 1
| 1
| 1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
Software Name | Software Slug |
---|---|
Academy LMS – WordPress LMS Plugin for Complete eLearning Solution | academy |
Admin Dashboard RSS Feed | admin-dashboard-rss-feed |
AdPush | adsense-plugin |
Advanced AJAX Page Loader | advanced-ajax-page-loader |
Advanced File Manager Shortcodes | file-manager-advanced-shortcode |
Advanced post slider | advanced-post-slider |
Amazing Hover Effects | amazing-hover-effects |
Animated Typed JS Shortcode | animated-typed-js-shortcode |
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps | appmaker-woocommerce-mobile-app-manager |
Arkhe Blocks | arkhe-blocks |
Attachment File Icons (AF Icons) | attachment-file-icons |
Auto Featured Image (Auto Post Thumbnail) | auto-post-thumbnail |
Backup and Staging by WP Time Capsule | wp-time-capsule |
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. | barcode-scanner-lite-pos-to-manage-products-inventory-and-orders |
BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript | searchpro |
Blog, Posts and Category Filter for Elementor | blog-posts-and-category-for-elementor |
Booking Ultra Pro Appointments Booking Calendar Plugin | booking-ultra-pro |
Bradmax Player | bradmax-player |
Branda – White Label & Branding, Custom Login Page Customizer | branda-white-labeling |
Business Card | business-card-by-esterox-100 |
Calendar.online / Kalender.digital – Plugin | kalender-digital |
Caxton – Create Pro page layouts in Gutenberg | caxton |
Change From Email | wp-from-email |
Cliengo – Chatbot | cliengo |
CodePen Embedded Pens Shortcode | codepen-embedded-pen-shortcode |
codoc | codoc |
Coming Soon Page – Responsive Coming Soon & Maintenance Mode | responsive-coming-soon-page |
Comment Images Reloaded | comment-images-reloaded |
ConeBlog – Elementor Blog Widgets | coneblog-widgets |
Contact Form 7 Summary and Print | cf7-summary-and-print |
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder | bit-form |
Contact Form, Survey, Quiz & Popup Form Builder – ARForms | arforms-form-builder |
CZ Loan Management | cz-loan-management |
Default Thumbnail Plus | default-thumbnail-plus |
DirectoryPress – Business Directory And Classified Ad Listing | directorypress |
Donation Block For PayPal | donations-block |
Download Button for Elementor | download-button-for-elementor |
Duplicator – Migration & Backup Plugin | duplicator |
Dynamic Word Spinner: CSS3 Animated Rotation | css3-rotating-words |
Easy Google Adsense and Banner Ads Manager – AdsforWP | ads-for-wp |
Easy Pixels | easy-pixels-by-jevnet |
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin | eazydocs |
EleForms – All In One Form Integration including DB for Elementor | all-contact-form-integration-for-elementor |
ElementInvader Addons for Elementor | elementinvader-addons-for-elementor |
Email Encoder – Protect Email Addresses and Phone Numbers | email-encoder-bundle |
EmbedPress – Embed PDF, PDF 3D FlipBook, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor | embedpress |
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates | essential-blocks |
Event post | event-post |
Event Tickets and Registration | event-tickets |
EventON | eventon-lite |
Events Calendar for Google | events-calendar-for-google |
ExS Widgets | exs-widgets |
Extensions for Elementor | extensions-for-elementor |
FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor | post-block |
Featured Image Generator | featured-image-generator |
Feeds for YouTube (YouTube video, channel, and gallery plugin) | feeds-for-youtube |
Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme – My Sticky Bar (formerly myStickymenu) | mystickymenu |
Form Vibes – Database Manager for Forms | form-vibes |
FormFlow- WhatsApp Social and WP Form Builder with Easy Lead Management | simple-form |
FULL – Cliente | full-customer |
Fusion Page Builder | fusion |
GD Rating System | gd-rating-system |
Generate PDF using Contact Form 7 | generate-pdf-using-contact-form-7 |
Genesis Blocks | genesis-blocks |
Get Use APIs – JSON Content Importer | json-content-importer |
Goftino | goftino |
Gravity Forms: Multiple Form Instances | gravity-forms-multiple-form-instances |
Gum Elementor Addon | gum-elementor-addon |
Gutenberg Forms – WordPress Form Builder Plugin | forms-gutenberg |
GutSlider – All in One Block Slider | slider-blocks |
HitPay Payment Gateway for WooCommerce | hitpay-payment-gateway |
Houzez CRM | houzez-crm |
Houzez Theme - Functionality | houzez-theme-functionality |
HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
HTML Forms – Simple WordPress Forms Plugin | html-forms |
Image Optimizer, Resizer and CDN – Sirv | sirv |
Import Spreadsheets from Microsoft Excel | import-spreadsheets-from-microsoft-excel |
Inline Related Posts | intelly-related-posts |
InstaWP Connect – 1-click WP Staging & Migration | instawp-connect |
Internal Link Juicer: SEO Auto Linker for WordPress | internal-links |
iPanorama 360 – WordPress Virtual Tour Builder | ipanorama-360-virtual-tour-builder-lite |
IQ Testimonials | iq-testimonials |
Jetpack Boost – Website Speed, Performance and Critical CSS | jetpack-boost |
Job Board Manager | job-board-manager |
JSON API User | json-api-user |
Just Custom Fields | just-custom-fields |
Laposta | laposta |
LearnDash LMS – Reports | wisdm-reports-for-learndash |
Light Poll | light-poll |
Link Library | link-library |
Login by Auth0 | auth0 |
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | magical-addons-for-elementor |
Magical Posts Display – Elementor Advanced Posts widgets | magical-posts-display |
MakeStories (for Google Web Stories) | makestories-helper |
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor | master-addons |
Master Popups | master-popups-lite |
Matomo Analytics – Ethical Stats. Powerful Insights. | matomo |
MBE eShip | mail-boxes-etc |
Media Hygiene: Remove or Delete Unused Images and More! | media-hygiene |
Meks Smart Author Widget | meks-smart-author-widget |
Meks Video Importer | meks-video-importer |
Metorik – Reports & Email Automation for WooCommerce | metorik-helper |
Modern Events Calendar | modern-events-calendar |
Modern Events Calendar Lite | modern-events-calendar-lite |
Moloni | moloni |
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar | mp3-music-player-by-sonaar |
MStore API – Create Native Android & iOS Apps On The Cloud | mstore-api |
oik | oik |
Olive One Click Demo Import | olive-one-click-demo-import |
Openpos - WooCommerce Point Of Sale(POS) | woocommerce-openpos |
OSM – OpenStreetMap | osm |
Packlink PRO shipping module | packlink-pro-shipping |
Paid Memberships Pro - Member Directory Add On | pmpro-member-directory |
Panda Video | pandavideo |
Payflex Payment Gateway | payflex-payment-gateway |
PayPlus Payment Gateway | payplus-payment-gateway |
Plugin Notes Plus | plugin-notes-plus |
Plum: Spin Wheel & Email Pop-up | qodeblock |
Post Layouts for Gutenberg | post-layouts |
Power BI Embedded for WordPress | embed-power-bi |
PowerPress Podcasting plugin by Blubrry | powerpress |
Predictive Search for WooCommerce | woocommerce-predictive-search |
Premium Addons for Elementor | premium-addons-for-elementor |
Pricing Table | elfsight-pricing-table |
Product Delivery Date for WooCommerce – Lite | product-delivery-date-for-woocommerce-lite |
Product Designer | product-designer |
Product Table by WBW | woo-product-tables |
ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
Qi Blocks | qi-blocks |
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | quiz-master-next |
Realtyna Organic IDX plugin + WPL Real Estate | real-estate-listing-realtyna-wpl |
ReCaptcha Integration for WordPress | wp-recaptcha-integration |
Recipe Cards For Your Food Blog from Zip Recipes | zip-recipes |
ReDi Restaurant Reservation | redi-restaurant-reservation |
Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction | pie-register |
Responsive Tabs | responsive-tabs |
REVIEWS.io for WooCommerce | reviewscouk-for-woocommerce |
ScrollTo Bottom | scrollto-bottom |
ScrollTo Top | scrollto-top |
SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue | happy-scss-compiler |
Search & Replace | search-and-replace |
Send email only on Reply to My Comment | send-email-only-on-reply-to-my-comment |
Send Users Email | send-users-email |
Seraphinite Accelerator Pro | seraphinite-accelerator-ext |
Seraphinite Post .DOCX Source | seraphinite-post-docx-source |
Simple Alert Boxes | simple-alert-boxes |
Simple Popup Plugin | simple-popup-plugin |
Simple Post Notes | simple-post-notes |
Simple Responsive Slider | simple-responsive-slider |
SKT Addons for Elementor | skt-addons-for-elementor |
SKT Skill Bar | skt-skill-bar |
Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) | sky-elementor-addons |
Slider by 10Web | UNKNOWN-CVE-2024-32578-1 |
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) | slingblocks |
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer | smartcrawl-seo |
Social Sharing Plugin – Kiwi | kiwi-social-share |
SpiderContacts | spider-contacts |
Spiffy Calendar | spiffy-calendar |
SportsPress – Sports Club & League Manager | sportspress |
Squelch Tabs and Accordions Shortcodes | squelch-tabs-and-accordions-shortcodes |
Tabs For WPBakery Page Builder (formerly Visual Composer) | tabs-for-visual-composer |
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics | taggbox-widget |
Team Manager – WordPress Showcase Team Members | wp-team-manager |
Team Members | team-members |
Timeline Module for Beaver Builder | timeline-for-beaver-builder |
Titan Anti-spam & Security | anti-spam |
TOCHAT.BE | tochat-be |
Tutor LMS – eLearning and online course solution | tutor |
Typebot | Create advanced chat experiences without coding |
Ultimate Classified Listings | ultimate-classified-listings |
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) | ultraaddons-elementor-lite |
Uncanny Automator Pro | uncanny-automator-pro |
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | unlimited-elements-for-elementor |
User Activity Log Pro | user-activity-log-pro |
User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds | userfeedback-lite |
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor | profile-builder |
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | userswp |
VK All in One Expansion Unit | vk-all-in-one-expansion-unit |
Wallet for WooCommerce | woo-wallet |
Wallet System for WooCommerce – Wallet, Digital Wallet, Cashback, Recharge User Wallets, Partial Payments, Wallet restriction, Refunds | wallet-system-for-woocommerce |
WANotifier – Send Message Notifications Using WhatsApp API | notifier |
WappPress – Create Mobile App for any WordPress site with our Mobile App Builder in just 1 minute | wapppress-builds-android-app-for-website |
Web Directory Free | web-directory-free |
Webico Slider Flatsome Addons | webico-slider-flatsome-addons |
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More | woocommerce-wholesale-prices |
WooCommerce Customers Manager | woocommerce-customers-manager |
WooCommerce Report | ithemelandco-woo-report |
WordPress Multisite Content Copier/Updater | wp-multisite-content-copier |
WP Accessibility Helper (WAH) | wp-accessibility-helper |
WP Affiliate Platform | wp-affiliate-platform |
WP Ajax Contact Form | wp-ajax-contact-form |
WP Announcement | Dynamic Announcement, Banner, & Countdown Timer for Effective Promotions |
WP ERP | Complete HR solution with recruitment & job listings |
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress | wp-event-aggregator |
WP Fast Total Search – The Power of Indexed Search | fulltext-search |
WP GoToWebinar | wp-gotowebinar |
WP Links Page | wp-links-page |
WP Photo Album Plus | wp-photo-album-plus |
WP Popups – WordPress Popup builder | wp-popups-lite |
WP Total Branding – Complete branding solution for WordPress | wp-total-branding |
WP Travel Engine – Tour Booking Plugin – Tour Operator Software | wp-travel-engine |
WP User Switch | wp-user-switch |
WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 | wp2speed |
WPBITS Addons For Elementor Page Builder | wpbits-addons-for-elementor |
WPCS – WordPress Currency Switcher Professional | currency-switcher |
WpStickyBar – Sticky Bar, Sticky Header | wpstickybar-sticky-bar-sticky-header |
XPlainer – Product FAQs for WooCommerce & AI FAQ Generator | faq-for-woocommerce |
YITH WooCommerce Ajax Product Filter | yith-woocommerce-ajax-navigation |
Zephyr Project Manager | zephyr-project-manager |
Zoho Campaigns | zoho-campaigns |
Zoho CRM Lead Magnet | zoho-crm-forms |
پلاگین پرداخت دلخواه | pardakht-delkhah |
Software Name | Software Slug |
---|---|
BuddyBoss Theme | buddyboss-theme |
Counterpoint | counterpoint |
i-amaze | i-amaze |
i-transform | i-transform |
Noo JobMonster | noo-jobmonster |
Oceanic | oceanic |
OnePress | onepress |
Patricia Blog | patricia-blog |
Patricia Lite | patricia-lite |
Point | point |
Popularis Verse | popularis-verse |
Responsive Mobile | responsive-mobile |
SmartMag | smartmag-responsive-retina-wordpress-magazine |
SociallyViral | sociallyviral |
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you'd like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-5975
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
CZ Loan Management
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-37933
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Openpos - WooCommerce Point Of Sale(POS)
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-5765
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WpStickyBar – Sticky Bar, Sticky Header
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-38755
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
DirectoryPress – Business Directory And Classified Ad Listing
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-3604
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
OSM – OpenStreetMap
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-37564
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
PayPlus Payment Gateway
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38770
Patch Status
Patched
Published
Jul 13, 2024
Affected Software
Backup and Staging by WP Time Capsule
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38717
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Booking Ultra Pro Appointments Booking Calendar Plugin
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38735
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Event post
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6313
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Gutenberg Forms – WordPress Form Builder Plugin
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6397
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
InstaWP Connect – 1-click WP Staging & Migration
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6314
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
IQ Testimonials
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-37927
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Noo JobMonster
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6624
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
JSON API User
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6328
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
MStore API – Create Native Android & iOS Apps On The Cloud
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6365
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Product Table by WBW
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38759
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Search & Replace
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6695
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38734
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Import Spreadsheets from Microsoft Excel
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-37928
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Noo JobMonster
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38736
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Realtyna Organic IDX plugin + WPL Real Estate
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38692
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Spiffy Calendar
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-37932
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Openpos - WooCommerce Point Of Sale(POS)
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6310
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Advanced AJAX Page Loader
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2023-7061
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Advanced File Manager Shortcodes
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2023-7062
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Advanced File Manager Shortcodes
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6309
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Attachment File Icons (AF Icons)
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6161
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Default Thumbnail Plus
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38716
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Events Calendar for Google
Researcher
João Pedro Soares de Alcântara
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38715
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
ExS Widgets
Researcher
João Pedro Soares de Alcântara
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5325
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Form Vibes – Database Manager for Forms
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38709
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
GD Rating System
Researcher
João Pedro Soares de Alcântara
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6317
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Generate PDF using Contact Form 7
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6316
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Generate PDF using Contact Form 7
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5792
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Houzez CRM
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5793
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Houzez Theme - Functionality
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5441
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Modern Events Calendar
Modern Events Calendar Lite
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5456
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Panda Video
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6069
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6411
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researchers
Tieu Pham Trong Nhan (aptx4869)
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6321
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
ScrollTo Bottom
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6320
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
ScrollTo Top
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6166
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6353
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Wallet for WooCommerce
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38704
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Team Manager – WordPress Showcase Team Members
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6666
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-37560
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WP User Switch
Researcher
8.5
CVSS Rating
High (8.5)
CVE-ID
CVE-2024-38708
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-37942
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6123
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-5807
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Business Card
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6021
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Donation Block For PayPal
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-5479
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Easy Pixels
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6180
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
EventON
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6447
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
FULL – Cliente
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-37563
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
TOCHAT.BE
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-5902
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-5992
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Cliengo – Chatbot
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-37922
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Premium Addons for Elementor
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-38700
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WPCS – WordPress Currency Switcher Professional
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38750
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Advanced post slider
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38741
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Amazing Hover Effects
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38679
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Animated Typed JS Shortcode
Researcher(s): Unknown
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38675
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Arkhe Blocks
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4667
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Blog, Posts and Category Filter for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38676
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Booking Ultra Pro Appointments Booking Calendar Plugin
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37957
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Bradmax Player
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38678
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Calendar.online / Kalender.digital – Plugin
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37948
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Caxton – Create Pro page layouts in Gutenberg
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37960
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
CodePen Embedded Pens Shortcode
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37918
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
ConeBlog – Elementor Blog Widgets
Researcher
João Pedro Soares de Alcântara
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38718
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Download Button for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38720
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38705
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
ElementInvader Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5595
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4868
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Extensions for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38686
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6256
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Feeds for YouTube (YouTube video, channel, and gallery plugin)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37962
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Fusion Page Builder
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3563
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Genesis Blocks
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38697
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Goftino
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37955
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
GutSlider – All in One Block Slider
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38722
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Job Board Manager
Researchers
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38723
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Get Use APIs – JSON Content Importer
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38681
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38730
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37951
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Magical Posts Display – Elementor Advanced Posts widgets
Researcher
João Pedro Soares de Alcântara
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38710
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37958
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Meks Smart Author Widget
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5664
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6391
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
oik
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38739
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
OnePress
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3603
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
OSM – OpenStreetMap
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5457
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Panda Video
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38682
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Post Layouts for Gutenberg
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37959
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Power BI Embedded for WordPress
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6588
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
PowerPress Podcasting plugin by Blubrry
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6495
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Premium Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38712
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Qi Blocks
Researcher
João Pedro Soares de Alcântara
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6390
Patch Status
Patched
Published
Jul 13, 2024
Affected Software
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37949
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Responsive Mobile
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4096
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Responsive Tabs
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38677
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
REVIEWS.io for WooCommerce
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38728
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Seraphinite Post .DOCX Source
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5937
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Simple Alert Boxes
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38674
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
SKT Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38698
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
SKT Skill Bar
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38687
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38684
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5946
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Squelch Tabs and Accordions Shortcodes
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37936
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Tabs For WPBakery Page Builder (formerly Visual Composer)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38670
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Team Members
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38757
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Typebot | Create advanced chat experiences without coding
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4866
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6170
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6169
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37956
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
VK All in One Expansion Unit
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38758
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WappPress – Create Mobile App for any WordPress site with our Mobile App Builder in just 1 minute
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5881
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Webico Slider Flatsome Addons
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1747
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WooCommerce Customers Manager
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38703
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38671
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WP GoToWebinar
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38713
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP Photo Album Plus
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37944
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WP Travel Engine – Tour Booking Plugin – Tour Operator Software
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4862
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
WPBITS Addons For Elementor Page Builder
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5669
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
XPlainer – Product FAQs for WooCommerce & AI FAQ Generator
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38752
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Zoho Campaigns
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38672
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
AdPush
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38680
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37920
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Contact Form, Survey, Quiz & Popup Form Builder – ARForms
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37961
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
codoc
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38724
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Contact Form 7 Summary and Print
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37559
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Counterpoint
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38711
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Link Library
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2023-6813
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Login by Auth0
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37953
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
MBE eShip
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38694
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Moloni
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38673
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WordPress Multisite Content Copier/Updater
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38744
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Plum: Spin Wheel & Email Pop-up
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6224
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Send email only on Reply to My Comment
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6223
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Send email only on Reply to My Comment
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37954
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Simple Responsive Slider
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6272
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
SpiderContacts
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-5883
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Ultimate Classified Listings
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6529
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Ultimate Classified Listings
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-5882
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Ultimate Classified Listings
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37117
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Uncanny Automator Pro
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3669
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Web Directory Free
Researchers
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38669
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Predictive Search for WooCommerce
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38683
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WooCommerce Report
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-5809
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WP Ajax Contact Form
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6226
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WpStickyBar – Sticky Bar, Sticky Header
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37943
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
YITH WooCommerce Ajax Product Filter
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38696
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Zoho CRM Lead Magnet
Researcher
5.5
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-6584
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Jetpack Boost – Website Speed, Performance and Critical CSS
Researcher
5.5
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-37947
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Researcher
5.5
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-6625
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP Total Branding – Complete branding solution for WordPress
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5993
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Cliengo – Chatbot
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-37923
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Cliengo – Chatbot
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5600
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-6392
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Image Optimizer, Resizer and CDN – Sirv
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5648
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
LearnDash LMS – Reports
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-4102
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Pricing Table
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3983
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WooCommerce Customers Manager
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2843
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WooCommerce Customers Manager
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5285
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
WP Affiliate Platform
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6554
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Branda – White Label & Branding, Custom Login Page Customizer
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38756
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Coming Soon Page – Responsive Coming Soon & Maintenance Mode
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6210
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Duplicator – Migration & Backup Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38748
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
EleForms – All In One Form Integration including DB for Elementor
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38707
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
EmbedPress – Embed PDF, PDF 3D FlipBook, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6550
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Gravity Forms: Multiple Form Instances
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38747
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
HitPay Payment Gateway for WooCommerce
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38690
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
iPanorama 360 – WordPress Virtual Tour Builder
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6574
Patch Status
Unpatched
Published
Jul 12, 2024
Affected Software
Laposta
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38742
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
MBE eShip
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38749
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Olive One Click Demo Import
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0619
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Payflex Payment Gateway
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38743
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Plum: Spin Wheel & Email Pop-up
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4100
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Pricing Table
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38702
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Product Delivery Date for WooCommerce – Lite
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3608
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Product Designer
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38688
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Recipe Cards For Your Food Blog from Zip Recipes
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38737
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
ReDi Restaurant Reservation
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38760
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
Send Users Email
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6556
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37930
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
SmartMag
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3228
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Social Sharing Plugin – Kiwi
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6171
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6366
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6477
Patch Status
Patched
Published
Jul 13, 2024
Affected Software
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38699
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Wallet System for WooCommerce – Wallet, Digital Wallet, Cashback, Recharge User Wallets, Partial Payments, Wallet restriction, Refunds
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38745
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37935
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Openpos - WooCommerce Point Of Sale(POS)
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37926
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
WP Accessibility Helper (WAH)
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6555
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP Popups – WordPress Popup builder
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-5810
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
WP2Speed Faster – Optimize PageSpeed Insights Score 90-100
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37924
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WP2Speed Faster – Optimize PageSpeed Insights Score 90-100
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38761
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
Zephyr Project Manager
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38725
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Admin Dashboard RSS Feed
Researchers
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38738
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Change From Email
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4483
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Email Encoder – Protect Email Addresses and Phone Numbers
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3113
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
FormFlow- WhatsApp Social and WP Form Builder with Easy Lead Management
Researchers
Dikshita Trivedi (Cybersecdexter)
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37565
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Gum Elementor Addon
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-6487
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Inline Related Posts
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37950
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
Master Popups
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4090
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme – My Sticky Bar (formerly myStickymenu)
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37561
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Plugin Notes Plus
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37946
Patch Status
Unpatched
Published
Jul 10, 2024
Affected Software
ReCaptcha Integration for WordPress
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38689
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Simple Popup Plugin
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37562
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Simple Post Notes
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-6408
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Slider by 10Web
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3986
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
SportsPress – Sports Club & League Manager
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37919
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Timeline Module for Beaver Builder
Researcher
João Pedro Soares de Alcântara
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-6165
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WANotifier – Send Message Notifications Using WhatsApp API
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38685
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
WP Announcement | Dynamic Announcement, Banner, & Countdown Timer for Effective Promotions
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-6536
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Zephyr Project Manager
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38719
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Auto Featured Image (Auto Post Thumbnail)
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37925
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
BuddyBoss Theme
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5856
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Comment Images Reloaded
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38753
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Dynamic Word Spinner: CSS3 Animated Rotation
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38721
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1375
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Event post
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38762
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
Event Tickets and Registration
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5677
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Featured Image Generator
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38751
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Easy Google Adsense and Banner Ads Manager – AdsforWP
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38706
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6412
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
HTML Forms – Simple WordPress Forms Plugin
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38731
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
i-amaze
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38764
Patch Status
Unpatched
Published
Jul 12, 2024
Affected Software
i-transform
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37941
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Internal Link Juicer: SEO Auto Linker for WordPress
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6168
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Just Custom Fields
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6167
Patch Status
Unpatched
Published
Jul 8, 2024
Affected Software
Just Custom Fields
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6496
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Light Poll
Researcher
Vuln Seeker Cybersecurity Team
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38746
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
MakeStories (for Google Web Stories)
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38766
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
Matomo Analytics – Ethical Stats. Powerful Insights.
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38729
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
MBE eShip
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5855
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
Media Hygiene: Remove or Delete Unused Images and More!
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38733
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Meks Video Importer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38691
Patch Status
Patched
Published
Jul 10, 2024
Affected Software
Metorik – Reports & Email Automation for WooCommerce
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38765
Patch Status
Unpatched
Published
Jul 12, 2024
Affected Software
Oceanic
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38740
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Packlink PRO shipping module
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1287
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Paid Memberships Pro - Member Directory Add On
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6230
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
پلاگین پرداخت دلخواه
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38732
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Patricia Blog
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37939
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Patricia Lite
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37931
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
Point
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38763
Patch Status
Unpatched
Published
Jul 12, 2024
Affected Software
Popularis Verse
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6410
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researcher
Tieu Pham Trong Nhan (aptx4869)
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37940
Patch Status
Patched
Published
Jul 9, 2024
Affected Software
Seraphinite Accelerator Pro
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38727
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Seraphinite Post .DOCX Source
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37938
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
SociallyViral
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38754
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38777
Patch Status
Unpatched
Published
Jul 11, 2024
Affected Software
Titan Anti-spam & Security
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37929
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
User Activity Log Pro
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5808
Patch Status
Unpatched
Published
Jul 9, 2024
Affected Software
WP Ajax Contact Form
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38714
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP Fast Total Search – The Power of Indexed Search
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38695
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
WP GoToWebinar
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6465
Patch Status
Patched
Published
Jul 12, 2024
Affected Software
WP Links Page
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5704
Patch Status
Patched
Published
Jul 8, 2024
Affected Software
XPlainer – Product FAQs for WooCommerce & AI FAQ Generator
Researcher
2.7
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-38701
Patch Status
Patched
Published
Jul 11, 2024
Affected Software
Academy LMS – WordPress LMS Plugin for Complete eLearning Solution
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (July 8, 2024 to July 14, 2024) appeared first on Wordfence.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.0%