Did you know we're running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 304 vulnerabilities disclosed in 232 WordPress Plugins and 23 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 65 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Patch Status | Number of Vulnerabilities |
---|---|
Patched | 235 |
Unpatched | 69 |
Severity Rating | Number of Vulnerabilities |
---|---|
Low Severity | 4 |
Medium Severity | 247 |
High Severity | 31 |
Critical Severity | 22 |
Vulnerability Type by CWE | Number of Vulnerabilities |
---|---|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 96 |
Missing Authorization | 82 |
Cross-Site Request Forgery (CSRF) | 31 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 13 |
Information Exposure | 12 |
Server-Side Request Forgery (SSRF) | 12 |
Authorization Bypass Through User-Controlled Key | 6 |
Deserialization of Untrusted Data | 6 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 6 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 6 |
Information Exposure Through Log Files | 6 |
Unrestricted Upload of File with Dangerous Type | 5 |
Improper Privilege Management | 4 |
Use of Less Trusted Source | 4 |
External Control of Assumed-Immutable Web Parameter | 3 |
Improper Control of Generation of Code ('Code Injection') | 2 |
Improper Input Validation | 2 |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | 2 |
Authentication Bypass Using an Alternate Path or Channel | 1 |
Guessable CAPTCHA | 1 |
Improper Access Control | 1 |
Improper Authorization | 1 |
Improper Neutralization of Alternate XSS Syntax | 1 |
URL Redirection to Untrusted Site ('Open Redirect') | 1 |
Researcher Name | Number of Vulnerabilities |
---|
| 30
| 23
| 17
| 17
| 14
| 14
| 13
| 13
| 12
| 10
| 10
| 7
| 7
| 7
| 7
| 7
| 6
| 6
| 6
| 5
| 4
Brandon James Roldan (tomorrowisnew)
| 4
| 4
| 4
| 4
| 3
| 3
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 2
| 1
| 1
| 1
| 1
| 1
| 1
João Pedro Soares de Alcântara
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
| 1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
Software Name | Software Slug |
---|---|
Academy LMS – eLearning and online course solution for WordPress | academy |
Accessibility Widget | accessibility-widget |
ActiveDEMAND | activedemand |
Admin and Customer Messages After Order for WooCommerce: OrderConvo | admin-and-client-message-after-order-for-woocommerce |
Admin Bar Editor – Hide Toolbar by User Roles | admin-bar |
Advanced Floating Content Lite | advanced-floating-content-lite |
Advanced Local Pickup for WooCommerce | advanced-local-pickup-for-woocommerce |
Advanced Most Recent Posts Mod | advanced-most-recent-posts-mod |
Advanced Post List | advanced-post-list |
Advanced Testimonial Carousel for Elementor | advanced-testimonial-carousel-for-elementor |
AGCA – Custom Dashboard & Login Page | ag-custom-admin |
All-in-one Like Widget | all-in-one-facebook-like-widget |
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) | wp-analytify |
Annual Archive | anual-archive |
Appointment Hour Booking – WordPress Booking Plugin | appointment-hour-booking |
AppPresser – Mobile App Framework | apppresser |
Arconix FAQ | arconix-faq |
Arconix Shortcodes | arconix-shortcodes |
ARforms | arforms |
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | armember-membership |
Assistant – Every Day Productivity Apps | assistant |
Auto Featured Image (Auto Post Thumbnail) | auto-post-thumbnail |
BackUpWordPress | backupwordpress |
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. | barcode-scanner-lite-pos-to-manage-products-inventory-and-orders |
Base64 Encoder/Decoder | base64-encoderdecoder |
Better Elementor Addons | better-elementor-addons |
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss | bp-better-messages |
Blog2Social: Social Media Auto Post & Scheduler | blog2social |
Booking Ultra Pro Appointments Booking Calendar Plugin | booking-ultra-pro |
Brevo for WooCommerce | woocommerce-sendinblue-newsletter-subscription |
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg |
Car Dealer (Dealership) and Vehicle sales | cardealer |
CF7 File Download – File Download for CF7 | cf7-file-download |
ChatBot Conversational Forms | conversational-forms |
Classified Listing – Classified ads & Business Directory Plugin | classified-listing |
ClickCease Click Fraud Protection | clickcease-click-fraud-protection |
Client Dash | client-dash |
CM Tooltip Glossary | enhanced-tooltipglossary |
Colibri Page Builder | colibri-page-builder |
Collapse-O-Matic | jquery-collapse-o-matic |
Comments – wpDiscuz | wpdiscuz |
Contact Form 7 Database Addon – CFDB7 | contact-form-cfdb7 |
Contact Form 7 Extension For Mailchimp | contact-form-7-mailchimp-extension |
Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder | arforms-form-builder |
Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) | content-views-query-and-display-post-page |
Cookie Information | Free GDPR Consent Solution |
CookieHub – Cookie Consent Banner (DSGVO, CCPA, RGPD and GDPR compliance) | cookiehub |
Cornerstone | cornerstone |
Coupon & Discount Code Reveal Button | coupon-reveal-button |
Crelly Slider | crelly-slider |
Culqi | culqi-checkout |
Custom field finder | custom-field-finder |
Customify Site Library | customify-sites |
Data Tables Generator by Supsystic | data-tables-generator-by-supsystic |
Database for Contact Form 7, WPforms, Elementor forms | contact-form-entries |
Easy Accept Payments via PayPal | wordpress-easy-paypal-payment-or-donation-accept-plugin |
Easy Property Listings | easy-property-listings |
Easy Set Favicon | easy-set-favicon |
Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin | bdthemes-element-pack |
ElementsKit Elementor addons and Templates Library | elementskit-lite |
ElementsKit Pro | elementskit |
Elespare – News, Magazine and Blog Elements & Blog Addons for Elementor with Header Footer Builder. One Click Import: No Coding Required! | elespare |
Email Customizer for WooCommerce | Drag and Drop Email Templates Builder |
Embed Google Photos album | embed-google-photos-album-easily |
ENL Newsletter | enl-newsletter |
EPROLO Dropshipping | eprolo-dropshipping |
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders | essential-addons-for-elementor-lite |
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | evergreen-content-poster |
Exclusive Addons for Elementor | exclusive-addons-for-elementor |
Export and Import Users and Customers | users-customers-import-export-for-wp-woocommerce |
FameTheme Demo Importer | famethemes-demo-importer |
Fan Page Widget by ThemeNcode | facebook-fan-page-widget |
Fancy Product Designer | fancy-product-designer |
FG Joomla to WordPress | fg-joomla-to-wordpress |
FileOrganizer – Manage WordPress and Website Files | fileorganizer |
Filterable Portfolio | jungbillig-portfolio-gallery |
Five Star Restaurant Reservations – WordPress Booking Plugin | restaurant-reservations |
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder | form-maker |
FOX – Currency Switcher Professional for WooCommerce | woocommerce-currency-switcher |
Frontend Dashboard | frontend-dashboard |
FV Flowplayer Video Player | fv-wordpress-flowplayer |
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | geodirectory |
Getwid – Gutenberg Blocks | getwid |
Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers | rafflepress |
GiveWP – Donation Plugin and Fundraising Platform | give |
Gutenberg Blocks, Page Builder – ComboBlocks | post-grid |
Happy Addons for Elementor | happy-elementor-addons |
Header Footer Code Manager Pro | 99robots-header-footer-code-manager-pro |
Headline Analyzer | headline-analyzer |
Hide Dashboard Notifications | wp-hide-backed-notices |
HL Twitter | hl-twitter |
HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
Hummingbird – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS |
Image Optimizer, Resizer and CDN – Sirv | sirv |
Image Slider | image-slider-widget |
Import and export users and customers | import-users-from-csv-with-meta |
InstaWP Connect – 1-click WP Staging & Migration | instawp-connect |
Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site | integrate-google-drive |
Interactive World Maps | interactive-world-maps |
Jeg Elementor Kit | jeg-elementor-kit |
KB Support – WordPress Help Desk and Knowledge Base | kb-support |
Knowledge Base documentation & wiki plugin – BasePress Docs | basepress |
Leaky Paywall | leaky-paywall |
List Custom Taxonomy Widget | list-custom-taxonomy-widget |
Login with phone number | login-with-phone-number |
Maintenance Mode | hkdev-maintenance-mode |
MainWP Child Reports | mainwp-child-reports |
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor | master-addons |
Max Addons Pro for Bricks | max-addons-pro-bricks |
MDTF – Meta Data and Taxonomies Filter | wp-meta-data-filter-and-taxonomy-filter |
Meks Smart Social Widget | meks-smart-social-widget |
Meks ThemeForest Smart Widget | meks-themeforest-smart-widget |
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | metform |
MF Gig Calendar | mf-gig-calendar |
month name translation benaceur | month-name-translation-benaceur |
myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification | mycred |
Newsletters | newsletters-lite |
Opal Widgets For Elementor | opal-widgets-for-elementor |
Page Builder: Live Composer | live-composer-page-builder |
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | paid-member-subscriptions |
Payment Gateway Based Fees and Discounts for WooCommerce | checkout-fees-for-woocommerce |
PDF Invoices & Packing Slips for WooCommerce | woocommerce-pdf-invoices-packing-slips |
Photo Gallery by 10Web – Mobile-Friendly Image Gallery | photo-gallery |
Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery | gt3-photo-video-gallery |
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery | nextgen-gallery |
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress | contest-gallery |
Piotnet Addons For Elementor | piotnet-addons-for-elementor |
Piotnet Addons For Elementor Pro | piotnet-addons-for-elementor-pro |
Podlove Podcast Publisher | podlove-podcasting-plugin-for-wordpress |
Poll | Vote |
Popup Box – Best WordPress Popup Plugin | ays-popup-box |
Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation | optinmonster |
Popup4Phone | popup4phone |
PopupAlly | popupally |
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | buddyforms |
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX | ultimate-post |
Premium Addons for Elementor | premium-addons-for-elementor |
Pretty Google Calendar | pretty-google-calendar |
Pricing Table by Supsystic | pricing-table-by-supsystic |
Print Invoice & Delivery Notes for WooCommerce | woocommerce-delivery-notes |
Print or PDF WooCommerce Order Receipts, Invoices, Labels & More. | print-google-cloud-print-gcp-woocommerce |
Product Addons & Fields for WooCommerce | woocommerce-product-addon |
ProfileGrid – User Profiles, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
PropertyHive | propertyhive |
Qi Addons For Elementor | qi-addons-for-elementor |
Quick Featured Images | quick-featured-images |
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress | radio-player |
Radio Station by netmix® – Manage and play your Show Schedule in WordPress! | radio-station |
Rank Math SEO with AI SEO Tools | seo-by-rank-math |
Rate My Post – Star Rating Plugin by FeedbackWP | rate-my-post |
Recencio Book Reviews | recencio-book-reviews |
Reviews Plus | reviews-plus |
RomethemeForm For Elementor | romethemeform |
RomethemeKit For Elementor | rometheme-for-elementor |
Royal Elementor Addons and Templates | royal-elementor-addons |
rtMedia for WordPress, BuddyPress and bbPress | buddypress-media |
Salon Booking System | salon-booking-system |
Save as PDF Plugin by Pdfcrowd | save-as-pdf-by-pdfcrowd |
SchedulePress – Best Editorial Calendar, Missed Schedule & Auto Social Share | wp-scheduled-posts |
Schema & Structured Data for WP & AMP | schema-and-structured-data-for-wp |
Secure Copy Content Protection and Content Locking | secure-copy-content-protection |
Seers | GDPR & CCPA Cookie Consent & Compliance |
Send PDF for Contact Form 7 | send-pdf-for-contact-form-7 |
Serious Slider | cryout-serious-slider |
SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy | woo-aliexpress-dropshipping |
ShortPixel Critical CSS | shortpixel-critical-css |
Simple Membership | simple-membership |
Simply Static | simply-static |
Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) | sina-extension-for-elementor |
Slash Admin | slash-admin |
Smart Forms – when you need more than just a contact form | smart-forms |
Smart Maintenance Mode | smart-maintenance-mode |
Smart Recent Posts Widget | smart-recent-posts-widget |
Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap | socialsnap |
Social Sharing Plugin – Social Warfare | social-warfare |
Solid Affiliate | solid-affiliate |
SP Project & Document Manager | sp-client-document-manager |
Spectra – WordPress Gutenberg Blocks | ultimate-addons-for-gutenberg |
SSU – WordPress Amazon S3 & Wasabi Smart File Uploads Plugin | wp-s3-smart-upload |
Sticky Anything | toast-stick-anything |
StreamWeasels Twitch Integration | streamweasels-twitch-integration |
Survey Maker – Customer Satisfaction Survey, Chat Survey, Calculaton Form, Payment Surveys | survey-maker |
Table Rate Shipping Method for WooCommerce by Flexible Shipping | flexible-shipping |
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) | the-pack-addon |
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce | the-plus-addons-for-elementor-page-builder |
The Plus Blocks for Block Editor | Gutenberg |
Timetable and Event Schedule by MotoPress | mp-timetable |
Tutor LMS – eLearning and online course solution | tutor |
Ultimate 410 Gone Status Code | ultimate-410 |
Ultimate Blocks – WordPress Blocks Plugin | ultimate-blocks |
User Meta – User Profile Builder and User management plugin | user-meta |
USPS Shipping for WooCommerce – Live Rates | flexible-shipping-usps |
Video Conferencing with Zoom | video-conferencing-with-zoom-api |
VikRentCar Car Rental Management System | vikrentcar |
Vision – Image Map Builder | vision |
Vitepos – Point of sale (POS) plugin for WooCommerce | vitepos-lite |
VK Block Patterns | vk-block-patterns |
VOD Infomaniak | vod-infomaniak |
Wallet for WooCommerce – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds | woo-wallet |
Widget Post Slider | widget-post-slider |
WooCommerce Amazon Affiliates - Wordpress Plugin | woozone |
WooCommerce Shipping Label | shipping-labels-for-woo |
WordPress Ad Widget | ad-widget |
WordPress Backup & Migration | wp-migration-duplicator |
WP ADA Compliance Check Basic – Most Comprehensive Web Accessibility Solution for WordPress | wp-ada-compliance-check-basic |
WP Club Manager – WordPress Sports Club Plugin | wp-club-manager |
WP Datepicker | wp-datepicker |
WP Fusion Lite – Marketing Automation and CRM Integration for WordPress | wp-fusion-lite |
WP GoToWebinar | wp-gotowebinar |
WP LinkedIn Auto Publish | wp-linkedin-auto-publish |
WP Masquerade | wp-masquerade |
WP Media Category Management | wp-media-category-management |
WP Migrate Pro | wp-migrate-db-pro |
WP Page Post Widget Clone | wp-page-post-widget-clone |
WP Prayer | wp-prayer |
WP Shortcodes Plugin — Shortcodes Ultimate | shortcodes-ultimate |
WP SMTP | wp-smtp |
WP STAGING Pro WordPress Backup Plugin | wp-staging-pro |
WP STAGING WordPress Backup Plugin – Migration Backup Restore | wp-staging |
WP Time Slots Booking Form | wp-time-slots-booking-form |
WP Travel Engine – Best Travel Booking WordPress Plugin, Tour Booking System | wp-travel-engine |
WP ULike – Most Advanced WordPress Marketing Toolkit | wp-ulike |
WP-Lister Lite for eBay | wp-lister-for-ebay |
WP-Members Membership Plugin | wp-members |
WP-Recall – Registration, Profile, Commerce & More | wp-recall |
WPC Composite Products for WooCommerce | wpc-composite-products |
WPCal.io – Easy Meeting Scheduler | wpcal |
WPPizza – A Restaurant Plugin | wppizza |
WPZOOM Addons for Elementor (Templates, Widgets) | wpzoom-elementor-addons |
XforWooCommerce | xforwoocommerce |
XStore Core | et-core-plugin |
YITH WooCommerce Compare | yith-woocommerce-compare |
Software Name | Software Slug |
---|---|
Accountra | accountra |
Althea WP | althea-wp |
Blocksy | blocksy |
Brite | brite |
Calliope | calliope |
Colibri WP | colibri-wp |
ColorNews | colornews |
Elevate WP | elevate-wp |
Financio | financio |
Hugo WP | hugo-wp |
Intrace | intrace |
Pathway | pathway |
Photology | photology |
Royal Elementor Kit | royal-elementor-kit |
Startupzy | startupzy |
Teluro | teluro |
Travey | travey |
uDesign - Responsive WordPress Theme | u-design |
Vertice | vertice |
Virtue | virtue |
WP Portfolio | wp-portfolio |
XStore | xstore |
Zeever | zeever |
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you'd like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32809
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ActiveDEMAND
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33644
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Customify Site Library
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33544
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32709
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP-Recall – Registration, Profile, Commerce & More
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33559
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
10.0
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33551
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33568
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-3342
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Timetable and Event Schedule by MotoPress
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33546
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32710
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP-Recall – Registration, Profile, Commerce & More
Researcher
9.9
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33556
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33567
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33566
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Admin and Customer Messages After Order for WooCommerce: OrderConvo
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-3962
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Product Addons & Fields for WooCommerce
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32959
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Image Optimizer, Resizer and CDN – Sirv
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-30225
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WP Migrate Pro
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33560
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33553
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33552
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
9.3
CVSS Rating
Critical (9.3)
CVE-ID
CVE-2024-32830
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-3060
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
ENL Newsletter
Researcher
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32954
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Newsletters
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32706
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33541
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Better Elementor Addons
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32960
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Booking Ultra Pro Appointments Booking Calendar Plugin
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33641
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Custom field finder
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3499
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ElementsKit Elementor addons and Templates Library
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3500
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
ElementsKit Pro
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-30229
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
GiveWP – Donation Plugin and Fundraising Platform
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3293
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
rtMedia for WordPress, BuddyPress and bbPress
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33549
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3895
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
WP Datepicker
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33550
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WP Masquerade
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-1797
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WP ULike – Most Advanced WordPress Marketing Toolkit
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33628
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XforWooCommerce
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33564
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33557
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
8.1
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-32703
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
7.5
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-32729
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ChatBot Conversational Forms
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3715
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Database for Contact Form 7, WPforms, Elementor forms
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32835
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Export and Import Users and Customers
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32817
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Import and export users and customers
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3047
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
PDF Invoices & Packing Slips for WooCommerce
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3045
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
PDF Invoices & Packing Slips for WooCommerce
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33634
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor Pro
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3231
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Popup4Phone
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33592
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32807
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Brevo for WooCommerce
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33646
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Sticky Anything
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2023-34423
Patch Status
Patched
Published
Apr 27, 2024
Affected Software
Survey Maker – Customer Satisfaction Survey, Chat Survey, Calculaton Form, Payment Surveys
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-1789
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP SMTP
Researcher
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32836
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP-Lister Lite for eBay
Researcher
7.1
CVSS Rating
High (7.1)
CVE-ID
CVE-2024-1945
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32725
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32814
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Advanced Local Pickup for WooCommerce
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3734
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
FOX – Currency Switcher Professional for WooCommerce
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32813
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-2798
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Addons and Templates
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3553
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Researcher
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-33558
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32831
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Accessibility Widget
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33643
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Advanced Most Recent Posts Mod
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33629
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Auto Featured Image (Auto Post Thumbnail)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32961
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Blocksy
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3747
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Blocksy
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3337
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Colibri Page Builder
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-7030
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Collapse-O-Matic
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33540
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
ColorNews
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3929
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32819
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Culqi
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32775
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Embed Google Photos album
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4003
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3728
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2750
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3985
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3489
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32955
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
FV Flowplayer Video Player
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3732
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3588
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Getwid – Gutenberg Blocks
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3890
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Happy Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3819
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Jeg Elementor Kit
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33590
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Knowledge Base documentation & wiki plugin – BasePress Docs
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33649
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Opal Widgets For Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4035
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33630
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33631
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor Pro
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3239
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32791
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Premium Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3885
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Premium Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3647
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Premium Addons for Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33640
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Pretty Google Calendar
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-30241
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3309
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Qi Addons For Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-29811
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3665
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Rank Math SEO with AI SEO Tools
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33648
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Recencio Book Reviews
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32956
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
RomethemeKit For Elementor
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3889
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Addons and Templates
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3675
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Addons and Templates
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2799
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Addons and Templates
Researchers
João Pedro Soares de Alcântara
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33684
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Save as PDF Plugin by Pdfcrowd
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3491
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Schema & Structured Data for WP & AMP
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3988
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1959
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Social Sharing Plugin – Social Warfare
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32718
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3199
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3197
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3677
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Ultimate 410 Gone Status Code
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4034
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Virtue
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33537
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP Portfolio
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3548
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
WP Shortcodes Plugin — Shortcodes Ultimate
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1572
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WP ULike – Most Advanced WordPress Marketing Toolkit
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1759
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WP ULike – Most Advanced WordPress Marketing Toolkit
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2838
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
WPC Composite Products for WooCommerce
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2477
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Comments – wpDiscuz
Researcher
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33539
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WPZOOM Addons for Elementor (Templates, Widgets)
Researcher
6.3
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-33555
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32702
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3823
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3822
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-28002
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Cornerstone
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33645
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Easy Set Favicon
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-0905
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Fancy Product Designer
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3473
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Header Footer Code Manager Pro
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3681
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Interactive World Maps
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32952
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Max Addons Pro for Bricks
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33633
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor Pro
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32789
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Seers | GDPR & CCPA Cookie Consent & Compliance
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32958
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Slash Admin
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32785
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4077
Patch Status
Unpatched
Published
Apr 23, 2024
Affected Software
uDesign - Responsive WordPress Theme
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33584
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Video Conferencing with Zoom
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33571
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
VOD Infomaniak
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33548
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32950
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP Media Category Management
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33562
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33554
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore Core
Researcher
5.5
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-33627
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
AGCA – Custom Dashboard & Login Page
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32714
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Academy LMS – eLearning and online course solution for WordPress
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3340
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Colibri Page Builder
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33542
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Crelly Slider
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32711
Patch Status
Patched
Published
Apr 22, 2024
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3730
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Simple Membership
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3994
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Tutor LMS – eLearning and online course solution
Researcher
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3241
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Ultimate Blocks – WordPress Blocks Plugin
Researchers
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32783
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Advanced Testimonial Carousel for Elementor
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-1584
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy)
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32720
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Appointment Hour Booking – WordPress Booking Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32776
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
AppPresser – Mobile App Framework
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32948
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33538
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Assistant – Every Day Productivity Apps
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33565
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32777
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Print or PDF WooCommerce Order Receipts, Invoices, Labels & More.
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3678
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Blog2Social: Social Media Auto Post & Scheduler
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32802
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3893
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Classified Listing – Classified ads & Business Directory Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33652
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Client Dash
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3870
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Contact Form 7 Database Addon – CFDB7
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32784
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
CookieHub – Cookie Consent Banner (DSGVO, CCPA, RGPD and GDPR compliance)
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33591
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Easy Accept Payments via PayPal
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32799
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Easy Property Listings
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32781
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Email Customizer for WooCommerce | Drag and Drop Email Templates Builder
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3733
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32788
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
FG Joomla to WordPress
Researcher(s): Unknown
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32726
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Frontend Dashboard
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32827
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers
Researcher
Brandon James Roldan (tomorrowisnew)
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32792
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Hummingbird – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32949
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33594
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Leaky Paywall
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32832
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Login with phone number
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32708
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Maintenance Mode
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32951
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Max Addons Pro for Bricks
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32953
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Newsletters
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33586
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Photo Gallery by 10Web – Mobile-Friendly Image Gallery
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33635
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor Pro
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3897
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Popup Box – Best WordPress Popup Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32816
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Gutenberg Blocks, Page Builder – ComboBlocks
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32774
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32823
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Rate My Post – Star Rating Plugin by FeedbackWP
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32727
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
RomethemeForm For Elementor
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32786
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Addons and Templates
Researcher
Brandon James Roldan (tomorrowisnew)
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33587
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Secure Copy Content Protection and Content Locking
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3585
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Send PDF for Contact Form 7
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32724
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy
Researcher(s): Unknown
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32825
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Simply Static
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32805
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33637
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Solid Affiliate
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33597
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
SSU – WordPress Amazon S3 & Wasabi Smart File Uploads Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32716
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
StreamWeasels Twitch Integration
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2023-35764
Patch Status
Patched
Published
Apr 27, 2024
Affected Software
Survey Maker – Customer Satisfaction Survey, Chat Survey, Calculaton Form, Payment Surveys
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33575
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
User Meta – User Profile Builder and User management plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32811
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
USPS Shipping for WooCommerce – Live Rates
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32780
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
VikRentCar Car Rental Management System
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32779
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Vision – Image Map Builder
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32826
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
VK Block Patterns
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33545
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32719
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP Club Manager – WordPress Sports Club Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32796
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP Fusion Lite – Marketing Automation and CRM Integration for WordPress
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3682
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP STAGING WordPress Backup Plugin – Migration Backup Restore
WP STAGING Pro WordPress Backup Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33543
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP Time Slots Booking Form
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32798
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP Travel Engine – Best Travel Booking WordPress Plugin, Tour Booking System
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2920
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WP-Members Membership Plugin
Researcher
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33561
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32723
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Advanced Floating Content Lite
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33642
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Advanced Post List
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32815
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
All-in-one Like Widget
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33598
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Annual Archive
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33697
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
CF7 File Download – File Download for CF7
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3338
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Colibri Page Builder
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32722
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Coupon & Discount Code Reveal Button
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33695
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Fan Page Widget by ThemeNcode
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2324
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
FileOrganizer – Manage WordPress and Website Files
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4234
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Filterable Portfolio
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2258
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3630
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32707
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Image Slider
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32833
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
List Custom Taxonomy Widget
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33693
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Meks Smart Social Widget
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33694
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Meks ThemeForest Smart Widget
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3634
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
month name translation benaceur
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2744
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3580
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Popup4Phone
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33639
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
PopupAlly
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33692
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Smart Recent Posts Widget
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32584
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
Wallet for WooCommerce – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32801
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Widget Post Slider
Researcher
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33696
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
WordPress Ad Widget
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1716
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Admin Bar Editor – Hide Toolbar by User Roles
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32704
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32705
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ARforms
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3824
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
Base64 Encoder/Decoder
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33678
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
ClickCease Click Fraud Protection
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4086
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
CM Tooltip Glossary
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33686
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Colibri WP
Elevate WP
Althea WP
Hugo WP
Pathway
Brite
Vertice
Teluro
Calliope
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33677
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Contact Form 7 Extension For Mailchimp
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32778
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32829
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Data Tables Generator by Supsystic
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-0900
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Elespare – News, Magazine and Blog Elements & Blog Addons for Elementor with Header Footer Builder. One Click Import: No Coding Required!
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33573
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
EPROLO Dropshipping
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32824
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33679
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
FameTheme Demo Importer
Researcher
Brandon James Roldan (tomorrowisnew)
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33690
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Financio
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33596
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Five Star Restaurant Reservations – WordPress Booking Plugin
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32828
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Table Rate Shipping Method for WooCommerce by Flexible Shipping
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32806
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Headline Analyzer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33683
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Hide Dashboard Notifications
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3629
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3631
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
HL Twitter
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32782
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
HT Mega – Absolute Addons For Elementor
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32701
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
InstaWP Connect – 1-click WP Staging & Migration
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33589
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
KB Support – WordPress Help Desk and Knowledge Base
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33588
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Knowledge Base documentation & wiki plugin – BasePress Docs
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33680
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
MainWP Child Reports
Researcher
Brandon James Roldan (tomorrowisnew)
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33595
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33570
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33651
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
MF Gig Calendar
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4233
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Arconix Shortcodes
Arconix FAQ
Print Invoice & Delivery Notes for WooCommerce
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33685
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Intrace
Travey
Startupzy
Zeever
Photology
Accountra
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32957
Patch Status
Patched
Published
Apr 23, 2024
Affected Software
Page Builder: Live Composer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32728
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33585
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Payment Gateway Based Fees and Discounts for WooCommerce
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33632
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Piotnet Addons For Elementor Pro
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32812
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Podlove Podcast Publisher
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32712
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Podlove Podcast Publisher
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33691
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32772
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32808
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ProfileGrid – User Profiles, Groups and Communities
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3607
Patch Status
Patched
Published
Apr 24, 2024
Affected Software
PropertyHive
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3664
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Quick Featured Images
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33689
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Radio Station by netmix® – Manage and play your Show Schedule in WordPress!
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32822
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Reviews Plus
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32773
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Royal Elementor Kit
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-2429
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Salon Booking System
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32717
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
SchedulePress – Best Editorial Calendar, Missed Schedule & Auto Social Share
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32787
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Secure Copy Content Protection and Content Locking
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33650
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Serious Slider
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32810
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
ShortPixel Critical CSS
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33593
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Smart Forms – when you need more than just a contact form
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33638
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
Smart Maintenance Mode
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3748
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
SP Project & Document Manager
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3749
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
SP Project & Document Manager
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3107
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
Spectra – WordPress Gutenberg Blocks
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33572
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
The Plus Blocks for Block Editor | Gutenberg
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32821
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Poll | Vote | Contest – Best Poll Plugin for WordPress
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33574
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Vitepos – Point of sale (POS) plugin for WooCommerce
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3546
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WordPress Backup & Migration
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32818
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
MDTF – Meta Data and Taxonomies Filter
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32947
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP ADA Compliance Check Basic – Most Comprehensive Web Accessibility Solution for WordPress
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33682
Patch Status
Unpatched
Published
Apr 26, 2024
Affected Software
Cookie Information | Free GDPR Consent Solution
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32804
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP GoToWebinar
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32797
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WP LinkedIn Auto Publish
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33636
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WP Page Post Widget Clone
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3407
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3406
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3405
Patch Status
Unpatched
Published
Apr 24, 2024
Affected Software
WP Prayer
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32795
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WPCal.io – Easy Meeting Scheduler
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33576
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
WPPizza – A Restaurant Plugin
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33547
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
WooCommerce Amazon Affiliates - Wordpress Plugin
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33563
Patch Status
Unpatched
Published
Apr 25, 2024
Affected Software
XStore
Researcher
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32699
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
YITH WooCommerce Compare
Researcher
3.3
CVSS Rating
Low (3.3)
CVE-ID
CVE-2024-32834
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
WooCommerce Shipping Label
Researcher
2.7
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-3034
Patch Status
Patched
Published
Apr 26, 2024
Affected Software
BackUpWordPress
Researcher
2.7
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-4214
Patch Status
Patched
Published
Apr 25, 2024
Affected Software
Car Dealer (Dealership) and Vehicle sales
Researcher
2.7
CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-32790
Patch Status
Patched
Published
Apr 22, 2024
Affected Software
Pricing Table by Supsystic
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024) appeared first on Wordfence.