CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.4%
_ Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and theWordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: _
Last week, there were 211 vulnerabilities disclosed in 204 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 43 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 19,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Patch Status | Number of Vulnerabilities |
---|---|
Patched | 81 |
Unpatched | 130 |
Severity Rating | Number of Vulnerabilities |
---|---|
Medium Severity | 192 |
High Severity | 10 |
Critical Severity | 9 |
Vulnerability Type by CWE | Number of Vulnerabilities |
---|---|
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | 117 |
Cross-Site Request Forgery (CSRF) | 41 |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) | 20 |
Unrestricted Upload of File with Dangerous Type | 9 |
Missing Authorization | 6 |
Exposure of Sensitive Information to an Unauthorized Actor | 4 |
Authentication Bypass Using an Alternate Path or Channel | 2 |
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) | 2 |
Improper Control of Generation of Code (‘Code Injection’) | 2 |
Authorization Bypass Through User-Controlled Key | 1 |
External Control of File Name or Path | 1 |
Improper Access Control | 1 |
Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’) | 1 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) | 1 |
Insertion of Sensitive Information into Log File | 1 |
Missing Authentication for Critical Function | 1 |
Server-Side Request Forgery (SSRF) | 1 |
Researcher Name | Number of Vulnerabilities |
---|---|
SOPROBRO | 74 |
Gab | 21 |
LVT-tholv2k | 14 |
stealthcopter | 9 |
Francesco Carlucci | 8 |
Peter Thaleikis | 8 |
theviper17y | 8 |
vgo0 | 6 |
Trương Hữu Phúc (truonghuuphuc) | 4 |
Khalid Yusuf | 4 |
Dmitrii Ignatyev | 4 |
zer0gh0st | 4 |
João Pedro Soares de Alcântara | 4 |
Joshua Chan | 3 |
Michael | 3 |
István Márton | 3 |
Colin Xu | 3 |
floerer | 2 |
Bob Matyas | 2 |
Arkadiusz Hydzik | 2 |
Jonas Höbenreich | 2 |
Dmitry Derr | 2 |
Thies Lukas | 2 |
Zlrqh | 2 |
Ankit Patel | 2 |
C_T_R_L | 1 |
Lesor101 | 1 |
ghsinfosec | 1 |
stehled | 1 |
Marek Mikita | 1 |
Rafie Muhammad | 1 |
Roby Firnando Yusuf | 1 |
Rafshanzani Suhada | 1 |
Ananda Dhakal | 1 |
thiennv | 1 |
ardias | 1 |
Certus Cybersecurity | 1 |
Felipe Caon | 1 |
Webbernaut | 1 |
casol | 1 |
João G. Barbosa (4rCanJ0x!) | 1 |
TANG Cheuk Hei (siunam) | 1 |
Vijaysimha Reddy (vijaysimha) | 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
Software Name | Software Slug |
---|---|
(dp) AddThis | dp-addthis |
3D Presentation | 3d-presentation |
Aajoda Testimonials | aajoda-testimonials |
Accordion title for Elementor | accordion-title-for-elementor |
Addressbook | addressbook |
Admin SMS Alert | admin-sms-alert |
Administrator Z | administrator-z |
Advanced Control Manager for WordPress by ItalyStrap | advanced-control-manager |
Advanced PDF Generator | advanced-pdf-generator |
affiliate-toolkit – WP Affiliate Plugin with Amazon | affiliate-toolkit-starter |
AI Power: Complete AI Pack | gpt3-ai-content-generator |
All Post Contact Form | allpost-contactform |
Alley Elementor Widget | alley-elementor-widget |
AmaDiscount Plugin | amadiscount |
amazing neo icon font for elementor | amazing-neo-icon-font-for-elementor |
Amazon Associate Filter | amazon-associate-filter |
AMP Img Shortcode | amp-img-shortcode |
Ancient World Linked Data for WordPress | ancient-world-linked-data-for-wordpress |
APK Downloader | apk-downloader |
Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress | bookingpress-appointment-booking |
Appointmind | appointmind |
Arconix Shortcodes | arconix-shortcodes |
aThemes Addons for Elementor | athemes-addons-for-elementor-lite |
Audio Comparison Lite | audio-comparison-lite |
Awesome Progress Bar | awesome-progess-bar |
Awesome Shortcodes For Genesis | awesome-shortcodes-for-genesis |
AwesomePress | awesomepress |
BBP Core – Expand bbPress powered forums with useful features | bbp-core |
Beaver Builder – WordPress Page Builder | beaver-builder-lite-version |
Beds24 Online Booking | beds24-online-booking |
BetterLinks – An Advanced Plugin for Affiliate Links, Link Shortening, Link Tracking, Link Branding & Marketing | betterlinks |
Bigmart Elements | bigmart-elements |
Black Widgets For Elementor | black-widgets |
Blrt WP Embed | blrt-wp-embed |
Bonway Static Block Editor | bonway-static-block-editor |
bpmn.io | bpmnio |
Bricksable for Bricks Builder | bricksable |
BTEV | bluetrait-event-viewer |
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg |
Classy Addons for Elementor | classy-addons-for-elementor |
Clever Addons for Elementor | cafe-lite |
Clyp | clyp |
CM Table Of Contents – WordPress TOC Plugin | cm-table-of-content |
Code Explorer | code-explorer |
Cresta Addons for Elementor | cresta-addons-for-elementor |
Crypto Tool | crypto |
Custom Admin Menu | custom-admin-menu |
Custom Author URL | author-slug |
Custom post type templates for Elementor | custom-post-type-templates-for-elementor |
DataMentor – Best DataTables Plugin for Elementor | datamentor |
Definitive Addons for Elementor | definitive-addons-for-elementor |
Delisho – Recipe Widgets and Blocks | dr-widgets-blocks |
Display Terms Shortcode | display-terms-shortcode |
Ditty – Responsive News Tickers, Sliders, and Lists | ditty-news-ticker |
Domain Sharding | domain-sharding |
Download Monitor | download-monitor |
Download-Mirror-Counter | wp-download-mirror-counter |
Dynamic Widgets | dynamic-widgets |
e-shopsカート2 | e-shops-cart2 |
Easy Accordion Gutenberg Block | easy-accordion-block |
Easy Gallery | simple-gallery-odihost |
Easy SVG Upload | easy-svg-upload |
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) | bdthemes-element-pack-lite |
Elementary Addons | elementary-addons |
Elo Rating Shortcode | elo-rating-shortcode |
Emoji Shortcode | emoji-shortcode |
Enable Shortcodes inside Widgets,Comments and Experts | enable-shortcodes-inside-widgetscomments-and-experts |
EndomondoWP | endomondowp |
Events Manager Pro – extended | events-manager-pro-extended |
Exclusive Addons for Elementor | exclusive-addons-for-elementor |
Extender All In One For Elementor | extender-all-in-one-for-elementor |
EzyOnlineBookings Online Booking System Widget | ezyonlinebookings-online-booking-system |
Featured Posts Scroll | featured-posts-scroll |
FileOrganizer – Manage WordPress and Website Files | fileorganizer |
Flash Show And Hide Box | flash-show-and-hide-box |
Forminator Forms – Contact Form, Payment Form & Custom Form Builder | forminator |
FraudLabs Pro SMS Verification | fraudlabs-pro-sms-verification |
GDReseller | gdreseller |
Genoo | genoo |
Get Quote For Woocommerce – Request A Quote For Woocommerce | get-a-quote-for-woocommerce |
Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) | gift-voucher |
Gmap Point List | gmap-point-list |
Golf Tracker | golf-tracker |
Group Chat & Video Chat by AtomChat | atomchat |
Gutenberg Blocks with AI by Kadence WP – Page Builder Features | kadence-blocks |
Header Footer Composer for Elementor | header-footer-composer |
Hoo Addons for Elementor | hoo-addons-for-elementor |
Hover Video Preview | hover-video-preview |
HT Builder – WordPress Theme Builder for Elementor | ht-builder |
HT Politic – For Political WordPress Themes / Website | wp-politic |
ID-SK Toolkit | idsk-toolkit |
Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation | zero-bs-crm |
Jetpackcrm Ext Woo Connect | jetpackcrm-ext-woo-connect |
Jigoshop – Store Exporter | jigoshop-exporter |
JS Help Desk – The Ultimate Help Desk & Support Plugin | js-support-ticket |
Kata Plus – Addons for Elementor – Widgets, Extensions and Templates | kata-plus |
Kento Ads Rotator | kento-ads-rotator |
Knowledge Base | knowledgebase |
LH QR Codes | lh-qr-codes |
Lodgix.com Vacation Rental Website Builder | lodgixcom-vacation-rental-listing-management-booking-plugin |
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) | magical-addons-for-elementor |
MailPoet – Newsletters, Email Marketing, and Automation | mailpoet |
Manage User Columns | manage-user-columns |
Market 360 Viewer | market-360-viewer |
Marquee Elementor with Posts | marquee-elementor |
MasterBip para Elementor | masterbip-for-elementor |
Masteriyo LMS – eLearning and Online Course Builder for WordPress | learning-management-system |
MDR Webmaster Tools | mdr-webmaster-tools |
Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO – Media Library Tools | media-library-tools |
Media Library Assistant | media-library-assistant |
Media Modal | media-modal |
Meta Store Elements | meta-store-elements |
ML Responsive Audio player with playlist Shortcode | mlr-audio |
Mobilize | mobilize |
Move Addons for Elementor | move-addons |
Multi Purpose Mail Form | multi-purpose-mail-form |
Multiple Page Generator Plugin – MPG | multiple-pages-generator-by-porthas |
MyCurator Content Curation | mycurator |
MyOrderDesk | myorderdesk |
Naver Blog | naver-blog-api |
Newsletters | newsletters-lite |
NMR Strava activities | nmr-strava-activities |
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | otter-blocks |
Paytium: Mollie payment forms & donations | paytium |
Platform.ly Official | platformly |
Plug your WooCommerce into the largest catalog of customized print products from Helloprint | helloprint |
Plugin Name: GMO Social Connection | gmo-social-connection |
Porsline | porsline |
Post Status Notifier | post-status-notifier |
Post Status Notifier Lite | post-status-notifier-lite |
Premium Addons for Elementor | premium-addons-for-elementor |
Pricer Ninja: Create and add responsive Pricing Tables to your website on-the-fly | pricer-ninja-pricing-tables |
Pricing Tables WordPress Plugin – Easy Pricing Tables | easy-pricing-tables |
Quran Shortcode | quran-shortcode |
Random Featured Post | random-featured-post-plugin |
ReCaptcha Integration for WordPress | wp-recaptcha-integration |
Reftagger Shortcode | reftagger-shortcode |
Responsive Flickr Gallery | responsive-flickr-gallery |
Restaurant & Cafe Addon for Elementor | restaurant-cafe-addon-for-elementor |
RLM Elementor Widgets Pack | rlm-elementor-widgets-pack |
RSVP ME | rsvp-me |
RSVPMaker for Toastmasters | rsvpmaker-for-toastmasters |
Sales Page Addon – Elementor & Beaver Builder | sales-page-addon |
Sastra Essential Addons for Elementor – Free Elementor Addons, Widgets and Templates | sastra-essential-addons-for-elementor |
Selar.co Widget | selar-co-widget |
Seo Free | seo-free |
SEO Plugin by Squirrly SEO | squirrly-seo |
SEUR Oficial | seur |
SH Slideshow | sh-slideshow |
Show Visitor IP Address | show-visitor-ip-address |
Sided | sided |
Simple Business Manager | simple-business-manager |
Simple Goods | simple-goods |
Simple Job Manager | simple-job-manager |
Simple Page Specific Sidebars | page-specific-sidebars |
SIP Reviews Shortcode for WooCommerce | sip-reviews-shortcode-woocommerce |
Skip To | skip-to |
SKSDEV Toolkit | sksdev-toolkit |
Slicko | slicko-for-elementor |
Smart Mockups | smart-mockups |
SmartLink Dynamic URLs | smartlink-dinamic-urls |
SMS Alert Order Notifications – WooCommerce | sms-alert |
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder | stacks-mobile-app-builder |
Stars SMTP Mailer | stars-smtp-mailer |
Step by Step | step-by-step |
Sticky Social Bar | sticky-social-bar |
StreamWeasels Kick Integration | streamweasels-kick-integration |
StreamWeasels YouTube Integration | streamweasels-youtube-integration |
Subscribe to Comments | subscribe-to-comments |
Super Addons for Elementor | super-addons-for-elementor |
T(-) Countdown | t-countdown |
Themedy Toolbox | themedy-toolbox |
ThemeFuse Maintenance Mode | themefuse-maintenance-mode |
ThemeShark Templates & Widgets for Elementor | themeshark-elementor |
TradeMe widgets | trademe-widget |
Training – Courses | training |
Twitter @Anywhere Plus | twitter-anywhere-plus |
Ultimate TinyMCE | ultimate-tinymce |
UPDATE NOTIFICATIONS | update-notifications |
W3P SEO | wp-perfect-plugin |
W3SPEEDSTER | w3speedster-wp |
Webriti Custom Login | webriti-custom-login-page |
Website price calculator | price-calculator-to-your-website |
WeChat Subscribers Lite 微信公众订阅号插件 | wechat-subscribers-lite |
While Loading | while-it-is-loading |
Widget or Sidebar Shortcode | widget-or-sidebar-per-shortcode |
WM Zoom | wm-zoom |
Woo Manage Fraud Orders | woo-manage-fraud-orders |
Woocommerce Quote Calculator | woo-quote-calculator-order |
WordPress Business Plugin | business |
World Prayer Time | world-prayer-time |
WP Baidu Map | wp-baidu-map |
WP Course Manager | wp-course-manager |
WP EASY RECIPE | wp-easy-recipe |
WP EIS | wp-eis |
WP Feature Box | wp-feature-box |
WP Hotel Booking | wp-hotel-booking |
WP Pocket URLs | wp-pocket-urls |
WP Simple Anchors Links | wp-simple-anchors-links |
WP Team – WordPress Team Member Plugin | ht-team-member |
WPAdverts – Classifieds Plugin | wpadverts |
WPC Smart Messages for WooCommerce | wpc-smart-messages |
WPGlobus Translate Options | wpglobus-translate-options |
Курс валют UAH | ukrainian-currency |
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10392
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
AI Power: Complete AI Pack
Researcher
vgo0
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-50523
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
All Post Contact Form
Researcher
stealthcopter
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9989
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Crypto Tool
Researcher
István Márton
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9988
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Crypto Tool
Researcher
István Márton
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-50526
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Multi Purpose Mail Form
Researcher
stealthcopter
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-50525
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
Plug your WooCommerce into the largest catalog of customized print products from Helloprint
Researcher
stealthcopter
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-50531
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
RSVPMaker for Toastmasters
Researcher
stealthcopter
More Details >
9.8
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-50527
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder
Researcher
stealthcopter
More Details >
9.1
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-8512
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
W3SPEEDSTER
Researcher
Lesor101
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-9990
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Crypto Tool
Researcher
István Márton
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10008
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Masteriyo LMS – eLearning and Online Course Builder for WordPress
Researcher
floerer
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-50530
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Stars SMTP Mailer
Researcher
stealthcopter
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-50529
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Training – Courses
Researcher
stealthcopter
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-51582
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WP Hotel Booking
Researcher
ghsinfosec
More Details >
8.8
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10436
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
WPC Smart Messages for WooCommerce
Researcher
theviper17y
More Details >
7.5
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-7985
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
FileOrganizer – Manage WordPress and Website Files
Researcher
TANG Cheuk Hei (siunam)
More Details >
7.3
CVSS Rating
High (7.3)
CVE-ID
CVE-2024-9846
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
Enable Shortcodes inside Widgets,Comments and Experts
Researcher
Francesco Carlucci
More Details >
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-51661
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Media Library Assistant
Researcher
Certus Cybersecurity
More Details >
7.2
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-10108
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
WPAdverts – Classifieds Plugin
Researcher
Arkadiusz Hydzik
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51579
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg
Researcher
Trương Hữu Phúc (truonghuuphuc)
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-50524
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Administrator Z
Researcher
stealthcopter
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51608
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
AmaDiscount Plugin
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51606
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Blrt WP Embed
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51621
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Download-Mirror-Counter
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51570
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Easy Gallery
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51607
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Golf Tracker
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-50539
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Lodgix.com Vacation Rental Website Builder
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51619
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Market 360 Viewer
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51620
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Porsline
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51625
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Quran Shortcode
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-50544
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
RSVP ME
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51602
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Simple Job Manager
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-6479
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
SIP Reviews Shortcode for WooCommerce
Researchers
Jonas Höbenreich
Dmitry Derr
Thies Lukas
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51601
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Website price calculator
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51626
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Woocommerce Quote Calculator
Researcher
LVT-tholv2k
More Details >
6.5
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51623
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WP EIS
Researcher
LVT-tholv2k
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50540
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
(dp) AddThis
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51578
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
3D Presentation
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51614
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Aajoda Testimonials
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51685
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Accordion title for Elementor
Researcher
Michael
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50541
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Advanced Control Manager for WordPress by ItalyStrap
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10227
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
affiliate-toolkit – WP Affiliate Plugin with Amazon
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50521
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Alley Elementor Widget
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50543
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
amazing neo icon font for elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51576
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
AMP Img Shortcode
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50520
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Ancient World Linked Data for WordPress
Researcher
Zlrqh
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10226
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Arconix Shortcodes
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51675
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
aThemes Addons for Elementor
Researcher
Khalid Yusuf
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10232
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Group Chat & Video Chat by AtomChat
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51627
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Audio Comparison Lite
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50548
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Awesome Progress Bar
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51616
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
AwesomePress
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9505
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Beaver Builder – WordPress Page Builder
Researcher
zer0gh0st
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51589
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Bigmart Elements
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51662
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Black Widgets For Elementor
Researcher
João Pedro Soares de Alcântara
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9388
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Black Widgets For Elementor
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50549
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Bonway Static Block Editor
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51577
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
bpmn.io
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51596
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WordPress Business Plugin
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50553
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Classy Addons for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51580
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Clever Addons for Elementor
Researcher
João Pedro Soares de Alcântara
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51617
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Clyp
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51680
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Cresta Addons for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51618
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Custom Admin Menu
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51683
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Custom post type templates for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50545
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
DataMentor – Best DataTables Plugin for Elementor
Researcher
Michael
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51587
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Definitive Addons for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51676
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Delisho – Recipe Widgets and Blocks
Researcher
Khalid Yusuf
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51610
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Display Terms Shortcode
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9600
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Ditty – Responsive News Tickers, Sliders, and Lists
Researcher
Dmitrii Ignatyev
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9708
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Easy SVG Upload
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10310
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Researcher
zer0gh0st
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51586
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Elementary Addons
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51678
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Elo Rating Shortcode
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51609
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Emoji Shortcode
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50551
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
EndomondoWP
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51575
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Extender All In One For Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51628
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
EzyOnlineBookings Online Booking System Widget
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50536
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
GDReseller
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51605
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Genoo
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9165
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported)
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51594
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Gmap Point List
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9655
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
Researcher
Webbernaut
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51629
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Header Footer Composer for Elementor
Researcher
Michael
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51590
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Hoo Addons for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50552
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Hover Video Preview
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51682
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
HT Builder – WordPress Theme Builder for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51673
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
HT Politic – For Political WordPress Themes / Website
Researcher
Khalid Yusuf
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10223
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
WP Team – WordPress Team Member Plugin
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50517
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
ID-SK Toolkit
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9376
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Kata Plus – Addons for Elementor – Widgets, Extensions and Templates
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51583
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Kento Ads Rotator
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51677
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Knowledge Base
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51572
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
LH QR Codes
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51665
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )
Researcher
João Pedro Soares de Alcântara
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51584
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Marquee Elementor with Posts
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51571
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
MasterBip para Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10000
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Masteriyo LMS – eLearning and Online Course Builder for WordPress
Researcher
floerer
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10482
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO – Media Library Tools
Researcher
Bob Matyas
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51604
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Media Modal
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51592
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Meta Store Elements
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51573
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
ML Responsive Audio player with playlist Shortcode
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50546
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
MyOrderDesk
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10181
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Newsletters
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51603
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
NMR Strava activities
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10367
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10266
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Premium Addons for Elementor
Researcher
zer0gh0st
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50518
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Pricer Ninja: Create and add responsive Pricing Tables to your website on-the-fly
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51612
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Reftagger Shortcode
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51581
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Restaurant & Cafe Addon for Elementor
Researcher
João Pedro Soares de Alcântara
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50542
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
RLM Elementor Widgets Pack
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51585
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Sales Page Addon – Elementor & Beaver Builder
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51674
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Sastra Essential Addons for Elementor – Free Elementor Addons, Widgets and Templates
Researcher
Khalid Yusuf
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51598
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Selar.co Widget
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50538
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Show Visitor IP Address
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50554
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Sided
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51599
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Simple Business Manager
Researcher
C_T_R_L
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51574
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Simple Goods
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6480
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
SIP Reviews Shortcode for WooCommerce
Researchers
Jonas Höbenreich
Dmitry Derr
Thies Lukas
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51595
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
SKSDEV Toolkit
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51591
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Slicko
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50537
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Smart Mockups
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10233
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
SMS Alert Order Notifications – WooCommerce
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50535
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Step by Step
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10185
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
StreamWeasels YouTube Integration
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51588
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Super Addons for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10184
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
StreamWeasels Kick Integration
Researcher
Peter Thaleikis
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9884
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
T(-) Countdown
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50547
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Themedy Toolbox
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51597
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
ThemeShark Templates & Widgets for Elementor
Researcher
Gab
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51613
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
TradeMe widgets
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8627
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
Ultimate TinyMCE
Researcher
Francesco Carlucci
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9885
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
Widget or Sidebar Shortcode
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-50556
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WM Zoom
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9886
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
WP Baidu Map
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51622
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WP EASY RECIPE
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51611
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
WP Feature Box
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51681
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
WP Pocket URLs
Researcher
SOPROBRO
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9446
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
WP Simple Anchors Links
Researcher
theviper17y
More Details >
6.4
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51593
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
Курс валют UAH
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51644
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Addressbook
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51637
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Admin SMS Alert
Researcher
Joshua Chan
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51641
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Advanced PDF Generator
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51643
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Amazon Associate Filter
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51654
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
APK Downloader
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51679
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Appointmind
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51638
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Awesome Shortcodes For Genesis
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9896
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
BBP Core – Expand bbPress powered forums with useful features
Researcher
Colin Xu
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51655
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Custom Author URL
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-50533
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Domain Sharding
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51648
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
e-shopsカート2
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-50532
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Events Manager Pro – extended
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10922
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Featured Posts Scroll
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51656
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Flash Show And Hide Box
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51688
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
FraudLabs Pro SMS Verification
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51636
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Plugin Name: GMO Social Connection
Researcher
Joshua Chan
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-50519
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Jigoshop – Store Exporter
Researcher
Zlrqh
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51640
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
MDR Webmaster Tools
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51649
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Mobilize
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51639
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Naver Blog
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51687
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Platform.ly Official
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10048
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Post Status Notifier
Post Status Notifier Lite
Researcher
Colin Xu
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8871
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Pricing Tables WordPress Plugin – Easy Pricing Tables
Researcher
vgo0
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51650
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Random Featured Post
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8739
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
ReCaptcha Integration for WordPress
Researcher
vgo0
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51630
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Responsive Flickr Gallery
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51642
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Seo Free
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9438
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
SEUR Oficial
Researcher
vgo0
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51632
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
SH Slideshow
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51633
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Simple Page Specific Sidebars
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51652
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Skip To
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51657
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
SmartLink Dynamic URLs
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51631
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Sticky Social Bar
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8792
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Subscribe to Comments
Researcher
vgo0
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51645
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
ThemeFuse Maintenance Mode
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51659
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Twitter @Anywhere Plus
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51653
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
UPDATE NOTIFICATIONS
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51684
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
W3P SEO
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51634
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
Webriti Custom Login
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-50522
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
WeChat Subscribers Lite 微信公众订阅号插件
Researcher
ardias
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51635
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
While Loading
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-50534
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
World Prayer Time
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51658
Patch Status
Unpatched
Published
Nov 1, 2024
Affected Software
WP Course Manager
Researcher
SOPROBRO
More Details >
6.1
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9434
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
WPGlobus Translate Options
Researcher
vgo0
More Details >
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-9868
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows)
Researcher
zer0gh0st
More Details >
5.4
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-7424
Patch Status
Patched
Published
Oct 31, 2024
Affected Software
Multiple Page Generator Plugin – MPG
Researcher
Rafshanzani Suhada
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10540
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress
Researcher
Arkadiusz Hydzik
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9700
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
Forminator Forms – Contact Form, Payment Form & Custom Form Builder
Researcher
Vijaysimha Reddy (vijaysimha)
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9430
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Get Quote For Woocommerce – Request A Quote For Woocommerce
Researcher
stehled
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
Unknown
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Jetpackcrm Ext Woo Connect
Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation
Researcher(s): Unknown
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-50528
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder
Researcher
stealthcopter
More Details >
5.3
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10544
Patch Status
Unpatched
Published
Oct 30, 2024
Affected Software
Woo Manage Fraud Orders
Researcher
Colin Xu
More Details >
4.9
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2024-51672
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
BetterLinks – An Advanced Plugin for Affiliate Links, Link Shortening, Link Tracking, Link Branding & Marketing
Researcher
Marek Mikita
More Details >
4.9
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2023-5816
Patch Status
Unpatched
Published
Oct 29, 2024
Affected Software
Code Explorer
Researcher
Dmitrii Ignatyev
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-51664
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Beds24 Online Booking
Researcher
Roby Firnando Yusuf
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-51663
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Bricksable for Bricks Builder
Researcher
João G. Barbosa (4rCanJ0x!)
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-51670
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
JS Help Desk – The Ultimate Help Desk & Support Plugin
Researcher
casol
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-10103
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
MailPoet – Newsletters, Email Marketing, and Automation
Researcher
Dmitrii Ignatyev
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-51668
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
MyCurator Content Curation
Researcher
Joshua Chan
More Details >
4.4
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-10515
Patch Status
Patched
Published
Oct 30, 2024
Affected Software
SEO Plugin by Squirrly SEO
Researcher
Dmitrii Ignatyev
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10677
Patch Status
Unpatched
Published
Oct 31, 2024
Affected Software
BTEV
Researcher
Bob Matyas
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5030
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
CM Table Of Contents – WordPress TOC Plugin
Researcher
Felipe Caon
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10399
Patch Status
Patched
Published
Oct 29, 2024
Affected Software
Download Monitor
Researcher
Trương Hữu Phúc (truonghuuphuc)
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51669
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Dynamic Widgets
Researcher
Ananda Dhakal
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51660
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Easy Accordion Gutenberg Block
Researcher
Trương Hữu Phúc (truonghuuphuc)
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10312
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
Ankit Patel
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51686
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Manage User Columns
Researcher
thiennv
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10360
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
Move Addons for Elementor
Researcher
Ankit Patel
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51671
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE
Researcher
Rafie Muhammad
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51667
Patch Status
Patched
Published
Nov 1, 2024
Affected Software
Paytium: Mollie payment forms & donations
Researcher
Trương Hữu Phúc (truonghuuphuc)
More Details >
4.3
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10437
Patch Status
Patched
Published
Oct 28, 2024
Affected Software
WPC Smart Messages for WooCommerce
Researcher
Francesco Carlucci
More Details >
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (October 28, 2024 to November 3, 2024) appeared first on Wordfence.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.4%