WordPress Vulnerability Report — February 7, 2024
Since last week, 158 new vulnerabilities emerged in the WordPress ecosystem, including 1 in WordPress core, 1 in themes, and 156 in plugins. 37 of the vulnerable plugins remain unpatched, but Solid Security Pro users are protected by virtual patching from Patchstack.
In this report, 158 vulnerabilities have been publicly disclosed, including 1 in WordPress core patched in the WordPress 6.4.3 update. Security patches for 120 of these plugins and themes are available now, so run those updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 37 plugin vulnerabilities with no patch available yet. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
WordPress Core
WordPress 6.4.3 was released on January 30, 2024, as a short-cycle maintenance and security release with five bug fixes in Core and 16 bug fixes for the Block Editor. It is recommended that you update your sites immediately.
The next major release will be version 6.5, planned for March 26, 2024.
WordPress Core
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 6.4.3
- Severity Score:
- Medium
- CVE:
- 2018-14028
WordPress Plugins — 119 Patched / 37 Unpatched
MW WP Form
- Plugin:
- MW WP Form
- Plugin Slug:
- mw-wp-form
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24804
ACF Photo Gallery Field
- Plugin:
- ACF Photo Gallery Field
- Plugin Slug:
- navz-photo-gallery
- Installations
- 50,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23518
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
- Plugin:
- Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
- Plugin Slug:
- happyforms
- Installations
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23521
Email Before Download
- Plugin:
- Email Before Download
- Plugin Slug:
- email-before-download
- Installations
- 10,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23519
Page Restrict
- Plugin:
- Page Restrict
- Plugin Slug:
- pagerestrict
- Installations
- 10,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24702
Load More Anything
- Plugin:
- Load More Anything
- Plugin Slug:
- ajax-load-more-anything
- Installations
- 6,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24704
MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution
- Plugin Slug:
- dc-woocommerce-multi-vendor
- Installations
- 6,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-24703
OWL Carousel – WordPress Owl Carousel Slider
- Plugin Slug:
- lgx-owl-carousel
- Installations
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24801
Debug
- Plugin:
- Debug
- Plugin Slug:
- debug
- Installations
- 3,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24798
Don’t Muck My Markup
- Plugin:
- Don’t Muck My Markup
- Plugin Slug:
- dont-muck-my-markup
- Installations
- 3,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23510
Ultra Companion – Companion plugin for WPoperation Themes
- Plugin Slug:
- ultra-companion
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24803
Accessibility
- Plugin:
- Accessibility
- Plugin Slug:
- accessibility
- Installations
- 2,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24705
PilotPress
- Plugin:
- PilotPress
- Plugin Slug:
- pilotpress
- Installations
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23524
Cincopa video and media plug-in
- Plugin:
- Cincopa video and media plug-in
- Plugin Slug:
- video-playlist-and-gallery-plugin
- Installations
- 2,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23515
Scheduling Plugin – Online Booking for WordPress
- Plugin Slug:
- calendar-booking
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23517
CC BMI Calculator
- Plugin:
- CC BMI Calculator
- Plugin Slug:
- cc-bmi-calculator
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23516
Click To Tweet
- Plugin:
- Click To Tweet
- Plugin Slug:
- click-to-tweet
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-23514
ERE Recently Viewed – Essential Real Estate Add-On
- Plugin Slug:
- ere-recently-viewed
- Installations
- 1,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-24797
W3SPEEDSTER
- Plugin:
- W3SPEEDSTER
- Plugin Slug:
- w3speedster-wp
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24708
WP-CFM
- Plugin:
- WP-CFM
- Plugin Slug:
- wp-cfm
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24706
Wp-Adv-Quiz
- Plugin:
- Wp-Adv-Quiz
- Plugin Slug:
- advanced-quiz
- Installations
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-5956
A no-code page builder for beautiful performance-based content
- Plugin Slug:
- setka-editor
- Installations
- 200+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24701
Autotitle for WordPress
- Plugin:
- Autotitle for WordPress
- Plugin Slug:
- autotitle-for-wordpress
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-6946
CalculatorPro Calculators
- Plugin:
- CalculatorPro Calculators
- Plugin Slug:
- calculatorpro-calculators
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-24847
Coupon Referral Program
- Plugin:
- Coupon Referral Program
- Plugin Slug:
- coupon-referral-program
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-25100
Custom User CSS
- Plugin:
- Custom User CSS
- Plugin Slug:
- custom-user-css
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-6391
Scroll Triggered Box
- Plugin:
- Scroll Triggered Box
- Plugin Slug:
- dreamgrow-scroll-triggered-box
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24865
JTRT Responsive Tables
- Plugin:
- JTRT Responsive Tables
- Plugin Slug:
- jtrt-responsive-tables
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24802
Mighty Addons for Elementor
- Plugin:
- Mighty Addons for Elementor
- Plugin Slug:
- mighty-addons
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-24846
Order Delivery Date for WP e-Commerce
- Plugin:
- Order Delivery Date for WP e-Commerce
- Plugin Slug:
- order-delivery-date
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-0678
Persian Fonts
- Plugin:
- Persian Fonts
- Plugin Slug:
- persian-fonts
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-7167
Popup More Popups
- Plugin:
- Popup More Popups
- Plugin Slug:
- popup-more
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-0844
Post Thumbnail Editor
- Plugin:
- Post Thumbnail Editor
- Plugin Slug:
- post-thumbnail-editor
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24845
PT Sign Ups
- Plugin:
- PT Sign Ups
- Plugin Slug:
- ptoffice-sign-ups
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-24848
Quicksand Post Filter jQuery Plugin
- Plugin:
- Quicksand Post Filter jQuery Plugin
- Plugin Slug:
- quicksand-jquery-post-filter
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24850
Quicksand Post Filter jQuery Plugin
- Plugin:
- Quicksand Post Filter jQuery Plugin
- Plugin Slug:
- quicksand-jquery-post-filter
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-24849
WordPress Toolbar
- Plugin:
- WordPress Toolbar
- Plugin Slug:
- wordpress-toolbar
- Vulnerability:
- Open Redirection
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-6389
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
- Plugin:
- Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
- Plugin Slug:
- essential-addons-for-elementor-lite
- Installations
- 2,000,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.9.8
- Severity Score:
- Medium
- CVE:
- 2024-0954
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode
- Plugin Slug:
- coming-soon
- Installations
- 900,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 6.15.22
- Severity Score:
- Medium
- CVE:
- 2024-1072
Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress
- Plugin Slug:
- ninja-forms
- Installations
- 800,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 3.7.2
- Severity Score:
- Medium
- CVE:
- 2024-0685
TablePress – Tables in WordPress made easy
- Plugin Slug:
- tablepress
- Installations
- 800,000+
- Vulnerability:
- Server Side Request Forgery (SSRF)
- Patched in Version:
- 2.2.5
- Severity Score:
- Low
- CVE:
- 2024-23825
Premium Addons for Elementor
- Plugin:
- Premium Addons for Elementor
- Plugin Slug:
- premium-addons-for-elementor
- Installations
- 700,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.10.17
- Severity Score:
- Medium
- CVE:
- 2024-24831
SiteOrigin Widgets Bundle
- Plugin:
- SiteOrigin Widgets Bundle
- Plugin Slug:
- so-widgets-bundle
- Installations
- 600,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.58.2
- Severity Score:
- Medium
- CVE:
- 2024-0961
Admin Menu Editor
- Plugin:
- Admin Menu Editor
- Plugin Slug:
- admin-menu-editor
- Installations
- 400,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.12.1
- Severity Score:
- Medium
- CVE:
- 2024-24876
Happy Addons for Elementor
- Plugin:
- Happy Addons for Elementor
- Plugin Slug:
- happy-elementor-addons
- Installations
- 400,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.10.2
- Severity Score:
- Medium
- CVE:
- 2024-24833
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
- Plugin:
- Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
- Plugin Slug:
- formidable
- Installations
- 300,000+
- Vulnerability:
- Content Injection
- Patched in Version:
- 6.7.1
- Severity Score:
- Medium
- CVE:
- 2024-23522
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
- Plugin:
- Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder
- Plugin Slug:
- formidable
- Installations
- 300,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 6.8
- Severity Score:
- Medium
- CVE:
- 2024-0660
Backuply – Backup, Restore, Migrate and Clone
- Plugin Slug:
- backuply
- Installations
- 200,000+
- Vulnerability:
- Directory Traversal
- Patched in Version:
- 1.2.4
- Severity Score:
- Medium
- CVE:
- 2024-0697
Cloudflare
- Plugin:
- Cloudflare
- Plugin Slug:
- cloudflare
- Installations
- 200,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.12.3
- Severity Score:
- Medium
- CVE:
- 2024-0212
Page Builder: Pagelayer – Drag and Drop website builder
- Plugin Slug:
- pagelayer
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.0
- Severity Score:
- Medium
- CVE:
- 2023-5124
Page Builder: Pagelayer – Drag and Drop website builder
- Plugin Slug:
- pagelayer
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.9
- Severity Score:
- Medium
- CVE:
- 2023-6738
SEO Plugin by Squirrly SEO
- Plugin:
- SEO Plugin by Squirrly SEO
- Plugin Slug:
- squirrly-seo
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 12.3.16
- Severity Score:
- Medium
- CVE:
- 2024-0597
Orbit Fox by ThemeIsle
- Plugin:
- Orbit Fox by ThemeIsle
- Plugin Slug:
- themeisle-companion
- Installations
- 200,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.10.29
- Severity Score:
- Medium
- CVE:
- 2024-1047
Orbit Fox by ThemeIsle
- Plugin:
- Orbit Fox by ThemeIsle
- Plugin Slug:
- themeisle-companion
- Installations
- 200,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.10.230
- Severity Score:
- Medium
- CVE:
- 2024-1162
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
- Plugin Slug:
- wp-user-avatar
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.14.4
- Severity Score:
- Medium
- CVE:
- 2024-1046
Elementor Addon Elements
- Plugin:
- Elementor Addon Elements
- Plugin Slug:
- addon-elements-for-elementor-page-builder
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.12.12
- Severity Score:
- Medium
- CVE:
- 2024-0834
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid)
- Plugin Slug:
- bdthemes-element-pack-lite
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 5.4.12
- Severity Score:
- Medium
- CVE:
- 2024-24840
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider)
- Plugin Slug:
- bdthemes-prime-slider-lite
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.11.11
- Severity Score:
- Medium
- CVE:
- 2024-24883
Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels
- Plugin Slug:
- instant-images
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 6.1.1
- Severity Score:
- High
- CVE:
- 2024-0869
Minimal Coming Soon – Coming Soon Page
- Plugin Slug:
- minimal-coming-soon-maintenance-mode
- Installations
- 100,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 2.38
- Severity Score:
- Low
- CVE:
- 2024-1075
Relevanssi – A Better Search
- Plugin:
- Relevanssi – A Better Search
- Plugin Slug:
- relevanssi
- Installations
- 100,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.22
- Severity Score:
- Medium
The Plus Addons for Elementor
- Plugin:
- The Plus Addons for Elementor
- Plugin Slug:
- the-plus-addons-for-elementor-page-builder
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.3.4
- Severity Score:
- Medium
- CVE:
- 2024-23511
Cookie Information | Free GDPR Consent Solution
- Plugin Slug:
- wp-gdpr-compliance
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.0.23
- Severity Score:
- High
- CVE:
- 2023-6700
SlimStat Analytics
- Plugin:
- SlimStat Analytics
- Plugin Slug:
- wp-slimstat
- Installations
- 90,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.1.4
- Severity Score:
- Medium
- CVE:
- 2024-1073
WP STAGING WordPress Backup Plugin – Migration Backup Restore
- Plugin Slug:
- wp-staging
- Installations
- 80,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 3.2.0
- Severity Score:
- Medium
- CVE:
- 2023-7204
Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid
- Plugin Slug:
- boldgrid-backup
- Installations
- 70,000+
- Vulnerability:
- Arbitrary File Download
- Patched in Version:
- 1.15.9
- Severity Score:
- High
- CVE:
- 2024-24869
Advanced iFrame
- Plugin:
- Advanced iFrame
- Plugin Slug:
- advanced-iframe
- Installations
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2024.0
- Severity Score:
- Medium
- CVE:
- 2024-24870
Advanced iFrame
- Plugin:
- Advanced iFrame
- Plugin Slug:
- advanced-iframe
- Installations
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2024.0
- Severity Score:
- Medium
- CVE:
- 2023-7069
Calculated Fields Form
- Plugin:
- Calculated Fields Form
- Plugin Slug:
- calculated-fields-form
- Installations
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.53
- Severity Score:
- Medium
- CVE:
- 2024-0963
Database for Contact Form 7, WPforms, Elementor forms
- Plugin Slug:
- contact-form-entries
- Installations
- 60,000+
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 1.3.3
- Severity Score:
- High
- CVE:
- 2024-1069
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
- Plugin Slug:
- form-maker
- Installations
- 60,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.15.22
- Severity Score:
- Medium
- CVE:
- 2024-0667
Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy)
- Plugin Slug:
- easy-digital-downloads
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.7
- Severity Score:
- Medium
- CVE:
- 2024-0659
Exclusive Addons for Elementor
- Plugin:
- Exclusive Addons for Elementor
- Plugin Slug:
- exclusive-addons-for-elementor
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.9
- Severity Score:
- Medium
- CVE:
- 2024-0823
Exclusive Addons for Elementor
- Plugin:
- Exclusive Addons for Elementor
- Plugin Slug:
- exclusive-addons-for-elementor
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.9
- Severity Score:
- Medium
- CVE:
- 2024-0824
RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
- Plugin:
- RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
- Plugin Slug:
- feedzy-rss-feeds
- Installations
- 50,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.4.2
- Severity Score:
- Medium
- CVE:
- 2024-1092
MapPress Maps for WordPress
- Plugin:
- MapPress Maps for WordPress
- Plugin Slug:
- mappress-google-maps-for-wordpress
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.88.17
- Severity Score:
- Medium
- CVE:
- 2023-7225
Shariff Wrapper
- Plugin:
- Shariff Wrapper
- Plugin Slug:
- shariff
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.6.10
- Severity Score:
- Medium
- CVE:
- 2024-1106
Starbox – the Author Box for Humans
- Plugin Slug:
- starbox
- Installations
- 50,000+
- Vulnerability:
- Insecure Direct Object References (IDOR)
- Patched in Version:
- 3.4.8
- Severity Score:
- Medium
- CVE:
- 2024-0366
Shield Security – Smart Bot Blocking & Intrusion Prevention Security
- Plugin Slug:
- wp-simple-firewall
- Installations
- 50,000+
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- 18.5.10
- Severity Score:
- High
- CVE:
- 2023-6989
WooCommerce Conversion Tracking
- Plugin:
- WooCommerce Conversion Tracking
- Plugin Slug:
- woocommerce-conversion-tracking
- Installations
- 40,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.0.12
- Severity Score:
- Medium
- CVE:
- 2024-24711
WP 404 Auto Redirect to Similar Post
- Plugin Slug:
- wp-404-auto-redirect-to-similar-post
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.4
- Severity Score:
- High
- CVE:
- 2024-0509
Apollo13 Framework Extensions
- Plugin:
- Apollo13 Framework Extensions
- Plugin Slug:
- apollo13-framework-extensions
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.9.3
- Severity Score:
- Medium
- CVE:
- 2024-24880
Feed Them Social – Page, Post, Video, and Photo Galleries
- Plugin Slug:
- feed-them-social
- Installations
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.2.1
- Severity Score:
- Medium
- CVE:
- 2024-24710
Html5 Video Player – mp4 player, Video Player for WordPress
- Plugin Slug:
- html5-video-player
- Installations
- 30,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 2.5.25
- Severity Score:
- Critical
- CVE:
- 2024-1061
Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic
- Plugin Slug:
- shareaholic
- Installations
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 9.7.12
- Severity Score:
- Medium
- CVE:
- 2024-24709
Structured Content (JSON-LD) #wpsc
- Plugin Slug:
- structured-content
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.2
- Severity Score:
- Medium
- CVE:
- 2024-24839
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
- Plugin Slug:
- woo-bulk-editor
- Installations
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.1.4.1
- Severity Score:
- Medium
- CVE:
- 2024-24835
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
- Plugin Slug:
- woo-bulk-editor
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.4.1
- Severity Score:
- Medium
- CVE:
- 2024-24834
WP Dashboard Notes
- Plugin:
- WP Dashboard Notes
- Plugin Slug:
- wp-dashboard-notes
- Installations
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.11
- Severity Score:
- Medium
- CVE:
- 2023-7239
Meks Smart Social Widget
- Plugin:
- Meks Smart Social Widget
- Plugin Slug:
- meks-smart-social-widget
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.4
- Severity Score:
- Medium
- CVE:
- 2024-0664
WordPress Simple Shopping Cart
- Plugin:
- WordPress Simple Shopping Cart
- Plugin Slug:
- wordpress-simple-paypal-shopping-cart
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.7.2
- Severity Score:
- Medium
- CVE:
- 2023-6497
WP Visitor Statistics (Real Time Traffic)
- Plugin Slug:
- wp-stats-manager
- Installations
- 20,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 6.9.5
- Severity Score:
- Medium
- CVE:
- 2024-24867
Affiliates Manager
- Plugin:
- Affiliates Manager
- Plugin Slug:
- affiliates-manager
- Installations
- 10,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.9.35
- Severity Score:
- Medium
- CVE:
- 2024-0859
Awesome Support – WordPress HelpDesk & Support Plugin
- Plugin Slug:
- awesome-support
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 6.1.7
- Severity Score:
- Medium
- CVE:
- 2024-24716
Booking Calendar | Appointment Booking | BookIt
- Plugin Slug:
- bookit
- Installations
- 10,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 2.4.2
- Severity Score:
- Medium
- CVE:
- 2024-24715
Knowledge Base for Documentation, FAQs with AI Assistance
- Plugin Slug:
- echo-knowledge-base
- Installations
- 10,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 11.31.0
- Severity Score:
- High
- CVE:
- 2024-24842
Link Library
- Plugin:
- Link Library
- Plugin Slug:
- link-library
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 7.6
- Severity Score:
- High
- CVE:
- 2024-24879
Link Library
- Plugin:
- Link Library
- Plugin Slug:
- link-library
- Installations
- 10,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 7.6
- Severity Score:
- Medium
- CVE:
- 2024-24875
NEX-Forms – Ultimate Form Builder – Contact forms and much more
- Plugin Slug:
- nex-forms-express-wp-form-builder
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 8.5.7
- Severity Score:
- Medium
- CVE:
- 2024-1130
WordPress Review & Structure Data Schema Plugin – Review Schema
- Plugin Slug:
- review-schema
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.2.0
- Severity Score:
- Medium
- CVE:
- 2024-0836
Wonder Slider Lite
- Plugin:
- Wonder Slider Lite
- Plugin Slug:
- wonderplugin-slider-lite
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 14.0
- Severity Score:
- High
- CVE:
- 2024-24877
Woocommerce Vietnam Checkout
- Plugin:
- Woocommerce Vietnam Checkout
- Plugin Slug:
- woo-vietnam-checkout
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.8
- Severity Score:
- Medium
- CVE:
- 2024-24885
Woostify Sites Library
- Plugin:
- Woostify Sites Library
- Plugin Slug:
- woostify-sites-library
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.4.8
- Severity Score:
- High
- CVE:
- 2023-6279
Product Labels For Woocommerce (Sale Badges)
- Plugin Slug:
- aco-product-labels-for-woocommerce
- Installations
- 9,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.5.4
- Severity Score:
- Medium
- CVE:
- 2024-24886
FG Joomla to WordPress
- Plugin:
- FG Joomla to WordPress
- Plugin Slug:
- fg-joomla-to-wordpress
- Installations
- 9,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 4.17.0
- Severity Score:
- Medium
- CVE:
- 2024-24837
WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc
- Plugin Slug:
- wp-sms
- Installations
- 9,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.5.3
- Severity Score:
- High
- CVE:
- 2024-24881
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin
- Plugin Slug:
- mage-eventpress
- Installations
- 8,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 4.1.2
- Severity Score:
- High
- CVE:
- 2024-24796
Fatal Error Notify
- Plugin:
- Fatal Error Notify
- Plugin Slug:
- fatal-error-notify
- Installations
- 7,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.5.3
- Severity Score:
- Medium
- CVE:
- 2023-7202
GDPR Data Request Form
- Plugin:
- GDPR Data Request Form
- Plugin Slug:
- gdpr-data-request-form
- Installations
- 7,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7
- Severity Score:
- Medium
- CVE:
- 2024-24836
Themify Builder
- Plugin:
- Themify Builder
- Plugin Slug:
- themify-builder
- Installations
- 7,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 7.0.6
- Severity Score:
- Medium
- CVE:
- 2024-24872
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
- Plugin:
- ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
- Plugin Slug:
- armember-membership
- Installations
- 6,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.0.25
- Severity Score:
- Medium
- CVE:
- 2024-0969
Contact Form 7 Connector
- Plugin:
- Contact Form 7 Connector
- Plugin Slug:
- ari-cf7-connector
- Installations
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.2.3
- Severity Score:
- Medium
- CVE:
- 2024-24884
WOLF – WordPress Posts Bulk Editor and Manager Professional
- Plugin Slug:
- bulk-editor
- Installations
- 5,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.8.2
- Severity Score:
- Medium
- CVE:
- 2024-0791
WOLF – WordPress Posts Bulk Editor and Manager Professional
- Plugin Slug:
- bulk-editor
- Installations
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.0.8.2
- Severity Score:
- Medium
- CVE:
- 2024-0790
PopupAlly
- Plugin:
- PopupAlly
- Plugin Slug:
- popupally
- Installations
- 5,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.1.1
- Severity Score:
- Medium
- CVE:
- 2024-23520
ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks
- Plugin Slug:
- product-blocks
- Installations
- 4,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 3.1.5
- Severity Score:
- High
- CVE:
- 2024-23512
WP Dummy Content Generator
- Plugin:
- WP Dummy Content Generator
- Plugin Slug:
- wp-dummy-content-generator
- Installations
- 4,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.1.3
- Severity Score:
- Medium
- CVE:
- 2024-24805
Advanced Forms for ACF
- Plugin:
- Advanced Forms for ACF
- Plugin Slug:
- advanced-forms
- Installations
- 3,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.9.3.3
- Severity Score:
- Medium
- CVE:
- 2024-1121
Auto Listings – Car Listings & Car Dealership Plugin for WordPress
- Plugin Slug:
- auto-listings
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.6
- Severity Score:
- Medium
- CVE:
- 2024-24713
(Simply) Guest Author Name
- Plugin:
- (Simply) Guest Author Name
- Plugin Slug:
- guest-author-name
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.35
- Severity Score:
- Medium
- CVE:
- 2024-0254
Beds24 Online Booking
- Plugin:
- Beds24 Online Booking
- Plugin Slug:
- beds24-online-booking
- Installations
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.24
- Severity Score:
- Medium
- CVE:
- 2024-24717
EventPrime – Events Calendar, Bookings and Tickets
- Plugin Slug:
- eventprime-event-calendar-management
- Installations
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.4.0
- Severity Score:
- High
- CVE:
- 2024-24832
Active Products Tables for WooCommerce. Professional products tables for WooCommerce store
- Plugin Slug:
- profit-products-tables-for-woocommerce
- Installations
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.6.2
- Severity Score:
- Medium
- CVE:
- 2024-0797
Active Products Tables for WooCommerce. Professional products tables for WooCommerce store
- Plugin Slug:
- profit-products-tables-for-woocommerce
- Installations
- 2,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.0.6.2
- Severity Score:
- Medium
- CVE:
- 2024-0796
PropertyHive
- Plugin:
- PropertyHive
- Plugin Slug:
- propertyhive
- Installations
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.0.7
- Severity Score:
- Medium
- CVE:
- 2024-24718
PropertyHive
- Plugin:
- PropertyHive
- Plugin Slug:
- propertyhive
- Installations
- 2,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 2.0.6
- Severity Score:
- High
- CVE:
- 2024-23513
SP Project & Document Manager
- Plugin:
- SP Project & Document Manager
- Plugin Slug:
- sp-client-document-manager
- Installations
- 2,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 4.70
- Severity Score:
- High
- CVE:
- 2024-24868
Add Customer for WooCommerce
- Plugin:
- Add Customer for WooCommerce
- Plugin Slug:
- add-customer-for-woocommerce
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.1
- Severity Score:
- Medium
- CVE:
- 2024-24841
Anonymous Restricted Content
- Plugin:
- Anonymous Restricted Content
- Plugin Slug:
- anonymous-restricted-content
- Installations
- 1,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 1.6.3
- Severity Score:
- Medium
- CVE:
- 2024-0909
Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo
- Plugin Slug:
- biteship
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2.25
- Severity Score:
- High
- CVE:
- 2024-24866
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress
- Plugin Slug:
- contest-gallery
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 21.2.9
- Severity Score:
- Medium
- CVE:
- 2024-24887
Polls CP
- Plugin:
- Polls CP
- Plugin Slug:
- cp-polls
- Installations
- 1,000+
- Vulnerability:
- Content Injection
- Patched in Version:
- 1.0.72
- Severity Score:
- Medium
- CVE:
- 2024-24874
Polls CP
- Plugin:
- Polls CP
- Plugin Slug:
- cp-polls
- Installations
- 1,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 1.0.72
- Severity Score:
- Medium
- CVE:
- 2024-24873
FG Drupal to WordPress
- Plugin:
- FG Drupal to WordPress
- Plugin Slug:
- fg-drupal-to-wp
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 3.68.0
- Severity Score:
- Medium
- CVE:
- 2024-24837
FG PrestaShop to WooCommerce
- Plugin:
- FG PrestaShop to WooCommerce
- Plugin Slug:
- fg-prestashop-to-woocommerce
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 4.45.0
- Severity Score:
- Medium
- CVE:
- 2024-24837
Five Star Restaurant Reviews
- Plugin:
- Five Star Restaurant Reviews
- Plugin Slug:
- good-reviews-wp
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.3.6
- Severity Score:
- Medium
- CVE:
- 2024-24838
Heateor Social Login WordPress
- Plugin:
- Heateor Social Login WordPress
- Plugin Slug:
- heateor-social-login
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.31
- Severity Score:
- Medium
- CVE:
- 2024-24712
Icons Font Loader
- Plugin:
- Icons Font Loader
- Plugin Slug:
- icons-font-loader
- Installations
- 1,000+
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 1.1.5
- Severity Score:
- High
- CVE:
- 2024-24714
Kikote – Location Picker at Checkout & Google Address AutoFill Plugin for WooCommerce
- Plugin Slug:
- map-location-picker-at-checkout-for-woocommerce
- Installations
- 1,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.9.0
- Severity Score:
- Medium
- CVE:
- 2024-24719
Restrict Usernames Emails Characters
- Plugin Slug:
- restrict-usernames-emails-characters
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.4
- Severity Score:
- Medium
- CVE:
- 2023-6165
WP Club Manager – WordPress Sports Club Plugin
- Plugin Slug:
- wp-club-manager
- Installations
- 1,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.2.11
- Severity Score:
- Medium
- CVE:
- 2024-1177
Chartify – WordPress Chart Plugin
- Plugin Slug:
- chart-builder
- Installations
- 700+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.7
- Severity Score:
- Medium
- CVE:
- 2023-47526
Portugal CTT Tracking for WooCommerce
- Plugin Slug:
- portugal-ctt-tracking-woocommerce
- Installations
- 700+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2
- Severity Score:
- High
- CVE:
- 2024-24878
Wp-Adv-Quiz
- Plugin:
- Wp-Adv-Quiz
- Plugin Slug:
- advanced-quiz
- Installations
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.3
- Severity Score:
- Medium
- CVE:
- 2023-5943
Allow SVG
coreActivity: Activity Logging plugin for WordPress
- Plugin Slug:
- coreactivity
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.1
- Severity Score:
- High
- CVE:
- 2024-0852
EventON Pro
- Plugin:
- EventON Pro
- Plugin Slug:
- eventon-wordpress-event-calendar-plugin
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.4.1
- Severity Score:
- High
- CVE:
- 2023-7200
PowerPack Pro for Elementor
- Plugin:
- PowerPack Pro for Elementor
- Plugin Slug:
- powerpack-elements
- Vulnerability:
- Settings Change
- Patched in Version:
- 2.10.8
- Severity Score:
- High
- CVE:
- 2024-24844
PowerPack Pro for Elementor
- Plugin:
- PowerPack Pro for Elementor
- Plugin Slug:
- powerpack-elements
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.10.8
- Severity Score:
- High
- CVE:
- 2024-24843
Relevanssi Premium
- Plugin:
- Relevanssi Premium
- Plugin Slug:
- relevanssi-premium
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 2.25
- Severity Score:
- Medium
LearnDash LMS
- Plugin:
- LearnDash LMS
- Plugin Slug:
- sfwd-lms
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.10.3
- Severity Score:
- Medium
- CVE:
- 2024-1208
LearnDash LMS
- Plugin:
- LearnDash LMS
- Plugin Slug:
- sfwd-lms
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.10.2
- Severity Score:
- Medium
- CVE:
- 2024-1210
LearnDash LMS
- Plugin:
- LearnDash LMS
- Plugin Slug:
- sfwd-lms
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.10.2
- Severity Score:
- Medium
- CVE:
- 2024-1209
Userpro
- Plugin:
- Userpro
- Plugin Slug:
- userpro
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 5.1.7
- Severity Score:
- Medium
- CVE:
- 2024-0701
Userpro
- Plugin:
- Userpro
- Plugin Slug:
- userpro
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.1.6
- Severity Score:
- Medium
- CVE:
- 2023-2439
WooCommerce Box Office
- Plugin:
- WooCommerce Box Office
- Plugin Slug:
- woocommerce-box-office
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.2.3
- Severity Score:
- Medium
- CVE:
- 2024-24799
WordPress Themes — 1 Patched / 0 Unpatched
Blocksy
- Theme:
- Blocksy
- Theme Slug:
- blocksy
- Downloads
- 2,786,039
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.20
- Severity Score:
- Medium
- CVE:
- 2024-24871
Solid Security is part of Solid Suite — The best foundation for WordPress websites.
Every WordPress site needs security, backups, and management tools. That’s Solid Suite — an integrated bundle of three plugins: Solid Security, Solid Backups, and Solid Central. You also get access to Solid Academy’s learning resources for WordPress professionals. Build your next WordPress website on a solid foundation with Solid Suite!
Sign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Get started with confidence — risk free, guaranteed