WordPress Vulnerability Report – July 27, 2023
Since last week, 329 total vulnerabilities emerged in public disclosure. They may affect over 9 million WordPress sites. There are 209 plugin vulnerabilities and 18 theme vulnerabilities with security patches, so run those updates! Additionally, there are 66 plugin vulnerabilities and 36 theme vulnerabilities with no patch available yet.
Since last week, 329 total vulnerabilities emerged in public disclosure. They may affect over 9 million WordPress sites. There are 209 plugin vulnerabilities and 18 theme vulnerabilities with security patches, so run those updates!
Additionally, there are 66 plugin vulnerabilities and 36 theme vulnerabilities with no patch available yet. If you use an unpatched plugin or theme, check their vendors’ intentions and progress on a security release. Suppose no patch is forthcoming or the vulnerable software has been marked “closed” and dropped from the official WordPress theme and plugin repositories. In that case, you should consider deactivation and removal in favor of alternative solutions.
Such an unusually high number of vulnerability reports is due to outdated versions of many plugins and themes that may use a common third-party dependency, Freemius’ WordPress SDK 2.5.9. Please see the Freemius WordPress SDK 2.5.9 Security Disclosure for more details.
New Today: Patchstack lists multiple high-severity vulnerabilities in the Ninja Forms plugin, potentially affecting 900k active WordPress sites. These vulnerabilities include a POST-based reflected XSS and broken access control on the form submissions export feature. Please update to version 3.6.26.
WordPress Core Vulnerabilities — Patched
WordPress core is very secure when it’s properly configured and maintained. Vulnerable plugins not updated by site owners are the most common vector for attacks on WordPress websites. Our weekly WordPress Vulnerability Report, powered by Patchstack, covers new vulnerabilities that have emerged in plugins, themes, and/or WordPress core since last week’s report. Our goal is to spread awareness of emerging security threats and help you decide what to do if you find vulnerable software on your website. For a deeper analysis of recent trends in WordPress vulnerabilities and threat vectors, see our 2022 Annual Vulnerability Report.
These reports are published every Wednesday and include all active vulnerabilities tracked by Patchstack as of Monday since the previous report. This leaves a 48-hour window for the newest emerging vulnerabilities to be patched before full public disclosure. iThemes Security Pro users have access to vulnerability alerts emerging within this window.
WordPress Plugin Vulnerabilities — Patched
In this section, you’ll find the most recently disclosed WordPress plugin vulnerabilities fixed with a new release from their authors and maintainers. Please apply the updates if you are affected!
These vulnerabilities have been disclosed and scored for their severity, thanks to our friends at Patchstack. Each plugin listing includes the type of vulnerability with its CVE number and CVSS severity rating with links to more technical details. You’ll also see the number of active sites using the plugin and the plugin version release that patches the vulnerability. We start with the most popular plugins, representing the largest target for attackers.
Essential Addons For Elementor
- Plugin Slug:
- essential-addons-for-elementor-lite
- Installations:
- 1,000,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 5.8.2
- Severity Score:
- Medium
- CVE:
- 2023-3779
Ninja Forms
- Plugin Slug:
- ninja-forms
- Installations:
- 900,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.6.26
- Severity Score:
- High
- CVE:
- 2023-37979
Ninja Forms
- Plugin Slug:
- ninja-forms
- Installations:
- 900,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.6.26
- Severity Score:
- High
- CVE:
- 2023-38393
Ninja Forms
- Plugin Slug:
- ninja-forms
- Installations:
- 900,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.6.26
- Severity Score:
- High
- CVE:
- 2023-38386
The Events Calendar
- Plugin:
- The Events Calendar
- Plugin Slug:
- the-events-calendar
- Installations:
- 800,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 6.1.3
- Severity Score:
- Medium
- CVE:
- 2023-35777
The Events Calendar
- Plugin:
- The Events Calendar
- Plugin Slug:
- the-events-calendar
- Installations:
- 800,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.1.0
- Severity Score:
- High
- CVE:
- 2023-33999
Popup Maker
- Plugin Slug:
- popup-maker
- Installations:
- 700,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.10.0
- Severity Score:
- High
- CVE:
- 2023-33999
NextGEN Gallery
- Plugin Slug:
- nextgen-gallery
- Installations:
- 600,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.4.7
- Severity Score:
- High
- CVE:
- 2023-33999
WP Activity Log
- Plugin:
- WP Activity Log
- Plugin Slug:
- wp-security-audit-log
- Installations:
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.4.3
- Severity Score:
- High
- CVE:
- 2023-33999
404 to 301
- Plugin Slug:
- 404-to-301
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.6
- Severity Score:
- High
- CVE:
- 2023-33999
Elementor Addon Elements
- Plugin:
- Elementor Addon Elements
- Plugin Slug:
- addon-elements-for-elementor-page-builder
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.12
- Severity Score:
- High
- CVE:
- 2023-33999
CAPTCHA 4WP
- Plugin:
- CAPTCHA 4WP
- Plugin Slug:
- advanced-nocaptcha-recaptcha
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 7.0.6
- Severity Score:
- High
- CVE:
- 2023-33999
WP AutoTerms: Privacy Policy Generator (GDPR & CCPA), Terms & Conditions Generator, Cookie Notice Banner
- Plugin Slug:
- auto-terms-of-service-and-privacy-policy
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Blocksy Companion
- Plugin:
- Blocksy Companion
- Plugin Slug:
- blocksy-companion
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.47
- Severity Score:
- High
- CVE:
- 2023-33999
Meta Tag Manager
- Plugin:
- Meta Tag Manager
- Plugin Slug:
- meta-tag-manager
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1
- Severity Score:
- High
- CVE:
- 2023-33999
Pods
- Plugin Slug:
- pods
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.8.23
- Severity Score:
- High
- CVE:
- 2023-33999
TI WooCommerce Wishlist
- Plugin:
- TI WooCommerce Wishlist
- Plugin Slug:
- ti-woocommerce-wishlist
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.0
- Severity Score:
- High
- CVE:
- 2023-33999
Asset CleanUp: Page Speed Booster
- Plugin Slug:
- wp-asset-clean-up
- Installations:
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.5.5
- Severity Score:
- High
- CVE:
- 2023-33999
AnyWhere Elementor
- Plugin:
- AnyWhere Elementor
- Plugin Slug:
- anywhere-elementor
- Installations:
- 90,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.8
- Severity Score:
- High
- CVE:
- 2023-33999
EmbedPress
- Plugin Slug:
- embedpress
- Installations:
- 80,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.3
- Severity Score:
- High
- CVE:
- 2023-33999
Event Tickets
- Plugin Slug:
- event-tickets
- Installations:
- 70,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.6.0
- Severity Score:
- High
- CVE:
- 2023-33999
Easy Watermark
- Plugin:
- Easy Watermark
- Plugin Slug:
- easy-watermark
- Installations:
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.7
- Severity Score:
- High
- CVE:
- 2023-33999
Simple Author Box
- Plugin:
- Simple Author Box
- Plugin Slug:
- simple-author-box
- Installations:
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4
- Severity Score:
- High
- CVE:
- 2023-33999
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to fix Insecure Content
- Plugin:
- WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score
- Plugin Slug:
- wp-letsencrypt-ssl
- Installations:
- 60,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.3.0
- Severity Score:
- High
- CVE:
- 2023-33999
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor
- Plugin Slug:
- gutentor
- Installations:
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.3
- Severity Score:
- High
- CVE:
- 2023-33999
Preloader Plus – WordPress Loading Screen Plugin
- Plugin Slug:
- preloader-plus
- Installations:
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1
- Severity Score:
- High
- CVE:
- 2023-33999
Spotlight Social Media Feeds
- Plugin Slug:
- spotlight-social-photo-feeds
- Installations:
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.1
- Severity Score:
- High
- CVE:
- 2023-33999
Weglot Translate – Translate your WordPress website and go multilingual
- Plugin Slug:
- weglot
- Installations:
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.9.3
- Severity Score:
- High
- CVE:
- 2023-33999
Better Notifications for WP
- Plugin Slug:
- bnfw
- Installations:
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7
- Severity Score:
- High
- CVE:
- 2023-33999
Stop User Enumeration
- Plugin:
- Stop User Enumeration
- Plugin Slug:
- stop-user-enumeration
- Installations:
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
Mail Bank – #1 Mail SMTP Plugin for WordPress
- Plugin Slug:
- wp-mail-bank
- Installations:
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.13
- Severity Score:
- High
- CVE:
- 2023-33999
Gutenberg Block Editor Toolkit
- Plugin Slug:
- block-options
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.17
- Severity Score:
- High
- CVE:
- 2023-33999
Divi Contact Form 7
- Plugin Slug:
- cf7-styler-for-divi
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.3
- Severity Score:
- High
- CVE:
- 2023-33999
Cost Calculator Builder
- Plugin:
- Cost Calculator Builder
- Plugin Slug:
- cost-calculator-builder
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.3.3
- Severity Score:
- High
- CVE:
- 2023-33999
Image Photo Gallery Final Tiles Grid
- Plugin Slug:
- final-tiles-grid-gallery-lite
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.5.8
- Severity Score:
- High
- CVE:
- 2023-33999
Hide Admin Bar Based on User Roles
- Plugin Slug:
- hide-admin-bar-based-on-user-roles
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8
- Severity Score:
- High
- CVE:
- 2023-33999
Divi Carousel Lite
- Plugin:
- Divi Carousel Lite
- Plugin Slug:
- wow-carousel-for-divi-lite
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.12
- Severity Score:
- High
- CVE:
- 2023-33999
WP Google Review Slider
- Plugin:
- WP Google Review Slider
- Plugin Slug:
- wp-google-places-review-slider
- Installations:
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 12.6
- Severity Score:
- High
- CVE:
- 2023-33999
DiviTorque – Divi Theme, Divi Builder and Extra Theme
- Plugin:
- Divi Torque Lite
- Plugin Slug:
- addons-for-divi
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.6.0
- Severity Score:
- High
- CVE:
- 2023-33999
Contact Form 7 Skins
- Plugin:
- CF7 Skins for Contact Form 7
- Plugin Slug:
- contact-form-7-skins
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1.1
- Severity Score:
- High
- CVE:
- 2023-33999
Greenshift – animation and page builder blocks
- Plugin Slug:
- greenshift-animation-and-page-builder-blocks
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.8.1
- Severity Score:
- High
- CVE:
- 2023-33999
New User Approve
- Plugin:
- New User Approve
- Plugin Slug:
- new-user-approve
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.5.1
- Severity Score:
- High
- CVE:
- 2023-33999
HP Everywhere
- Plugin:
- PHP Everywhere
- Plugin Slug:
- php-everywhere
- Installations:
- 20,000+
- Vulnerability:
- Remote Code Execution (RCE)
- Patched in Version:
- 3.0.0
- Severity Score:
- Critical
- CVE:
- 2022-24664
PHP Everywhere
- Plugin:
- PHP Everywhere
- Plugin Slug:
- php-everywhere
- Installations:
- 20,000+
- Vulnerability:
- Remote Code Execution (RCE)
- Patched in Version:
- 3.0.0
- Severity Score:
- Critical
- CVE:
- 2022-24665
PHP Everywhere
- Plugin:
- PHP Everywhere
- Plugin Slug:
- php-everywhere
- Installations:
- 20,000+
- Vulnerability:
- Remote Code Execution (RCE)
- Patched in Version:
- 3.0.0
- Severity Score:
- Critical
- CVE:
- 2022-24663
Redirect 404 Error Page to Homepage or Custom Page with Logs
- Plugin Slug:
- redirect-404-error-page-to-homepage-or-custom-page
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.0
- Severity Score:
- High
- CVE:
- 2023-33999
Gallery Blocks with Lightbox
- Plugin Slug:
- simply-gallery-block
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.5
- Severity Score:
- High
- CVE:
- 2023-33999
Disable Emojis & Disable Embeds for WordPress Performance & SpeedUp
- Plugin Slug:
- wp-disable
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.5.0
- Severity Score:
- High
- CVE:
- 2023-33999
Media Library Categories
- Plugin:
- Media Library Categories
- Plugin Slug:
- wp-media-library-categories
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.1
- Severity Score:
- Medium
- CVE:
- 2023-36382
WP to Twitter
- Plugin:
- WP to Twitter
- Plugin Slug:
- wp-to-twitter
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.3.0
- Severity Score:
- High
- CVE:
- 2023-33999
Product Feed Manager
- Plugin Slug:
- best-woocommerce-feed
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0
- Severity Score:
- High
- CVE:
- 2023-33999
DeMomentSomTres WordPress Export Posts With Images
- Plugin Slug:
- demomentsomtres-wp-export
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 20200610
- Severity Score:
- High
- CVE:
- 2023-33999
Enjoy Social Feed plugin for WordPress website
- Plugin Slug:
- enjoy-instagram-instagram-responsive-images-gallery-and-carousel
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.2.1
- Severity Score:
- High
- CVE:
- 2023-33999
eRoom – Zoom Meetings & Webinar
- Plugin Slug:
- eroom-zoom-meetings-webinar
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.4
- Severity Score:
- High
- CVE:
- 2023-33999
MasterStudy LMS
- Plugin Slug:
- masterstudy-lms-learning-management-system
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.8.0
- Severity Score:
- High
- CVE:
- 2023-33999
Notification
- Plugin Slug:
- notification
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.1.0
- Severity Score:
- High
- CVE:
- 2023-33999
PowerPack Lite for Beaver Builder
- Plugin Slug:
- powerpack-addon-for-beaver-builder
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.9.3
- Severity Score:
- High
- CVE:
- 2023-33999
Seo Optimized Images
- Plugin:
- Seo Optimized Images
- Plugin Slug:
- seo-optimized-images
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1
- Severity Score:
- High
- CVE:
- 2023-33999
WP News and Scrolling Widgets
- Plugin Slug:
- sp-news-and-widget
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.2
- Severity Score:
- High
- CVE:
- 2023-33999
Stop WP Emails Going to Spam
- Plugin:
- Stop WP Emails Going to Spam
- Plugin Slug:
- stop-wp-emails-going-to-spam
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
WooCommerce Tiered Price Table
- Plugin Slug:
- tier-pricing-table
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.5.1
- Severity Score:
- High
- CVE:
- 2023-33999
WP Review Slider
- Plugin:
- WP Review Slider
- Plugin Slug:
- wp-facebook-reviews
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.6
- Severity Score:
- High
- CVE:
- 2023-33999
WP Mail Log
- Plugin:
- WP Mail Log
- Plugin Slug:
- wp-mail-log
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.1
- Severity Score:
- High
- CVE:
- 2023-33999
WP VR
- Plugin Slug:
- wpvr
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.2
- Severity Score:
- High
- CVE:
- 2023-33999
ACF Frontend – Add and edit posts, pages, users and more all from the frontend
- Plugin:
- Frontend Admin by DynamiApps
- Plugin Slug:
- acf-frontend-form-element
- Installations:
- 9,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.8.0
- Severity Score:
- High
- CVE:
- 2023-33999
HuCommerce | Magyar WooCommerce kiegészítések
- Plugin Slug:
- surbma-magyar-woocommerce
- Installations:
- 9,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2022.0.3
- Severity Score:
- High
- CVE:
- 2023-33999
Post to Google My Business (Google Business Profile)
- Plugin Slug:
- post-to-google-my-business
- Installations:
- 8,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.14
- Severity Score:
- High
- CVE:
- 2023-33999
PublishPress Planner: Organize and Schedule Your WordPress Content
- Plugin Slug:
- publishpress
- Installations:
- 7,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.9.5
- Severity Score:
- High
- CVE:
- 2023-33999
Salon booking system
- Plugin:
- Salon booking system
- Plugin Slug:
- salon-booking-system
- Installations:
- 7,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 8.4.9
- Severity Score:
- High
- CVE:
- 2023-33999
Easy Photography Portfolio
- Plugin:
- Easy Photography Portfolio
- Plugin Slug:
- photography-portfolio
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.9
- Severity Score:
- High
- CVE:
- 2023-33999
Quiz Cat
- Plugin Slug:
- quiz-cat
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
WooCommerce Google Ads Dynamic Remarketing
- Plugin Slug:
- woocommerce-google-dynamic-retargeting-tag
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.17
- Severity Score:
- High
- CVE:
- 2023-33999
WP Travel
- Plugin Slug:
- wp-travel
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
WpStream – Live Streaming, Video on Demand, Pay Per View
- Plugin Slug:
- wpstream
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 4.5.5
- Severity Score:
- Medium
- CVE:
- 2023-38512
ACF-VC Integrator
- Plugin:
- ACF-VC Integrator
- Plugin Slug:
- acf-vc-integrator
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
AnyComment
- Plugin:
- AnyComment
- Plugin Slug:
- anycomment
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.0.99
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Tag Cloud Plugin – Tag Groups
- Plugin Slug:
- tag-groups
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Search Console
- Plugin:
- Search Console
- Plugin Slug:
- search-console
- Installations:
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2.2
- Severity Score:
- High
- CVE:
- 2023-33999
Discussion Board
- Plugin Slug:
- wp-discussion-board
- Installations:
- 3,000+
- Vulnerability:
- Content Injection
- Patched in Version:
- 2.4.9
- Severity Score:
- Medium
- CVE:
- 2023-39161
Photo Engine
- Plugin Slug:
- wplr-sync
- Installations:
- 3,000+
- Vulnerability:
- Insecure Direct Object References (IDOR)
- Patched in Version:
- 6.2.6
- Severity Score:
- Medium
- CVE:
- 2023-38513
Image Carousel For Divi
- Plugin:
- Image Carousel For Divi
- Plugin Slug:
- image-carousel-for-divi
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.1
- Severity Score:
- High
- CVE:
- 2023-33999
Market Exporter
- Plugin:
- Market Exporter
- Plugin Slug:
- market-exporter
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.19
- Severity Score:
- High
- CVE:
- 2023-33999
Multiple Page Generator Plugin – MPG
- Plugin Slug:
- multiple-pages-generator-by-porthas
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Share This Image
- Plugin:
- Share This Image
- Plugin Slug:
- share-this-image
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.81
- Severity Score:
- High
- CVE:
- 2023-33999
Client Invoicing by Sprout Invoices
- Plugin Slug:
- sprout-invoices
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 19.1
- Severity Score:
- High
- CVE:
- 2023-33999
Integration for WooCommerce and Zoho CRM
- Plugin Slug:
- woo-zoho
- Installations:
- 2,000+
- Vulnerability:
- Open Redirection
- Patched in Version:
- 1.3.7
- Severity Score:
- Medium
- CVE:
- 2023-38481
Spanish Market Enhancements for WooCommerce
- Plugin Slug:
- woocommerce-es
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1
- Severity Score:
- High
- CVE:
- 2023-33999
Pay For Post with WooCommerce
- Plugin Slug:
- woocommerce-pay-per-post
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.11
- Severity Score:
- High
- CVE:
- 2023-33999
360 Javascript Viewer
- Plugin:
- 360 Javascript Viewer
- Plugin Slug:
- 360deg-javascript-viewer
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.5.3
- Severity Score:
- High
- CVE:
- 2023-33999
Activity Log For MainWP
- Plugin:
- Activity Log For MainWP
- Plugin Slug:
- activity-log-mainwp
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
WooCommerce Attribute Stock – Share Stock Between Products (Lite Version)
- Plugin Slug:
- attribute-stock-for-woocommerce
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.0
- Severity Score:
- High
- CVE:
- 2023-33999
Message Filter for Contact Form 7
- Plugin Slug:
- cf7-message-filter
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.3
- Severity Score:
- High
- CVE:
- 2023-33999
Church Admin
- Plugin:
- Church Admin
- Plugin Slug:
- church-admin
- Installations:
- 1,000+
- Vulnerability:
- Server Side Request Forgery (SSRF)
- Patched in Version:
- 3.8.0
- Severity Score:
- Medium
- CVE:
- 2023-38515
TempTool [Show Current Template Info]
- Plugin Slug:
- current-template-name
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.10
- Severity Score:
- High
- CVE:
- 2023-33999
XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin]
- Plugin Slug:
- faq-for-woocommerce
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Team Members – GS Plugins
- Plugin:
- Team Members – A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More
- Plugin Slug:
- gs-team-members
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2.2
- Severity Score:
- High
- CVE:
- 2023-33999
Remove Duplicate Posts
- Plugin:
- Remove Duplicate Posts
- Plugin Slug:
- remove-duplicate-posts
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3
- Severity Score:
- High
- CVE:
- 2023-33999
WP Required Taxonomies – Categories and Tags Mandatory
- Plugin Slug:
- required-taxonomies
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.8
- Severity Score:
- High
- CVE:
- 2023-33999
SV Proven Expert
- Plugin:
- SV Proven Expert
- Plugin Slug:
- sv-provenexpert
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
SV Tracking Manager
- Plugin:
- SV Tracking Manager
- Plugin Slug:
- sv-tracking-manager
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
UltraAddons Elementor Lite (Header & Footer Builder, Menu Builder, Cart Icon, Shortcode)
- Plugin Slug:
- ultraaddons-elementor-lite
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.0
- Severity Score:
- High
- CVE:
- 2023-33999
WooBuddy
- Plugin Slug:
- wc4bp
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.4.16
- Severity Score:
- High
- CVE:
- 2023-33999
Live Sales Notification for Woocommerce – Woomotiv
- Plugin Slug:
- woomotiv
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.4
- Severity Score:
- High
- CVE:
- 2023-33999
Integration for WooCommerce and QuickBooks
- Plugin Slug:
- wp-woocommerce-quickbooks
- Installations:
- 1,000+
- Vulnerability:
- Open Redirection
- Patched in Version:
- 1.2.4
- Severity Score:
- Medium
- CVE:
- 2023-38478
wpShopGermany IT-RECHT KANZLEI
- Plugin Slug:
- wpshopgermany-it-recht-kanzlei
- Installations:
- 900+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8
- Severity Score:
- Medium
- CVE:
- 2023-37993
WordPress Gallery Plugin – Limb Image Gallery
- Plugin Slug:
- limb-gallery
- Installations:
- 800+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.5.6
- Severity Score:
- High
- CVE:
- 2023-33999
GraphComment Comment system
- Plugin:
- GraphComment Comment system
- Plugin Slug:
- graphcomment-comment-system
- Installations:
- 700+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.3.5
- Severity Score:
- High
- CVE:
- 2023-33999
Terms & Conditions Per Product
- Plugin Slug:
- terms-and-conditions-per-product
- Installations:
- 700+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.6
- Severity Score:
- High
- CVE:
- 2023-33999
Chamber Dashboard Business Directory
- Plugin Slug:
- chamber-dashboard-business-directory
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.3.2
- Severity Score:
- High
- CVE:
- 2023-33999
Embed Docs – Elementor Files Addon,Elementor Docs Addon,Embed PDF, Word, PowerPoint and Excel Files in Gutenberg & Elementor
- Plugin Slug:
- embed-docs
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.1
- Severity Score:
- High
- CVE:
- 2023-33999
Embed Video Thumbnail
- Plugin:
- Embed Video Thumbnail
- Plugin Slug:
- embed-video-thumbnail
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Form Builder Plugin – Gutenberg Forms
- Plugin Slug:
- forms-gutenberg
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
FormsCRM
- Plugin:
- FormsCRM
- Plugin Slug:
- formscrm
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.6
- Severity Score:
- High
- CVE:
- 2023-33999
WZ Followed Posts – Display what visitors are reading
- Plugin Slug:
- where-did-they-go-from-here
- Installations:
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1.0
- Severity Score:
- High
- CVE:
- 2023-33999
Member Profile Forms / Custom Registration / Post From Profile in BuddyPress / BuddyBoss
- Plugin Slug:
- buddyforms-members
- Installations:
- 500+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.12
- Severity Score:
- High
- CVE:
- 2023-33999
WPEventPartners Demo Import
- Plugin:
- WPEventPartners Demo Import
- Plugin Slug:
- wep-demo-import
- Installations:
- 500+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.4
- Severity Score:
- High
- CVE:
- 2023-33999
Advanced WC Analytics – Google Analytics Dashboard for WooCommerce
- Plugin Slug:
- advance-wc-analytics
- Installations:
- 400+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
Display WP Admin Pages in the Frontend – WP Frontend Admin
- Plugin Slug:
- display-admin-page-on-frontend
- Installations:
- 400+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.21.1
- Severity Score:
- High
- CVE:
- 2023-33999
Product Filter Widget for Elementor
- Plugin Slug:
- product-filter-widget-for-elementor
- Installations:
- 400+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.2
- Severity Score:
- High
- CVE:
- 2023-33999
what3words Address Field
- Plugin:
- what3words Address Field
- Plugin Slug:
- 3-word-address-validation-field
- Installations:
- 300+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 4.0.1
- Severity Score:
- Medium
- CVE:
- 2021-4428
Advanced Custom Fields Frontend Forms – ACF Forms – ACF Post Form – ACF Registration Form – ACF Content Form – ACF Profile Form
- Plugin Slug:
- buddyforms-acf
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.5
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Ultimate Member
- Plugin:
- BuddyForms Ultimate Member
- Plugin Slug:
- buddyforms-ultimate-member
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.8
- Severity Score:
- High
- CVE:
- 2023-33999
Gift Message for WooCommerce
- Plugin:
- Gift Message for WooCommerce
- Plugin Slug:
- gift-message-for-woocommerce
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.5
- Severity Score:
- High
- CVE:
- 2023-33999
Ultimate LinkedIn Integration
- Plugin Slug:
- linkedin-login
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0
- Severity Score:
- High
- CVE:
- 2023-33999
Shipping for Nova Poshta
- Plugin:
- Shipping for Nova Poshta
- Plugin Slug:
- nova-poshta-ttn
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.1
- Severity Score:
- High
- CVE:
- 2023-33999
Spice Blocks
- Plugin:
- Spice Blocks
- Plugin Slug:
- spice-blocks
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3
- Severity Score:
- High
- CVE:
- 2023-33999
WooCommerce Country Catalogs – Product Country Restrictions
- Plugin Slug:
- woo-country-restrictions-advanced
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.14.3
- Severity Score:
- High
- CVE:
- 2023-33999
2MB Autocode
- Plugin:
- 2MB Autocode
- Plugin Slug:
- 2mb-autocode
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.6
- Severity Score:
- High
- CVE:
- 2023-33999
Checkbox
- Plugin:
- Checkbox
- Plugin Slug:
- checkbox
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.8.5
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Image Compression and Optimizer Plugin – CheetahO
- Plugin Slug:
- cheetaho-image-optimizer
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
Multicollab – Google Doc-Style Editorial Commenting for WordPress
- Plugin Slug:
- commenting-feature
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2
- Severity Score:
- High
- CVE:
- 2023-33999
Content Blocks Builder
- Plugin:
- Content Blocks Builder
- Plugin Slug:
- content-blocks-builder
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.3.17
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Job Board and Recruitment Plugin – JobWP
- Plugin Slug:
- jobwp
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0
- Severity Score:
- High
- CVE:
- 2023-33999
Joli FAQ SEO – WordPress FAQ Plugin
- Plugin Slug:
- joli-faq-seo
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
RSS Control
- Plugin:
- RSS Control
- Plugin Slug:
- rss-control
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.8
- Severity Score:
- High
- CVE:
- 2023-33999
Simple Tour Guide
- Plugin:
- Simple Tour Guide
- Plugin Slug:
- simple-tour-guide
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.6
- Severity Score:
- High
- CVE:
- 2023-33999
Coming Soon Pages for WordPress – Coming Soon Booster
- Plugin Slug:
- wp-coming-soon-booster
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.7
- Severity Score:
- High
- CVE:
- 2023-33999
WP SPID Italia
- Plugin:
- WP SPID Italia
- Plugin Slug:
- wp-spid-italia
- Installations:
- 200+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.5
- Severity Score:
- High
- CVE:
- 2023-33999
AI Tools – Chatbot, ChatGPT, Content Generator, Image Generator, Artificial Intelligence GPT
- Plugin Slug:
- artificial-intelligence-auto-content-generator
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Coming Soon Master
- Plugin:
- Coming Soon Master
- Plugin Slug:
- coming-soon-master
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2
- Severity Score:
- High
- CVE:
- 2023-33999
EthereumICO
- Plugin:
- EthereumICO
- Plugin Slug:
- ethereumico
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4.4
- Severity Score:
- High
- CVE:
- 2023-33999
Files Download Delay
- Plugin:
- Files Download Delay
- Plugin Slug:
- files-download-delay
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.9
- Severity Score:
- High
- CVE:
- 2023-33999
Bulk Landing Page Creator for WordPress – LPagery
- Plugin Slug:
- lpagery
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.6
- Severity Score:
- High
- CVE:
- 2023-33999
Mobile App Editor – WordPress to Android App Builder
- Plugin Slug:
- mobile-app-editor
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
Search Field for Gravity Forms
- Plugin Slug:
- search-field-for-gravity-forms
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.6
- Severity Score:
- High
- CVE:
- 2023-33999
Stellar Places
- Plugin:
- Stellar Places
- Plugin Slug:
- stellar-places
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1
- Severity Score:
- High
- CVE:
- 2023-33999
Subaccounts for WooCommerce
- Plugin:
- Subaccounts for WooCommerce
- Plugin Slug:
- subaccounts-for-woocommerce
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
WN Flipbox Pro
- Plugin:
- WN Flipbox Pro
- Plugin Slug:
- wn-flipbox-pro
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1
- Severity Score:
- High
- CVE:
- 2023-33999
Bing Custom Search for WordPress
- Plugin Slug:
- wp-bing-search
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.3
- Severity Score:
- High
- CVE:
- 2023-33999
WP Tools Divi Blog Carousel
- Plugin:
- WP Tools Divi Blog Carousel
- Plugin Slug:
- wp-tools-divi-blog-carousel
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
Display Data on your site! Create Dynamic Content Templates from any form of data. Works with ACF, Pods, BuddyPress/ BuddyBoss
- Plugin Slug:
- buddyforms-hook-fields
- Installations:
- 90+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.2
- Severity Score:
- High
- CVE:
- 2023-33999
Contact Form By Mega Forms – Drag and Drop Form Builder
- Plugin Slug:
- mega-forms
- Installations:
- 90+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.3
- Severity Score:
- High
- CVE:
- 2023-33999
Ultimate Custom ScrollBar
- Plugin:
- Ultimate Custom ScrollBar
- Plugin Slug:
- ultimate-custom-scrollbar
- Installations:
- 90+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2
- Severity Score:
- High
- CVE:
- 2023-33999
WPGutenBlog Demo Import
- Plugin:
- WPGutenBlog Demo Import
- Plugin Slug:
- layouts-importer
- Installations:
- 80+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.3
- Severity Score:
- High
- CVE:
- 2023-33999
SV100 Companion
- Plugin:
- SV100 Companion
- Plugin Slug:
- sv100-companion
- Installations:
- 80+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
Blocks Product Editor for WooCommerce
- Plugin Slug:
- blocks-product-editor-for-woocommerce
- Installations:
- 70+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.2
- Severity Score:
- High
- CVE:
- 2023-33999
Variable Inspector
- Plugin:
- Variable Inspector
- Plugin Slug:
- variable-inspector
- Installations:
- 70+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
Stripe Express
- Plugin:
- Stripe Express
- Plugin Slug:
- wp-stripe-express
- Installations:
- 60+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.12.1
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Form Elements for WooCommerce
- Plugin Slug:
- buddyforms-woocommerce-form-elements
- Installations:
- 50+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.3
- Severity Score:
- High
- CVE:
- 2023-33999
Order Redirects for WooCommerce
- Plugin Slug:
- order-redirects-for-woocommerce
- Installations:
- 40+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.8.1
- Severity Score:
- High
- CVE:
- 2023-33999
Simple blueprint installer
- Plugin:
- Simple blueprint installer
- Plugin Slug:
- simple-blueprint-installer
- Installations:
- 40+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.2
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Moderation ( Former: Review Logic )
- Plugin Slug:
- buddyforms-review
- Installations:
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.8
- Severity Score:
- High
- CVE:
- 2023-33999
Import Holded for WooCommerce or Easy Digital Downloads
- Plugin:
- Connect WooCommerce Holded
- Plugin Slug:
- import-holded-products-woocommerce
- Installations:
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0
- Severity Score:
- High
- CVE:
- 2023-33999
Order Picking For WooCommerce
- Plugin Slug:
- order-picking-for-woocommerce
- Installations:
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.2
- Severity Score:
- High
- CVE:
- 2023-33999
ShortcodeHub – MultiPurpose Shortcode Builder
- Plugin Slug:
- shortcodehub
- Installations:
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.0
- Severity Score:
- High
- CVE:
- 2023-33999
WPEForm Lite – Drag and Drop Live Form Builder for Contact, Payment & Quiz Forms
- Plugin Slug:
- wpeform-lite
- Installations:
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.5
- Severity Score:
- High
- CVE:
- 2023-33999
CO2ok: carbon offsetting for e-commerce
- Plugin Slug:
- co2ok-for-woocommerce
- Installations:
- 20+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.4
- Severity Score:
- High
- CVE:
- 2023-33999
SV Forms
- Plugin:
- SV Forms
- Plugin Slug:
- sv-forms
- Installations:
- 20+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.02
- Severity Score:
- High
- CVE:
- 2023-33999
SV Posts
- Plugin:
- SV Posts
- Plugin Slug:
- sv-posts
- Installations:
- 20+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
Video Analytics for Cloudflare Stream
- Plugin Slug:
- video-analytics-for-cloudflare-stream
- Installations:
- 20+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2
- Severity Score:
- High
- CVE:
- 2023-33999
WP Table Pixie
- Plugin:
- WP Table Pixie
- Plugin Slug:
- wp-table-pixie
- Installations:
- 20+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
CF7 ReCaptcha Mine
- Plugin:
- CF7 ReCaptcha Mine
- Plugin Slug:
- cf7-recaptcha-mine
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Convoworks WP
- Plugin:
- Convoworks WP
- Plugin Slug:
- convoworks-wp
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.22.15
- Severity Score:
- High
- CVE:
- 2023-33999
Custom Welcome Guide
- Plugin:
- Custom Welcome Guide
- Plugin Slug:
- custom-welcome-guide
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.9
- Severity Score:
- High
- CVE:
- 2023-33999
DeMomentSomTres Gravity Forms Improvements
- Plugin Slug:
- demomentsomtres-gravity-forms-improvements
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 201805021810
- Severity Score:
- High
- CVE:
- 2023-33999
Fast Custom Social Share by CodeBard
- Plugin Slug:
- fast-custom-social-share-by-codebard
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.0
- Severity Score:
- High
- CVE:
- 2023-33999
Contact form builder for Gutenberg – Formello
- Plugin Slug:
- formello
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.1
- Severity Score:
- High
- CVE:
- 2023-33999
Menukaart – Restaurant Menu & Online Ordering with WooCommerce
- Plugin Slug:
- menukaart
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4
- Severity Score:
- High
- CVE:
- 2023-33999
SV Columns Manager
- Plugin:
- SV Columns Manager
- Plugin Slug:
- sv-columns-manager
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
Divi Testimonial Plus
- Plugin:
- Divi Testimonial Plus
- Plugin Slug:
- website-testimonials
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.1.1
- Severity Score:
- High
- CVE:
- 2023-33999
WP Signals
- Plugin:
- WP Signals
- Plugin Slug:
- wp-signals
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Anonymous Author
- Plugin:
- BuddyForms Anonymous Author
- Plugin Slug:
- buddyforms-anonymous-author
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Attach Post with Group
- Plugin Slug:
- buddyforms-attach-posts-to-groups-extension
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.3
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Hierarchical Posts
- Plugin Slug:
- buddyforms-hierarchical-posts
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.4
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Posts 2 Posts
- Plugin:
- BuddyForms Posts 2 Posts
- Plugin Slug:
- buddyforms-posts-to-posts-integration
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyForms Remote
- Plugin:
- BuddyForms Remote
- Plugin Slug:
- buddyforms-remote
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.5
- Severity Score:
- High
- CVE:
- 2023-33999
Caldera Forms
- Plugin:
- Caldera Forms
- Plugin Slug:
- caldera-forms
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.7.5.1
- Severity Score:
- High
- CVE:
- 2023-33999
Simple Freemius Shop
- Plugin:
- Simple Freemius Shop
- Plugin Slug:
- checkout-freemius-rewamped
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
Convert Pro
- Plugin:
- Convert Pro
- Plugin Slug:
- convertpro
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.7.6
- Severity Score:
- High
- CVE:
- 2023-36684
DeMomentSomTres Subscribe
- Plugin:
- DeMomentSomTres Subscribe
- Plugin Slug:
- demomentsomtres-mailchimp-subscribe
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.201903272301
- Severity Score:
- High
- CVE:
- 2023-33999
DEV.LAND
- Plugin:
- DEV.LAND
- Plugin Slug:
- dev-land
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.5
- Severity Score:
- High
- CVE:
- 2023-33999
DokoBuilder : DIY Product Bundle for WooCommerce
- Plugin Slug:
- doko-box-builder
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.1
- Severity Score:
- High
- CVE:
- 2023-33999
Expandable Paywall
- Plugin:
- Expandable Paywall
- Plugin Slug:
- expandable-paywall
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.17
- Severity Score:
- High
- CVE:
- 2023-33999
External Media Upload
- Plugin:
- External Media Upload
- Plugin Slug:
- external-media-upload
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.4
- Severity Score:
- High
- CVE:
- 2023-33999
Frontend Admin – Add and edit posts, pages, users and more all from the frontend
- Plugin Slug:
- frontend-admin
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.8.0
- Severity Score:
- High
- CVE:
- 2023-33999
Gallery Bank
- Plugin:
- Gallery Bank
- Plugin Slug:
- gallery-bank
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.0.19
- Severity Score:
- High
- CVE:
- 2023-33999
Map Plugin alternative to Google Maps using MapQuest, with directions
- Plugin Slug:
- get-directions
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.16.2
- Severity Score:
- High
- CVE:
- 2023-33999
Information for help
- Plugin:
- Information for help
- Plugin Slug:
- information-for-help
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 0.0.3
- Severity Score:
- High
- CVE:
- 2023-33999
Google Maps Plugin by Intergeo
- Plugin Slug:
- intergeo-maps
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.6
- Severity Score:
- High
- CVE:
- 2023-33999
Oxygen Builder
- Plugin:
- Oxygen Builder
- Plugin Slug:
- oxygen
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 4.4
- Severity Score:
- Medium
- CVE:
- 2022-46841
Popups
- Plugin:
- Popups
- Plugin Slug:
- popups
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8
- Severity Score:
- High
- CVE:
- 2023-33999
Remove WP Update Nags
- Plugin:
- Remove WP Update Nags
- Plugin Slug:
- remove-wp-update-nags
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.5.0
- Severity Score:
- High
- CVE:
- 2023-33999
SV Media Library
- Plugin:
- SV Media Library
- Plugin Slug:
- sv-media-library
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.00
- Severity Score:
- High
- CVE:
- 2023-33999
BuddyPress Groups Integration for WooCommerce
- Plugin Slug:
- wc4bp-groups
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.1
- Severity Score:
- High
- CVE:
- 2023-33999
WP Cloud Server
- Plugin:
- WP Cloud Server
- Plugin Slug:
- wp-cloud-server
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- High
- CVE:
- 2023-33999
WP Native Articles – Instant Articles Plugin for WordPress
- Plugin Slug:
- wp-native-articles
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
Schema Pro
- Plugin:
- Schema Pro
- Plugin Slug:
- wp-schema-pro
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.7.8
- Severity Score:
- Medium
- CVE:
- 2023-36682
WP Scrive by Webbstart
- Plugin:
- WP Scrive by Webbstart
- Plugin Slug:
- wp-scrive
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.4
- Severity Score:
- High
- CVE:
- 2023-33999
WPCasa Mail Alert
- Plugin:
- WPCasa Mail Alert
- Plugin Slug:
- wpcasa-mail-alert
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.3.0
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Plugin Vulnerabilities — Unpatched
This section contains plugin vulnerabilities with no known fix. Until a patch is available, you are advised to deactivate the plugin, at minimum, immediately. If there is a high risk of active exploits or the plugin remains unpatched for weeks, you are advised to delete the plugin. You should also delete persistently unpatched plugins the WordPress.org repository has locked and marked “Closed” so they can no longer be downloaded and installed.
WPS Limit Login
- Plugin:
- WPS Limit Login
- Plugin Slug:
- wps-limit-login
- Installations:
- 60,000+
- Vulnerability:
- Race Condition
- Patched in Version:
- No Fix
- Severity Score:
- Low
- CVE:
- 2023-39160
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations:
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-38392
Social Share Icons & Social Share Buttons
- Plugin Slug:
- ultimate-social-media-plus
- Installations:
- 30,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38514
WP-CopyProtect [Protect your blog posts]
- Plugin Slug:
- wp-copyprotect
- Installations:
- 20,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-25025
Elastic Email Sender
- Plugin:
- Elastic Email Sender
- Plugin Slug:
- elastic-email-sender
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38387
GTmetrix for WordPress
- Plugin:
- GTmetrix for WordPress
- Plugin Slug:
- gtmetrix-for-wordpress
- Installations:
- 10,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37996
Molongui
- Plugin Slug:
- molongui-authorship
- Installations:
- 9,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-39164
Pinpoint Booking System
- Plugin Slug:
- booking-system
- Installations:
- 5,000+
- Vulnerability:
- Content Spoofing
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38520
Borderless
- Plugin Slug:
- borderless
- Installations:
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38518
Art Decoration Shortcode
- Plugin:
- Art Decoration Shortcode
- Plugin Slug:
- art-decoration-shortcode
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37994
Banner Management For WooCommerce
- Plugin Slug:
- banner-management-for-woocommerce
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-39158
Fraud Prevention For Woocommerce
- Plugin Slug:
- woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers
- Installations:
- 4,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-39159
Google Map Shortcode
- Plugin:
- Google Map Shortcode
- Plugin Slug:
- google-map-shortcode
- Installations:
- 3,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38396
MultiParcels Shipping For WooCommerce
- Plugin Slug:
- multiparcels-shipping-for-woocommerce
- Installations:
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
Server Info
- Plugin:
- Server Info
- Plugin Slug:
- server-info
- Installations:
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Language
- Plugin:
- WordPress Language
- Plugin Slug:
- wordpress-language
- Installations:
- 3,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38383
WP Emoji One
- Plugin:
- WP Emoji One
- Plugin Slug:
- wp-emoji-one
- Installations:
- 3,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37991
WP Quick Post Duplicator
- Plugin:
- WP Quick Post Duplicator
- Plugin Slug:
- wp-quick-post-duplicator
- Installations:
- 3,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-31214
Booster Elementor Addons
- Plugin:
- Booster Elementor Addons
- Plugin Slug:
- booster-for-elementor
- Installations:
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38480
Instant CSS
- Plugin:
- Instant CSS
- Plugin Slug:
- instant-css
- Installations:
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38483
CodeBard's Patron Button and Widgets for Patreon
- Plugin Slug:
- patron-button-and-widgets-by-codebard
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-30491
Simple Googlebot Visit
- Plugin:
- Simple Googlebot Visit
- Plugin Slug:
- simple-googlebot-visit
- Installations:
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38479
QR code MeCard/vCard generator
- Plugin Slug:
- wp-qrcode-me-v-card
- Installations:
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38477
WRC Pricing Tables
- Plugin:
- WRC Pricing Tables
- Plugin Slug:
- wrc-pricing-tables
- Installations:
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38517
Audio Player with Playlist Ultimate
- Plugin Slug:
- audio-player-with-playlist-ultimate
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38516
Client Portal : SuiteDash Direct Login
- Plugin Slug:
- client-portal-suitedash-login
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38476
Go Fetch Jobs (for WP Job Manager)
- Plugin Slug:
- go-fetch-jobs-wp-job-manager
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Mobile Address Bar Changer
- Plugin:
- Mobile Address Bar Changer
- Plugin Slug:
- mobile-address-bar-changer
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38390
Perelink Pro
- Plugin:
- Perelink Pro
- Plugin Slug:
- perelink
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37990
Post List With Featured Image
- Plugin Slug:
- post-list-with-featured-image
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-37997
Post Affiliate Pro
- Plugin:
- Post Affiliate Pro
- Plugin Slug:
- postaffiliatepro
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38482
Remove Duplicate Posts
- Plugin:
- Remove Duplicate Posts
- Plugin Slug:
- remove-duplicate-posts
- Installations:
- 1,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-29237
Donations Made Easy – Smart Donations
- Plugin Slug:
- smart-donations
- Installations:
- 1,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38475
Taboola
- Plugin:
- Taboola
- Plugin Slug:
- taboola
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38398
Exifography
- Plugin:
- Exifography
- Plugin Slug:
- thesography
- Installations:
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38521
Onepage Builder – Easiest Landing Page Builder For WordPress
- Plugin Slug:
- tx-onepager
- Installations:
- 1,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38391
eaSYNC
- Plugin Slug:
- easync-booking
- Installations:
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-38384
Post Connector
- Plugin:
- Post Connector
- Plugin Slug:
- post-connector
- Installations:
- 100+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-28931
Smarty for WordPress
- Plugin:
- Smarty for WordPress
- Plugin Slug:
- smarty-for-wordpress
- Installations:
- 100+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37992
Gestion-Pymes
- Plugin:
- Gestion-Pymes
- Plugin Slug:
- gestion-pymes
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38397
Woocommerce Delivery Date Premium
- Plugin Slug:
- woocommerce-delivery-date
- Installations:
- 10+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
bbResolutions
- Plugin:
- bbResolutions
- Plugin Slug:
- bbresolutions
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
BlogPost – BlogPost Widgets – Amazing Blog Layouts
- Plugin Slug:
- blogpost-widgets
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
CF7 Constant Contact Fields Mapping
- Plugin Slug:
- cf7-constant-contact-fields-mapping
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WP Clone Menu
- Plugin:
- WP Clone Menu
- Plugin Slug:
- clone-menu
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38395
DancePress (TRWA)
- Plugin:
- DancePress (TRWA)
- Plugin Slug:
- dancepress-trwa
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
DeMomentSomTres Immediate Send
- Plugin Slug:
- demomentsomtres-mailchimp-immediate-send
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Disabler
- Plugin:
- Disabler
- Plugin Slug:
- disabler
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-37998
WordPress Easy Call Now Button by elixirs.io
- Plugin Slug:
- easy-call-now-button
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Extend Filter Products By Price Widget
- Plugin Slug:
- extend-filter-products-by-price-widget
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Easy Responsive Pricing Tables
- Plugin Slug:
- fullworks-pricing-tables
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Jupiter X Core
- Plugin:
- JupiterX Core
- Plugin Slug:
- jupiterx-core
- Vulnerability:
- Arbitrary File Download
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-3813
WP Logger
- Plugin:
- WP Logger
- Plugin Slug:
- lite-wp-logger
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
LWS Affiliation
- Plugin:
- LWS Affiliation
- Plugin Slug:
- lws-affiliation
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2023-32297
Menu Item Scheduler
- Plugin:
- Menu Item Scheduler
- Plugin Slug:
- menu-item-scheduler
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Protect Uploads with Login – Protect Your Uploads
- Plugin Slug:
- protect-uploads-with-login-page
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Quasar form
- Plugin:
- Quasar form
- Plugin Slug:
- quasar-form
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-35910
Role Based Bulk Quantity Pricing
- Plugin Slug:
- role-based-bulk-quantity-pricing
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Page Builder for Gutenberg – StarterBlocks
- Plugin Slug:
- starterblocks
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Subscribe to Category
- Plugin:
- Subscribe to Category
- Plugin Slug:
- subscribe-to-category
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2023-32590
tagDiv Composer
- Plugin:
- tagDiv Composer
- Plugin Slug:
- td-composer
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-39166
Ultra Elementor Addons
- Plugin:
- Ultra Elementor Addons
- Plugin Slug:
- ultra-elementor-addons
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Auto SEO Plugin – Upfiv SEO Wizard
- Plugin Slug:
- upfiv-complete-all-in-one-seo-wizard
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
User Email Verification for WooCommerce
- Plugin Slug:
- woo-confirmation-email
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-39162
WP-FlyBox
- Plugin:
- WP-FlyBox
- Plugin Slug:
- wp-flybox
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2023-38381
WooCommerce Sync for Google Sheet
- Plugin Slug:
- wp-woo-commerce-sync-for-g-sheet
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WordPress Theme Vulnerabilities
In this section, you’ll find the latest WordPress theme vulnerabilities to be disclosed. You’ll see the same information we provided above for vulnerable plugins, and the same advice applies. If a security update exists, install it immediately. If a vulnerability remains unpatched in a theme you are actively using, you must find an alternative theme. Deactivate and delete persistently unpatched themes and those marked “Closed” in the WordPress.org theme repository. If you have a vulnerable theme installed that you are not actively using, delete it.
Bootstrap Blog
- Theme:
- Bootstrap Blog
- Theme Slug:
- bootstrap-blog
- Downloads:
- 87,177
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 10.2.3
- Severity Score:
- High
- CVE:
- 2023-33999
Ona
- Theme:
- Ona
- Theme Slug:
- ona
- Downloads:
- 86,847
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.18.3
- Severity Score:
- High
- CVE:
- 2023-33999
Yuki
- Theme:
- Yuki
- Theme Slug:
- yuki
- Downloads:
- 74,316
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Techism
- Theme:
- Techism
- Theme Slug:
- techism
- Downloads:
- 58,069
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Chic Lifestyle
- Theme:
- Chic Lifestyle
- Theme Slug:
- chic-lifestyle
- Downloads:
- 57,532
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 10.0.8
- Severity Score:
- High
- CVE:
- 2023-33999
Lifestyle Magazine
- Theme:
- Lifestyle Magazine
- Theme Slug:
- lifestyle-magazine
- Downloads:
- 49,638
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 10.2.1
- Severity Score:
- High
- CVE:
- 2023-33999
SalesZone
- Theme:
- SalesZone
- Theme Slug:
- saleszone
- Downloads:
- 45,813
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Travel Tour
- Theme:
- Travel Tour
- Theme Slug:
- travel-tour
- Downloads:
- 39,431
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.0
- Severity Score:
- High
- CVE:
- 2023-33999
Brand
- Theme:
- Brand
- Theme Slug:
- brand
- Downloads:
- 32,911
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WP Sierra
- Theme:
- WP Sierra
- Theme Slug:
- wp-sierra
- Downloads:
- 31,861
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Eighteen tags
- Theme:
- Eighteen tags
- Theme Slug:
- eighteen-tags
- Downloads:
- 26,056
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Hasium
- Theme:
- Hasium
- Theme Slug:
- hasium
- Downloads:
- 23,338
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Broadcast Lite
- Theme:
- Broadcast Lite
- Theme Slug:
- broadcast-lite
- Downloads:
- 21,268
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.8
- Severity Score:
- High
- CVE:
- 2023-33999
Salzburg Blog
- Theme:
- Salzburg Blog
- Theme Slug:
- salzburg-blog
- Downloads:
- 21,114
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Everse
- Theme:
- Everse
- Theme Slug:
- everse
- Downloads:
- 19,143
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.12
- Severity Score:
- High
- CVE:
- 2023-33999
Speculor
- Theme:
- Speculor
- Theme Slug:
- speculor
- Downloads:
- 17,306
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Meridia
- Theme:
- Meridia
- Theme Slug:
- meridia
- Downloads:
- 16,976
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2.8
- Severity Score:
- High
- CVE:
- 2023-33999
Aquarella Lite
- Theme:
- Aquarella Lite
- Theme Slug:
- aquarella-lite
- Downloads:
- 16,673
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Consultpress Lite
- Theme:
- ConsultPress Lite
- Theme Slug:
- consultpress-lite
- Downloads:
- 15,868
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Topcat Lite
- Theme:
- Topcat Lite
- Theme Slug:
- topcat-lite
- Downloads:
- 15,747
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Shuban
- Theme:
- Shuban
- Theme Slug:
- shuban
- Downloads:
- 13,783
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Purus
- Theme:
- Purus
- Theme Slug:
- purus
- Downloads:
- 13,561
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Elation
- Theme:
- Elation
- Theme Slug:
- elation
- Downloads:
- 13,250
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
GutenBook
- Theme:
- GutenBook
- Theme Slug:
- gutenbook
- Downloads:
- 13,216
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Chained
- Theme:
- Chained
- Theme Slug:
- chained
- Downloads:
- 12,157
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Elasta
- Theme:
- Elasta
- Theme Slug:
- elasta
- Downloads:
- 11,744
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.9
- Severity Score:
- High
- CVE:
- 2023-33999
Purosa
- Theme:
- Purosa
- Theme Slug:
- purosa
- Downloads:
- 11,224
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.3
- Severity Score:
- High
- CVE:
- 2023-33999
LearnMore
- Theme:
- LearnMore
- Theme Slug:
- learnmore
- Downloads:
- 9,915
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WPCake
- Theme:
- WPCake
- Theme Slug:
- wpcake
- Downloads:
- 8,708
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Nokke
- Theme:
- Nokke
- Theme Slug:
- nokke
- Downloads:
- 8,472
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.4
- Severity Score:
- High
- CVE:
- 2023-33999
Arendelle
- Theme:
- Arendelle
- Theme Slug:
- arendelle
- Downloads:
- 8,463
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.13
- Severity Score:
- High
- CVE:
- 2023-33999
PixiGo
- Theme:
- PixiGo
- Theme Slug:
- pixigo
- Downloads:
- 7,670
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
WP Moose
- Theme:
- WP Moose
- Theme Slug:
- wp-moose
- Downloads:
- 7,516
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
G Blog
- Theme:
- G Blog
- Theme Slug:
- g-blog
- Downloads:
- 6,993
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
NicheBase
- Theme:
- NicheBase
- Theme Slug:
- nichebase
- Downloads:
- 6,985
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.3
- Severity Score:
- High
- CVE:
- 2023-33999
Cuisine Palace
- Theme:
- Cuisine Palace
- Theme Slug:
- cuisine-palace
- Downloads:
- 6,091
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Amela
- Theme:
- Amela
- Theme Slug:
- amela
- Downloads:
- 6,063
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.14
- Severity Score:
- High
- CVE:
- 2023-33999
Agncy
- Theme:
- Agncy
- Theme Slug:
- agncy
- Downloads:
- 6,032
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Travel Agency Booking
- Theme:
- Travel Agency Booking
- Theme Slug:
- travel-agency-booking
- Downloads:
- 5,703
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Bootstrap Fitness
- Theme:
- Bootstrap Fitness
- Theme Slug:
- bootstrap-fitness
- Downloads:
- 5,569
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.6
- Severity Score:
- High
- CVE:
- 2023-33999
Bootstrap Coach
- Theme:
- Bootstrap Coach
- Theme Slug:
- bootstrap-coach
- Downloads:
- 5,146
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.2
- Severity Score:
- High
- CVE:
- 2023-33999
Blockst
- Theme:
- Blockst
- Theme Slug:
- blockst
- Downloads:
- 3,309
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.0.9
- Severity Score:
- High
- CVE:
- 2023-33999
Relax Spa
- Theme:
- Relax Spa
- Theme Slug:
- relax-spa
- Downloads:
- 2,572
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.1
- Severity Score:
- High
- CVE:
- 2023-33999
Villar
- Theme:
- Villar
- Theme Slug:
- villar
- Downloads:
- 3,995
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
BlogHub
- Theme:
- BlogHub
- Theme Slug:
- bloghub
- Downloads:
- 3,575
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Viralike
- Theme:
- Viralike
- Theme Slug:
- viralike
- Downloads:
- 3,245
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
NewsHit
- Theme:
- NewsHit
- Theme Slug:
- newshit
- Downloads:
- 3,073
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Simplifii
- Theme:
- Simplifii
- Theme Slug:
- simplifii
- Downloads:
- 2,700
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Roven Blog
- Theme:
- Roven Blog
- Theme Slug:
- roven-blog
- Downloads:
- 2,598
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Krste
- Theme:
- Krste
- Theme Slug:
- krste
- Downloads:
- 2,526
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Unakit
- Theme:
- Unakit
- Theme Slug:
- unakit
- Downloads:
- 2,259
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Temp Mail X
- Theme:
- Temp Mail X
- Theme Slug:
- temp-mail-x
- Downloads:
- 2,215
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Rovenstart
- Theme:
- Rovenstart
- Theme Slug:
- rovenstart
- Downloads:
- 1,845
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Bani
- Theme:
- Bani
- Theme Slug:
- bani
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2023-33999
Solid Security is part of Solid Suite — The best foundation for WordPress websites.
Every WordPress site needs security, backups, and management tools. That’s Solid Suite — an integrated bundle of three plugins: Solid Security, Solid Backups, and Solid Central. You also get access to Solid Academy’s learning resources for WordPress professionals. Build your next WordPress website on a solid foundation with Solid Suite!
Join us for the next Solid Academy Webinar!
Free weekly webinars that will help you master WordPress and increase your business's bottom line.
What is a WordPress Phishing Attack?
Learn how to identify and prevent phishing attacks on WordPress websites.
Kiki SheldonWebsite Protection: 5 Ways to Keep Your Website Safe
Robust website protection is the shield that stands between your business and relentless cyber attacks. Prioritizing website protection enables businesses to fortify defenses to safeguard their online presence and preserve the trust of their customers in the face of ever-evolving cybersecurity threats.
Kiki Sheldon23 Ideas To Grow Your WordPress Business in 2023
WordPress is the most popular website-building platform worldwide, trusted by numerous brands. WordPress enables you to build a user-friendly and highly reliable site, together with tools and plugins to enhance your marketing and work like a lead magnet. All these features make WordPress the platform chosen by more than 43% of businesses globally.
SolidWP Editorial TeamSign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Placeholder text
Placeholder text
Get started with confidence — risk free, guaranteed
