In this report, 87 vulnerabilities have been publicly disclosed. Security patches for 73 of these plugins and themes are available now, so run those updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 14 plugin vulnerabilities with no patch available yet. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
WordPress Core
WordPress 6.6 Beta 3 was released on June 18, 2024. The target release date for WordPress 6.6 is July 16, 2024. Your help testing Beta and RC versions over the next four weeks is vital to making sure the final release is everything it should be: stable, powerful, and intuitive.
WordPress Plugins — 71 Patched / 14 Unpatched
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
- Plugin Slug:
- bdthemes-element-pack-lite
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-3925
Advanced Contact form 7 DB
- Plugin:
- Advanced Contact form 7 DB
- Plugin Slug:
- advanced-cf7-db
- Installations
- 90,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-4319
Custom Field Suite
- Plugin:
- Custom Field Suite
- Plugin Slug:
- custom-field-suite
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-3559
Elespare – News, Magazine and Blog Elements & Blog Addons for Elementor with Header Footer Builder. One Click Import: No Coding Required!
- Plugin Slug:
- elespare
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-4615
Shariff for WordPress
- Plugin:
- Shariff for WordPress
- Plugin Slug:
- shariff-sharing
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-2695
Scheduling Plugin – Online Booking for WordPress
- Plugin:
- Scheduling Plugin – Online Booking for WordPress
- Plugin Slug:
- calendar-booking
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-1634
Canto
- Plugin:
- Canto
- Plugin Slug:
- canto
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-4936
Collapse-O-Matic
- Plugin:
- Collapse-O-Matic
- Plugin Slug:
- jquery-collapse-o-matic
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-4095
Master Slider
- Plugin:
- Master Slider
- Plugin Slug:
- master-slider
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-4375
PDF Viewer for Elementor
- Plugin:
- PDF Viewer for Elementor
- Plugin Slug:
- pdf-viewer-for-elementor
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-0845
Schema App Structured Data
- Plugin:
- Schema App Structured Data
- Plugin Slug:
- schema-app-structured-data-for-schemaorg
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-0892
Where I Was, Where I Will Be
- Plugin:
- Where I Was, Where I Will Be
- Plugin Slug:
- where-i-was-where-i-will-be
- Vulnerability:
- Remote File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-5577
Video Gallery
- Plugin:
- Video Gallery
- Plugin Slug:
- yotuwp-easy-youtube-embed
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-4551
Video Gallery
- Plugin:
- Video Gallery
- Plugin Slug:
- yotuwp-easy-youtube-embed
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-4258
WooCommerce
- Plugin:
- WooCommerce
- Plugin Slug:
- woocommerce
- Installations
- 7,000,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 8.9.3
- Severity Score:
- High
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
- Plugin:
- Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
- Plugin Slug:
- essential-addons-for-elementor-lite
- Installations
- 2,000,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.9.24
- Severity Score:
- Medium
- CVE:
- 2024-5189
Elementor Header & Footer Builder
- Plugin Slug:
- header-footer-elementor
- Installations
- 2,000,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.36
- Severity Score:
- Medium
- CVE:
- 2024-5757
WPS Hide Login
- Plugin:
- WPS Hide Login
- Plugin Slug:
- wps-hide-login
- Installations
- 1,000,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 1.9.16
- Severity Score:
- Medium
- CVE:
- 2024-2473
Premium Addons for Elementor
- Plugin:
- Premium Addons for Elementor
- Plugin Slug:
- premium-addons-for-elementor
- Installations
- 700,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.10.34
- Severity Score:
- Medium
- CVE:
- 2024-5553
Ocean Extra
- Plugin:
- Ocean Extra
- Plugin Slug:
- ocean-extra
- Installations
- 600,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.2.9
- Severity Score:
- Medium
- CVE:
- 2024-5531
SiteOrigin Widgets Bundle
- Plugin:
- SiteOrigin Widgets Bundle
- Plugin Slug:
- so-widgets-bundle
- Installations
- 600,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.62.0
- Severity Score:
- Medium
- CVE:
- 2024-5090
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
- Plugin Slug:
- kadence-blocks
- Installations
- 400,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.39
- Severity Score:
- Medium
- CVE:
- 2024-4863
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor
- Plugin Slug:
- metform
- Installations
- 300,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 3.8.9
- Severity Score:
- Medium
- CVE:
- 2024-4266
WP Go Maps (formerly WP Google Maps)
- Plugin Slug:
- wp-google-maps
- Installations
- 300,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 9.0.39
- Severity Score:
- Medium
- CVE:
- 2024-5994
WP Go Maps (formerly WP Google Maps)
- Plugin Slug:
- wp-google-maps
- Installations
- 300,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 9.0.39
- Severity Score:
- Medium
Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty
- Plugin Slug:
- chaty
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.3
- Severity Score:
- Medium
- CVE:
- 2024-4149
Jeg Elementor Kit
- Plugin:
- Jeg Elementor Kit
- Plugin Slug:
- jeg-elementor-kit
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.6
- Severity Score:
- Medium
- CVE:
- 2024-4479
Popup Builder – Create highly converting, mobile friendly marketing popups.
- Plugin Slug:
- popup-builder
- Installations
- 200,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.3.2
- Severity Score:
- Medium
- CVE:
- 2023-6696
Popup Builder – Create highly converting, mobile friendly marketing popups.
- Plugin Slug:
- popup-builder
- Installations
- 200,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.3.2
- Severity Score:
- Medium
- CVE:
- 2024-2544
Download Manager
- Plugin:
- Download Manager
- Plugin Slug:
- download-manager
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.2.90
- Severity Score:
- Medium
- CVE:
- 2024-2098
Download Manager
- Plugin:
- Download Manager
- Plugin Slug:
- download-manager
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.87
- Severity Score:
- Medium
- CVE:
- 2024-1766
Download Manager
- Plugin:
- Download Manager
- Plugin Slug:
- download-manager
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.94
- Severity Score:
- Medium
- CVE:
- 2024-5266
FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel
- Plugin Slug:
- foogallery
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4.16
- Severity Score:
- Medium
- CVE:
- 2024-2122
PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)
- Plugin Slug:
- powerpack-lite-for-elementor
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.7.21
- Severity Score:
- Medium
- CVE:
- 2024-5787
Social Sharing Plugin – Sassy Social Share
- Plugin Slug:
- sassy-social-share
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.3.63
- Severity Score:
- Medium
- CVE:
- 2024-4924
Search & Replace
- Plugin:
- Search & Replace
- Plugin Slug:
- search-and-replace
- Installations
- 100,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 3.2.2
- Severity Score:
- High
- CVE:
- 2024-4145
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor)
- Plugin Slug:
- woolentor-addons
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.9.1
- Severity Score:
- Medium
- CVE:
- 2024-5530
Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce
- Plugin Slug:
- email-subscribers
- Installations
- 90,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 5.7.23
- Severity Score:
- High
- CVE:
- 2024-4845
Events Manager – Calendar, Bookings, Tickets, and more!
- Plugin Slug:
- events-manager
- Installations
- 90,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.4.8
- Severity Score:
- Medium
- CVE:
- 2024-3492
Simple Sitemap – Create a Responsive HTML Sitemap
- Plugin Slug:
- simple-sitemap
- Installations
- 90,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 3.5.14
- Severity Score:
- Medium
- CVE:
- 2023-6492
Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager
- Plugin Slug:
- folders
- Installations
- 80,000+
- Vulnerability:
- Path Traversal
- Patched in Version:
- 3.0.1
- Severity Score:
- Medium
- CVE:
- 2024-2023
WordPress Online Booking and Scheduling Plugin – Bookly
- Plugin Slug:
- bookly-responsive-appointment-booking-tool
- Installations
- 70,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 23.3
- Severity Score:
- Medium
- CVE:
- 2024-5584
Woody code snippets – Insert Header Footer Code, AdSense Ads
- Plugin Slug:
- insert-php
- Installations
- 70,000+
- Vulnerability:
- Remote Code Execution (RCE)
- Patched in Version:
- 2.5.1
- Severity Score:
- Critical
- CVE:
- 2024-3105
Blog2Social: Social Media Auto Post & Scheduler
- Plugin Slug:
- blog2social
- Installations
- 60,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 7.4.2
- Severity Score:
- High
- CVE:
- 2024-3549
Divi Torque Lite – Divi Theme and Extra Theme
- Plugin Slug:
- addons-for-divi
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.0.0
- Severity Score:
- Medium
- CVE:
- 2024-5892
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.2
- Severity Score:
- Medium
- CVE:
- 2024-0627
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations
- 40,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 2.6.2
- Severity Score:
- Medium
- CVE:
- 2023-6748
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.2
- Severity Score:
- Medium
- CVE:
- 2023-6745
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.2
- Severity Score:
- Medium
- CVE:
- 2024-0653
Greenshift – animation and page builder blocks
- Plugin Slug:
- greenshift-animation-and-page-builder-blocks
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 8.9.4
- Severity Score:
- Medium
- CVE:
- 2024-35765
Stratum – Elementor Widgets
- Plugin:
- Stratum – Elementor Widgets
- Plugin Slug:
- stratum
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.2
- Severity Score:
- Medium
- CVE:
- 2024-5611
Serious Slider
- Plugin:
- Serious Slider
- Plugin Slug:
- cryout-serious-slider
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.2.5
- Severity Score:
- Medium
- CVE:
- 2024-35762
Futurio Extra
- Plugin:
- Futurio Extra
- Plugin Slug:
- futurio-extra
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.6
- Severity Score:
- Medium
- CVE:
- 2024-5646
Business Directory Plugin – Easy Listing Directories for WordPress
- Plugin Slug:
- business-directory-plugin
- Installations
- 10,000+
- Vulnerability:
- CSV Injection
- Patched in Version:
- 6.4.4
- Severity Score:
- Medium
- CVE:
- 2023-5527
Restaurant Menu – Food Ordering System – Table Reservation
- Plugin Slug:
- menu-ordering-reservations
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4.1
- Severity Score:
- Medium
- CVE:
- 2024-1399
CoDesigner – The Most Compact and User-Friendly Elementor WooCommerce Builder
- Plugin Slug:
- woolementor
- Installations
- 10,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 4.5
- Severity Score:
- Critical
- CVE:
- 2024-4371
CoDesigner – The Most Compact and User-Friendly Elementor WooCommerce Builder
- Plugin Slug:
- woolementor
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.5
- Severity Score:
- Medium
- CVE:
- 2024-4564
WordPress Header Builder Plugin – Pearl
- Plugin Slug:
- pearl-header-builder
- Installations
- 9,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.3.8
- Severity Score:
- Medium
- CVE:
- 2024-5468
Events Addon for Elementor
- Plugin:
- Events Addon for Elementor
- Plugin Slug:
- events-addon-for-elementor
- Installations
- 8,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1.7
- Severity Score:
- Medium
- CVE:
- 2024-4669
Themify Builder
- Plugin:
- Themify Builder
- Plugin Slug:
- themify-builder
- Installations
- 7,000+
- Vulnerability:
- Open Redirection
- Patched in Version:
- 7.5.8
- Severity Score:
- Medium
- CVE:
- 2024-3032
Dashboard Widgets Suite
- Plugin:
- Dashboard Widgets Suite
- Plugin Slug:
- dashboard-widgets-suite
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.4.4
- Severity Score:
- High
- CVE:
- 2024-0979
WP Job Portal – A Complete Job Board
- Plugin Slug:
- wp-job-portal
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1.4
- Severity Score:
- Medium
- CVE:
- 2024-35760
WP Job Portal – A Complete Job Board
- Plugin Slug:
- wp-job-portal
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.1.4
- Severity Score:
- Medium
- CVE:
- 2024-35759
InstaWP Connect – 1-click WP Staging & Migration
- Plugin Slug:
- instawp-connect
- Installations
- 4,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 0.1.0.39
- Severity Score:
- Critical
- CVE:
- 2024-4898
Tickera – WordPress Event Ticketing
- Plugin Slug:
- tickera-event-ticketing-system
- Installations
- 4,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.5.2.9
- Severity Score:
- Medium
- CVE:
- 2024-5860
Online Booking & Scheduling Calendar for WordPress by vcita
- Plugin Slug:
- meeting-scheduler-by-vcita
- Installations
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.4.1
- Severity Score:
- Medium
- CVE:
- 2024-35761
Church Admin
- Plugin:
- Church Admin
- Plugin Slug:
- church-admin
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.4.5
- Severity Score:
- Medium
- CVE:
- 2024-35764
Easy Age Verify
- Plugin:
- Easy Age Verify
- Plugin Slug:
- easy-age-verify
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.3
- Severity Score:
- Medium
- CVE:
- 2024-35757
AI Infographic Maker
- Plugin:
- AI Infographic Maker
- Plugin Slug:
- infographic-and-list-builder-ilist
- Installations
- 1,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.7.5
- Severity Score:
- Medium
- CVE:
- 2024-5858
WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin
- Plugin Slug:
- timetics
- Installations
- 1,000+
- Vulnerability:
- Privilege Escalation
- Patched in Version:
- 1.0.22
- Severity Score:
- High
- CVE:
- 2024-1094
Activity Reactions For Buddypress
- Plugin Slug:
- activity-reactions-for-buddypress
- Installations
- 300+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 12.5.1
- Severity Score:
- Medium
- CVE:
- 2024-4892
Left right image slideshow gallery
- Plugin Slug:
- left-right-image-slideshow-gallery
- Installations
- 90+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 1.8.2
- Severity Score:
- High
- CVE:
- 2024-5543
Dokan Pro
- Plugin:
- Dokan Pro
- Plugin Slug:
- dokan-pro
- Vulnerability:
- SQL Injection
- Patched in Version:
- 3.11.0
- Severity Score:
- Critical
- CVE:
- 2024-3922
ElementsKit Pro
- Plugin:
- ElementsKit Pro
- Plugin Slug:
- elementskit
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.6.3
- Severity Score:
- Medium
- CVE:
- 2024-5263
ElementsKit Pro
- Plugin:
- ElementsKit Pro
- Plugin Slug:
- elementskit
- Vulnerability:
- Server Side Request Forgery (SSRF)
- Patched in Version:
- 3.6.3
- Severity Score:
- Medium
- CVE:
- 2024-4404
Folders Pro
- Plugin:
- Folders Pro
- Plugin Slug:
- folders-pro
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 3.0.3
- Severity Score:
- High
- CVE:
- 2024-2024
Folders Pro
- Plugin:
- Folders Pro
- Plugin Slug:
- folders-pro
- Vulnerability:
- Path Traversal
- Patched in Version:
- 3.0.3
- Severity Score:
- Medium
- CVE:
- 2024-2023
FooEvents for WooCommerce
- Plugin:
- FooEvents for WooCommerce
- Plugin Slug:
- fooevents
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 1.19.21
- Severity Score:
- High
- CVE:
- 2024-6000
FooGallery Premium
- Plugin:
- FooGallery Premium
- Plugin Slug:
- foogallery-premium
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.4.15
- Severity Score:
- Medium
- CVE:
- 2024-2762
Ibtana
- Plugin:
- Ibtana
- Plugin Slug:
- ibtana-visual-editor
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.2.3.4
- Severity Score:
- Medium
- CVE:
- 2024-5541
LatePoint
- Plugin:
- LatePoint
- Plugin Slug:
- latepoint
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.9.9.1
- Severity Score:
- High
- CVE:
- 2024-2472
Newsletter – API addon (Premium)
- Plugin:
- Newsletter – API addon (Premium)
- Plugin Slug:
- newsletter-api
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.4.6
- Severity Score:
- Medium
- CVE:
- 2024-5674
WooCommerce Social Login
- Plugin:
- WooCommerce Social Login
- Plugin Slug:
- woo-social-login
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.6.3
- Severity Score:
- Medium
- CVE:
- 2024-5868
WooCommerce Social Login
- Plugin:
- WooCommerce Social Login
- Plugin Slug:
- woo-social-login
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 2.6.3
- Severity Score:
- Critical
- CVE:
- 2024-5871
Wp Staging Pro
- Plugin:
- Wp Staging Pro
- Plugin Slug:
- wp-staging-pro
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- 5.6.1
- Severity Score:
- High
- CVE:
- 2024-5551
WordPress Themes — 2 Patched / 0 Unpatched
Excellent
- Theme:
- Excellent
- Theme Slug:
- excellent
- Downloads
- 116,551
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.0
- Severity Score:
- Medium
- CVE:
- 2024-35763
Interface
- Theme:
- Interface
- Theme Slug:
- interface
- Downloads
- 429,770
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.1
- Severity Score:
- Medium
- CVE:
- 2024-35758
Solid Security is part of Solid Suite — The best foundation for WordPress websites.
Every WordPress site needs security, backups, and management tools. That’s Solid Suite — an integrated bundle of three plugins: Solid Security, Solid Backups, and Solid Central. You also get access to Solid Academy’s learning resources for WordPress professionals. Build your next WordPress website on a solid foundation with Solid Suite!
Join us for the next Solid Academy Webinar!
Free weekly webinars that will help you master WordPress and increase your business's bottom line.
What is a WordPress Phishing Attack?
Learn how to identify and prevent phishing attacks on WordPress websites.
Kiki SheldonWebsite Protection: 5 Ways to Keep Your Website Safe
Robust website protection is the shield that stands between your business and relentless cyber attacks. Prioritizing website protection enables businesses to fortify defenses to safeguard their online presence and preserve the trust of their customers in the face of ever-evolving cybersecurity threats.
Kiki Sheldon23 Ideas To Grow Your WordPress Business in 2023
WordPress is the most popular website-building platform worldwide, trusted by numerous brands. WordPress enables you to build a user-friendly and highly reliable site, together with tools and plugins to enhance your marketing and work like a lead magnet. All these features make WordPress the platform chosen by more than 43% of businesses globally.
SolidWP Editorial TeamSign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Placeholder text
Placeholder text
Get started with confidence — risk free, guaranteed
