WordPress Vulnerability Report — September 4, 2024
Since last week, 167 new vulnerabilities emerged in the WordPress ecosystem including 143 plugins and 24 themes. 69 of the vulnerable plugins and themes remain unpatched, but Solid Security Pro users are protected by virtual patching from Patchstack.
In this report, 167 vulnerabilities have been publicly disclosed. Security patches for 98 of these plugins and themes are available now, so run those updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 69 plugin and theme vulnerabilities with no patch available yet. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
WordPress Core
WordPress 6.6.1 is available! This minor release features 7 bug fixes in Core and 9 bug fixes for the Block Editor. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement.
WordPress Plugins — 92 Patched / 51 Unpatched
Popup Builder – Create highly converting, mobile friendly marketing popups.
- Plugin Slug:
- popup-builder
- Installations
- 200,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-2541
YARPP – Yet Another Related Posts Plugin
- Plugin Slug:
- yet-another-related-posts-plugin
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43919
Premium Portfolio Features for Phlox theme
- Plugin Slug:
- auxin-portfolio
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-1384
Custom Field Template
- Plugin:
- Custom Field Template
- Plugin Slug:
- custom-field-template
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44062
DSGVO All in one for WP
- Plugin:
- DSGVO All in one for WP
- Plugin Slug:
- dsgvo-all-in-one-for-wp
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43964
Premium SEO Pack – WP SEO Plugin
- Plugin:
- Premium SEO Pack – WP SEO Plugin
- Plugin Slug:
- premium-seo-pack
- Installations
- 10,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-3679
Like Button Rating ? LikeBtn
- Plugin:
- Like Button Rating ? LikeBtn
- Plugin Slug:
- likebtn-like-button
- Installations
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-44064
Maintenance & Coming Soon Redirect Animation
- Plugin Slug:
- maintenance-coming-soon-redirect-animation
- Installations
- 5,000+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- No Fix
- Severity Score:
- Low
- CVE:
- 2024-43944
EU/UK VAT Manager for WooCommerce
- Plugin Slug:
- eu-vat-for-woocommerce
- Installations
- 4,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-44061
Super Testimonials
- Plugin:
- Super Testimonials
- Plugin Slug:
- super-testimonial
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-43959
SKT Blocks – Gutenberg based Page Builder
- Plugin Slug:
- skt-blocks
- Installations
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43946
Web and WooCommerce Addons for WPBakery Builder
- Plugin Slug:
- vc-addons-by-bit14
- Installations
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43960
Classic Addons – WPBakery Page Builder
- Plugin Slug:
- classic-addons-wpbakery-page-builder-addons
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43953
Custom Query Blocks
- Plugin:
- Custom Query Blocks
- Plugin Slug:
- post-type-archive-mapping
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44059
SendGrid for WordPress
- Plugin:
- SendGrid for WordPress
- Plugin Slug:
- wp-sendgrid-mailer
- Installations
- 1,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-43965
Flaming Forms
- Plugin:
- Flaming Forms
- Plugin Slug:
- flaming-forms
- Installations
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7692
Flaming Forms
- Plugin:
- Flaming Forms
- Plugin Slug:
- flaming-forms
- Installations
- 30+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7691
Animated Number Counters
- Plugin:
- Animated Number Counters
- Plugin Slug:
- animated-number-counters
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43957
azurecurve Toggle Show/Hide
- Plugin:
- azurecurve Toggle Show/Hide
- Plugin Slug:
- azurecurve-toggle-showhide
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43961
Blog Introduction
- Plugin:
- Blog Introduction
- Plugin Slug:
- blogintroduction-wordpress-plugin
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-7862
Brickscore
- Plugin:
- Brickscore
- Plugin Slug:
- brickscore
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-43950
DN Popup
Droip
- Plugin:
- Droip
- Plugin Slug:
- droip
- Vulnerability:
- Arbitrary File Deletion
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-43955
Droip
- Plugin:
- Droip
- Plugin Slug:
- droip
- Vulnerability:
- Settings Change
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43954
Enhanced Search Box
- Plugin:
- Enhanced Search Box
- Plugin Slug:
- extended-search-plugin
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-8091
GHActivity
- Plugin:
- GHActivity
- Plugin Slug:
- ghactivity
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43949
Gixaw Chat
- Plugin:
- Gixaw Chat
- Plugin Slug:
- gixaw-chat
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7816
ILC Thickbox
- Plugin:
- ILC Thickbox
- Plugin Slug:
- ilc-thickbox
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-7820
infolinks Ad Wrap
- Plugin:
- infolinks Ad Wrap
- Plugin Slug:
- infolinks-ad-wrap
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-8044
Justified Image Grid
- Plugin:
- Justified Image Grid
- Plugin Slug:
- justified-image-grid
- Vulnerability:
- Server Side Request Forgery (SSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-43989
LatePoint
- Plugin:
- LatePoint
- Plugin Slug:
- latepoint
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43992
LatePoint
- Plugin:
- LatePoint
- Plugin Slug:
- latepoint
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43945
LWS Affiliation
- Plugin:
- LWS Affiliation
- Plugin Slug:
- lws-affiliation
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43962
Memberpress
- Plugin:
- Memberpress
- Plugin Slug:
- memberpress
- Vulnerability:
- Broken Access Control
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43956
Misiek Paypal
- Plugin:
- Misiek Paypal
- Plugin Slug:
- misiek-paypal
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7861
Misiek Photo Album
- Plugin:
- Misiek Photo Album
- Plugin Slug:
- misiek-photo-album
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7818
Misiek Photo Album
- Plugin:
- Misiek Photo Album
- Plugin Slug:
- misiek-photo-album
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-7817
Music Request Manager
- Plugin:
- Music Request Manager
- Plugin Slug:
- music-request-manager
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-6018
Music Request Manager
- Plugin:
- Music Request Manager
- Plugin Slug:
- music-request-manager
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-6019
Music Request Manager
- Plugin:
- Music Request Manager
- Plugin Slug:
- music-request-manager
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-6017
Propovoice Pro
- Plugin:
- Propovoice Pro
- Plugin Slug:
- propovoice-pro
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- Critical
- CVE:
- 2024-43941
Review Ratings
- Plugin:
- Review Ratings
- Plugin Slug:
- ratings-shorttags
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-8052
Simple Headline Rotator
- Plugin:
- Simple Headline Rotator
- Plugin Slug:
- simple-headline-rotator
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-7860
Special Feed Items
- Plugin:
- Special Feed Items
- Plugin Slug:
- special-feed-items
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-8051
Vikinghammer Tweet
- Plugin:
- Vikinghammer Tweet
- Plugin Slug:
- vikinghammer-tweet
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-8043
Viral Signup
- Plugin:
- Viral Signup
- Plugin Slug:
- viral-signup
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-6927
Visual Sound (old)
- Plugin:
- Visual Sound (old)
- Plugin Slug:
- visual-sound-widget-for-soundcloud-and-artistplugme-visualdreams
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-8047
WP Testimonial Widget
- Plugin:
- WP Testimonial Widget
- Plugin Slug:
- wp-testimonial-widget
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43967
WP Testimonial Widget
- Plugin:
- WP Testimonial Widget
- Plugin Slug:
- wp-testimonial-widget
- Vulnerability:
- SQL Injection
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-43966
Z Y N I T H
- Plugin:
- Z Y N I T H
- Plugin Slug:
- zynith-seo
- Vulnerability:
- Settings Change
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43940
Z Y N I T H
- Plugin:
- Z Y N I T H
- Plugin Slug:
- zynith-seo
- Vulnerability:
- Settings Change
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43939
Ninja Forms – The Contact Form Builder That Grows With You
- Plugin Slug:
- ninja-forms
- Installations
- 800,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.8.11
- Severity Score:
- High
Ninja Forms – The Contact Form Builder That Grows With You
- Plugin Slug:
- ninja-forms
- Installations
- 800,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.8.12
- Severity Score:
- Medium
- CVE:
- 2024-43999
Page Builder Gutenberg Blocks – CoBlocks
- Plugin Slug:
- coblocks
- Installations
- 400,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.1.13
- Severity Score:
- Medium
- CVE:
- 2024-7132
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder
- Plugin Slug:
- fluentform
- Installations
- 400,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 5.1.19
- Severity Score:
- Medium
- CVE:
- 2024-5053
Royal Elementor Addons and Templates
- Plugin Slug:
- royal-elementor-addons
- Installations
- 400,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.3.985
- Severity Score:
- Medium
- CVE:
- 2024-44001
HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics
- Plugin Slug:
- leadin
- Installations
- 300,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 11.1.34
- Severity Score:
- Medium
- CVE:
- 2024-5879
Jeg Elementor Kit
- Plugin:
- Jeg Elementor Kit
- Plugin Slug:
- jeg-elementor-kit
- Installations
- 200,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.6.8
- Severity Score:
- Medium
- CVE:
- 2024-6804
Responsive Lightbox & Gallery
- Plugin:
- Responsive Lightbox & Gallery
- Plugin Slug:
- responsive-lightbox
- Installations
- 200,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.4.8
- Severity Score:
- Medium
- CVE:
- 2024-43924
Beaver Builder – WordPress Page Builder
- Plugin Slug:
- beaver-builder-lite-version
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.8.3.6
- Severity Score:
- Medium
- CVE:
- 2024-7895
Beaver Builder – WordPress Page Builder
- Plugin Slug:
- beaver-builder-lite-version
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.8.3.4
- Severity Score:
- High
- CVE:
- 2024-43926
Email Address Encoder
- Plugin:
- Email Address Encoder
- Plugin Slug:
- email-address-encoder
- Installations
- 100,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.0.24
- Severity Score:
- Medium
- CVE:
- 2024-43927
EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor
- Plugin Slug:
- embedpress
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.0.9
- Severity Score:
- Medium
- CVE:
- 2024-43936
Gallery Plugin for WordPress – Envira Photo Gallery
- Plugin Slug:
- envira-gallery-lite
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.8.15
- Severity Score:
- Medium
- CVE:
- 2024-43925
GiveWP – Donation Plugin and Fundraising Platform
- Plugin Slug:
- give
- Installations
- 100,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 3.16.0
- Severity Score:
- Medium
- CVE:
- 2024-6551
Mollie Payments for WooCommerce
- Plugin:
- Mollie Payments for WooCommerce
- Plugin Slug:
- mollie-payments-for-woocommerce
- Installations
- 100,000+
- Vulnerability:
- Full Path Disclosure (FPD)
- Patched in Version:
- 7.8.0
- Severity Score:
- Medium
- CVE:
- 2024-6448
NitroPack – Caching & Speed Optimization for Core Web Vitals, Defer CSS & JS, Lazy load Images and CDN
- Plugin Slug:
- nitropack
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.16.8
- Severity Score:
- Medium
- CVE:
- 2024-43922
Page Builder: Pagelayer – Drag and Drop website builder
- Plugin Slug:
- pagelayer
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.8.8
- Severity Score:
- Medium
- CVE:
- 2024-43972
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
- Plugin:
- The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
- Plugin Slug:
- the-plus-addons-for-elementor-page-builder
- Installations
- 100,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.6.3
- Severity Score:
- Medium
- CVE:
- 2024-43977
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
- Plugin:
- The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
- Plugin Slug:
- the-plus-addons-for-elementor-page-builder
- Installations
- 100,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 5.6.3
- Severity Score:
- Medium
- CVE:
- 2024-43932
The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid
- Plugin Slug:
- the-post-grid
- Installations
- 100,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 7.7.12
- Severity Score:
- Medium
- CVE:
- 2024-7418
Ninja Tables – Easiest Data Table Builder
- Plugin Slug:
- ninja-tables
- Installations
- 90,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.0.13
- Severity Score:
- Medium
- CVE:
- 2024-7304
Permalink Manager Lite
- Plugin:
- Permalink Manager Lite
- Plugin Slug:
- permalink-manager
- Installations
- 90,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.4.4.1
- Severity Score:
- Medium
- CVE:
- 2024-8195
Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More
- Plugin Slug:
- reviews-feed
- Installations
- 70,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.2.0
- Severity Score:
- Medium
- CVE:
- 2024-8199
Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More
- Plugin Slug:
- reviews-feed
- Installations
- 70,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.2.0
- Severity Score:
- Medium
- CVE:
- 2024-8200
Theme Editor
- Plugin:
- Theme Editor
- Plugin Slug:
- theme-editor
- Installations
- 60,000+
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 2.9
- Severity Score:
- Medium
- CVE:
- 2022-2440
WP Booking Calendar
- Plugin:
- WP Booking Calendar
- Plugin Slug:
- booking
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 10.5.1
- Severity Score:
- High
- CVE:
- 2024-8274
Shield Security – Smart Bot Blocking & Intrusion Prevention Security
- Plugin Slug:
- wp-simple-firewall
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 20.0.6
- Severity Score:
- High
- CVE:
- 2024-7313
Visual CSS Style Editor
- Plugin:
- Visual CSS Style Editor
- Plugin Slug:
- yellow-pencil-visual-theme-customizer
- Installations
- 50,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 7.6.4
- Severity Score:
- High
- CVE:
- 2024-43963
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor
- Plugin Slug:
- gutentor
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.3.6
- Severity Score:
- Medium
- CVE:
- 2024-5417
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
- Plugin Slug:
- quiz-master-next
- Installations
- 40,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 9.1.1
- Severity Score:
- Medium
- CVE:
- 2024-6879
Gutenverse – Gutenberg Blocks and Page Builder for Site Editor
- Plugin Slug:
- gutenverse
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.0.0
- Severity Score:
- Medium
- CVE:
- 2024-43920
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
- Plugin:
- Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
- Plugin Slug:
- happyforms
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.26.1
- Severity Score:
- Medium
- CVE:
- 2024-44063
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments
- Plugin Slug:
- surecart
- Installations
- 30,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.29.4
- Severity Score:
- High
- CVE:
- 2024-43970
WP Events Manager
- Plugin:
- WP Events Manager
- Plugin Slug:
- wp-events-manager
- Installations
- 30,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 2.2.0
- Severity Score:
- High
- CVE:
- 2024-7717
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar
- Plugin Slug:
- mp3-music-player-by-sonaar
- Installations
- 20,000+
- Vulnerability:
- Arbitrary File Deletion
- Patched in Version:
- 5.7.1
- Severity Score:
- High
- CVE:
- 2024-7856
WPZOOM Portfolio Lite – Filterable Portfolio Plugin
- Plugin Slug:
- wpzoom-portfolio
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.5
- Severity Score:
- Medium
- CVE:
- 2024-8276
140+ Widgets | Xpro Addons For Elementor – FREE
- Plugin Slug:
- xpro-elementor-addons
- Installations
- 20,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.4.4
- Severity Score:
- Medium
- CVE:
- 2024-7791
GeoDirectory – WP Business Directory Plugin and Classified Listings Directory
- Plugin Slug:
- geodirectory
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.3.71
- Severity Score:
- Medium
- CVE:
- 2024-43981
Generate Images – Magic Post Thumbnail
- Plugin Slug:
- magic-post-thumbnail
- Installations
- 10,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.2.10
- Severity Score:
- High
- CVE:
- 2024-43921
Media Library Folders
- Plugin:
- Media Library Folders
- Plugin Slug:
- media-library-plus
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 8.2.4
- Severity Score:
- Medium
- CVE:
- 2024-7858
Media Library Folders
- Plugin:
- Media Library Folders
- Plugin Slug:
- media-library-plus
- Installations
- 10,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 8.2.3
- Severity Score:
- High
- CVE:
- 2024-7857
WP Accessibility Helper (WAH)
- Plugin:
- WP Accessibility Helper (WAH)
- Plugin Slug:
- wp-accessibility-helper
- Installations
- 10,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 0.6.2.9
- Severity Score:
- Medium
- CVE:
- 2024-5987
Clean Login
- Plugin:
- Clean Login
- Plugin Slug:
- clean-login
- Installations
- 8,000+
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- 1.14.6
- Severity Score:
- High
- CVE:
- 2024-8252
WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes)
- Plugin Slug:
- delicious-recipes
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.6.8
- Severity Score:
- Medium
- CVE:
- 2024-43935
easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg
- Plugin Slug:
- easyjobs
- Installations
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.4.15
- Severity Score:
- High
- CVE:
- 2024-43997
Payment forms, Buy now buttons and Invoicing System | GetPaid
- Plugin Slug:
- invoicing
- Installations
- 5,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.8.12
- Severity Score:
- Medium
- CVE:
- 2024-43973
Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid
- Plugin Slug:
- logo-showcase-ultimate
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.4.2
- Severity Score:
- Medium
- CVE:
- 2024-8046
Podlove Podcast Publisher
- Plugin:
- Podlove Podcast Publisher
- Plugin Slug:
- podlove-podcasting-plugin-for-wordpress
- Installations
- 5,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 4.1.14
- Severity Score:
- Critical
- CVE:
- 2024-43984
Podlove Podcast Publisher
- Plugin:
- Podlove Podcast Publisher
- Plugin Slug:
- podlove-podcasting-plugin-for-wordpress
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 4.1.14
- Severity Score:
- Medium
- CVE:
- 2024-43983
WPMobile.App — Android and iOS Mobile Application
- Plugin Slug:
- wpappninja
- Installations
- 5,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 11.49
- Severity Score:
- Medium
- CVE:
- 2024-43933
Relevanssi Live Ajax Search
- Plugin:
- Relevanssi Live Ajax Search
- Plugin Slug:
- relevanssi-live-ajax-search
- Installations
- 4,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.5
- Severity Score:
- Medium
- CVE:
- 2024-7573
WP Crowdfunding
- Plugin:
- WP Crowdfunding
- Plugin Slug:
- wp-crowdfunding
- Installations
- 4,000+
- Vulnerability:
- Settings Change
- Patched in Version:
- 2.1.11
- Severity Score:
- Medium
- CVE:
- 2024-43937
Collapsing Archives
- Plugin:
- Collapsing Archives
- Plugin Slug:
- collapsing-archives
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.0.6
- Severity Score:
- Medium
- CVE:
- 2024-43934
HelloAsso
- Plugin:
- HelloAsso
- Plugin Slug:
- helloasso
- Installations
- 3,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.1.11
- Severity Score:
- Medium
- CVE:
- 2024-44052
Name Directory
- Plugin:
- Name Directory
- Plugin Slug:
- name-directory
- Installations
- 3,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.29.1
- Severity Score:
- High
- CVE:
- 2024-43938
Spiffy Calendar
- Plugin:
- Spiffy Calendar
- Plugin Slug:
- spiffy-calendar
- Installations
- 3,000+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 4.9.13
- Severity Score:
- High
- CVE:
- 2024-43969
Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin:
- Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin Slug:
- funnelforms-free
- Installations
- 2,000+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.7.4.1
- Severity Score:
- Medium
- CVE:
- 2024-7447
Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin:
- Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin Slug:
- funnelforms-free
- Installations
- 2,000+
- Vulnerability:
- Arbitrary File Deletion
- Patched in Version:
- 3.7.4.1
- Severity Score:
- Medium
- CVE:
- 2024-6312
Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin:
- Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free
- Plugin Slug:
- funnelforms-free
- Installations
- 2,000+
- Vulnerability:
- Arbitrary File Upload
- Patched in Version:
- 3.7.4.1
- Severity Score:
- Medium
- CVE:
- 2024-6311
Share This Image
- Plugin:
- Share This Image
- Plugin Slug:
- share-this-image
- Installations
- 2,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 2.02
- Severity Score:
- Medium
- CVE:
- 2024-8108
WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin
- Plugin Slug:
- timetics
- Installations
- 2,000+
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 1.0.24
- Severity Score:
- Medium
- CVE:
- 2024-43923
Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin
- Plugin Slug:
- bus-ticket-booking-with-seat-reservation
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.3.6
- Severity Score:
- Medium
- CVE:
- 2024-43985
Sunshine Photo Cart: Free Client Photo Galleries for Photographers
- Plugin Slug:
- sunshine-photo-cart
- Installations
- 1,000+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.6
- Severity Score:
- High
- CVE:
- 2024-43971
Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking
- Plugin Slug:
- tourfic
- Installations
- 1,000+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.11.21
- Severity Score:
- Medium
- CVE:
- 2024-8319
Front End Users
- Plugin:
- Front End Users
- Plugin Slug:
- front-end-only-users
- Installations
- 700+
- Vulnerability:
- SQL Injection
- Patched in Version:
- 3.2.29
- Severity Score:
- High
- CVE:
- 2024-7607
Front End Users
- Plugin:
- Front End Users
- Plugin Slug:
- front-end-only-users
- Installations
- 700+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.2.29
- Severity Score:
- Medium
- CVE:
- 2024-7606
Taxi Booking Manager for WooCommerce – WordPress plugin | Ecab
- Plugin Slug:
- ecab-taxi-booking-manager
- Installations
- 600+
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.1.0
- Severity Score:
- Medium
- CVE:
- 2024-43986
Web Directory Free
- Plugin:
- Web Directory Free
- Plugin Slug:
- web-directory-free
- Installations
- 600+
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- 1.7.3
- Severity Score:
- Critical
- CVE:
- 2024-3673
Favicon Generator (CLOSED)
- Plugin:
- Favicon Generator (CLOSED)
- Plugin Slug:
- favicon-generator
- Installations
- 300+
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.1
- Severity Score:
- Critical
- CVE:
- 2024-7863
Login As Users
- Plugin:
- Login As Users
- Plugin Slug:
- login-as-users
- Installations
- 300+
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.4.4
- Severity Score:
- High
- CVE:
- 2024-43982
Web Application Firewall – website security
- Plugin Slug:
- web-application-firewall
- Installations
- 300+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 2.1.3
- Severity Score:
- Medium
- CVE:
- 2022-4539
Two-factor authentication (formerly IP Vault)
- Plugin Slug:
- ip-vault-wp-firewall
- Installations
- 20+
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 2.1
- Severity Score:
- Medium
- CVE:
- 2022-4536
ElementsKit Pro
- Plugin:
- ElementsKit Pro
- Plugin Slug:
- elementskit
- Vulnerability:
- Local File Inclusion
- Patched in Version:
- 3.6.8
- Severity Score:
- Medium
- CVE:
- 2024-43996
The Events Calendar PRO
- Plugin:
- The Events Calendar PRO
- Plugin Slug:
- events-calendar-pro
- Vulnerability:
- Remote Code Execution (RCE)
- Patched in Version:
- 7.0.2.1
- Severity Score:
- Medium
- CVE:
- 2024-8016
Funnel Kit Funnel Builder PRO
- Plugin:
- Funnel Kit Funnel Builder PRO
- Plugin Slug:
- funnel-builder-pro
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 3.5.0
- Severity Score:
- Medium
- CVE:
- 2024-1056
Greenshift Query and Meta Addon
- Plugin:
- Greenshift Query and Meta Addon
- Plugin Slug:
- greenshiftquery
- Vulnerability:
- SQL Injection
- Patched in Version:
- 3.9.2
- Severity Score:
- High
- CVE:
- 2024-43942
Greenshift Woocommerce Addon
- Plugin:
- Greenshift Woocommerce Addon
- Plugin Slug:
- greenshiftwoo
- Vulnerability:
- SQL Injection
- Patched in Version:
- 1.9.8
- Severity Score:
- High
- CVE:
- 2024-43943
Memberpress
- Plugin:
- Memberpress
- Plugin Slug:
- memberpress
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.11.30
- Severity Score:
- High
- CVE:
- 2024-5024
Newspack
- Plugin:
- Newspack
- Plugin Slug:
- newspack-plugin
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 3.8.7
- Severity Score:
- Medium
- CVE:
- 2024-43968
Oxygen Builder
- Plugin:
- Oxygen Builder
- Plugin Slug:
- oxygenbuilder
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 4.9
- Severity Score:
- Medium
- CVE:
- 2024-6688
Super Store Finder
- Plugin:
- Super Store Finder
- Plugin Slug:
- superstorefinder-wp
- Vulnerability:
- SQL Injection
- Patched in Version:
- 6.9.8
- Severity Score:
- Critical
- CVE:
- 2024-43978
Super Store Finder
- Plugin:
- Super Store Finder
- Plugin Slug:
- superstorefinder-wp
- Vulnerability:
- SQL Injection
- Patched in Version:
- 6.9.8
- Severity Score:
- Critical
- CVE:
- 2024-43976
Super Store Finder
- Plugin:
- Super Store Finder
- Plugin Slug:
- superstorefinder-wp
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 6.9.8
- Severity Score:
- High
- CVE:
- 2024-43975
tagDiv Composer
- Plugin:
- tagDiv Composer
- Plugin Slug:
- td-composer
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 5.1
- Severity Score:
- High
- CVE:
- 2024-3886
Tutor LMS Pro
- Plugin:
- Tutor LMS Pro
- Plugin Slug:
- tutor-pro
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.7.3
- Severity Score:
- High
- CVE:
- 2024-5784
WP Armour Extended
- Plugin:
- WP Armour Extended
- Plugin Slug:
- wp-armour-extended
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- 1.32
- Severity Score:
- High
- CVE:
- 2024-43948
WP Armour Extended
- Plugin:
- WP Armour Extended
- Plugin Slug:
- wp-armour-extended
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 1.32
- Severity Score:
- Medium
- CVE:
- 2024-43947
WP Cerber Security
- Plugin:
- WP Cerber Security
- Plugin Slug:
- wp-cerber
- Vulnerability:
- Bypass Vulnerability
- Patched in Version:
- 9.5
- Severity Score:
- Medium
- CVE:
- 2022-4100
JobSearch
- Plugin:
- JobSearch
- Plugin Slug:
- wp-jobsearch
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- 2.5.4
- Severity Score:
- Critical
- CVE:
- 2024-43931
JobSearch
- Plugin:
- JobSearch
- Plugin Slug:
- wp-jobsearch
- Vulnerability:
- Cross Site Request Forgery (CSRF)
- Patched in Version:
- 2.5.4
- Severity Score:
- Medium
- CVE:
- 2024-43930
JobSearch
- Plugin:
- JobSearch
- Plugin Slug:
- wp-jobsearch
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.5.6
- Severity Score:
- Medium
- CVE:
- 2024-43929
JobSearch
- Plugin:
- JobSearch
- Plugin Slug:
- wp-jobsearch
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 2.5.6
- Severity Score:
- Medium
- CVE:
- 2024-43928
WordPress Themes — 6 Patched / 18 Unpatched
Esotera
- Theme:
- Esotera
- Theme Slug:
- esotera
- Downloads
- 59,473
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43952
Fluida
- Theme:
- Fluida
- Theme Slug:
- fluida
- Downloads
- 486,615
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44054
Hotel Galaxy
- Theme:
- Hotel Galaxy
- Theme Slug:
- hotel-galaxy
- Downloads
- 247,851
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43991
IntoTheDark
- Theme:
- IntoTheDark
- Theme Slug:
- intothedark
- Downloads
- 2,035
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-43958
Kahuna
- Theme:
- Kahuna
- Theme Slug:
- kahuna
- Downloads
- 170,236
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43994
Liquido
- Theme:
- Liquido
- Theme Slug:
- liquido
- Downloads
- 32,519
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43993
Mantra
- Theme:
- Mantra
- Theme Slug:
- mantra
- Downloads
- 1,152,946
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44056
Mystique
- Theme:
- Mystique
- Theme Slug:
- mystique
- Downloads
- 705,708
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43988
Nirvana
- Theme:
- Nirvana
- Theme Slug:
- nirvana
- Downloads
- 752,479
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44057
Parabola
- Theme:
- Parabola
- Theme Slug:
- parabola
- Downloads
- 635,288
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-44058
Posterity
- Theme:
- Posterity
- Theme Slug:
- posterity
- Downloads
- 96,548
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43995
Sliding Door
- Theme:
- Sliding Door
- Theme Slug:
- sliding-door
- Downloads
- 537,528
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43987
Tempera
- Theme:
- Tempera
- Theme Slug:
- tempera
- Downloads
- 703,523
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-43951
Betheme
- Theme:
- Betheme
- Theme Slug:
- betheme
- Vulnerability:
- PHP Object Injection
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-2694
Betheme
- Theme:
- Betheme
- Theme Slug:
- betheme
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-3998
Enfold
- Theme:
- Enfold
- Theme Slug:
- enfold
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- Medium
- CVE:
- 2024-5061
Filmix
- Theme:
- Filmix
- Theme Slug:
- filmix
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-44060
Opor Ayam
- Theme:
- Opor Ayam
- Theme Slug:
- opor-ayam
- Vulnerability:
- Cross Site Scripting (XSS)
- Patched in Version:
- No Fix
- Severity Score:
- High
- CVE:
- 2024-44053
Attire
Blockbooster
- Theme:
- Blockbooster
- Theme Slug:
- blockbooster
- Downloads
- 8,463
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.11
- Severity Score:
- Medium
- CVE:
- 2024-43979
Blogpoet
- Theme:
- Blogpoet
- Theme Slug:
- blogpoet
- Downloads
- 4,865
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.4
- Severity Score:
- Medium
- CVE:
- 2024-43998
FotaWP
- Theme:
- FotaWP
- Theme Slug:
- fotawp
- Downloads
- 146,783
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.4.2
- Severity Score:
- Medium
- CVE:
- 2024-43980
ReviveNews
- Theme:
- ReviveNews
- Theme Slug:
- revivenews
- Downloads
- 7,963
- Vulnerability:
- Broken Access Control
- Patched in Version:
- 1.0.3
- Severity Score:
- Medium
- CVE:
- 2024-43974
Masterstudy LMS Starter
- Theme:
- Masterstudy LMS Starter
- Theme Slug:
- ms-lms-starter-theme
- Vulnerability:
- Sensitive Data Exposure
- Patched in Version:
- 1.1.9
- Severity Score:
- Medium
- CVE:
- 2024-43990
Solid Security is part of Solid Suite — The best foundation for WordPress websites.
Every WordPress site needs security, backups, and management tools. That’s Solid Suite — an integrated bundle of three plugins: Solid Security, Solid Backups, and Solid Central. You also get access to Solid Academy’s learning resources for WordPress professionals. Build your next WordPress website on a solid foundation with Solid Suite!
Join us for the next Solid Academy Webinar!
Free weekly webinars that will help you master WordPress and increase your business's bottom line.
What is a WordPress Phishing Attack?
Learn how to identify and prevent phishing attacks on WordPress websites.
Kiki SheldonWebsite Protection: 5 Ways to Keep Your Website Safe
Robust website protection is the shield that stands between your business and relentless cyber attacks. Prioritizing website protection enables businesses to fortify defenses to safeguard their online presence and preserve the trust of their customers in the face of ever-evolving cybersecurity threats.
Kiki Sheldon23 Ideas To Grow Your WordPress Business in 2023
WordPress is the most popular website-building platform worldwide, trusted by numerous brands. WordPress enables you to build a user-friendly and highly reliable site, together with tools and plugins to enhance your marketing and work like a lead magnet. All these features make WordPress the platform chosen by more than 43% of businesses globally.
SolidWP Editorial TeamSign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Placeholder text
Placeholder text
Get started with confidence — risk free, guaranteed
