Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 190 vulnerabilities disclosed in 155 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 53 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
WP Datepicker <= 2.1.0 – Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
WAF-RULE-691 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Patched
149
Unpatched
41
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Low Severity
1
Medium Severity
162
High Severity
15
Critical Severity
12
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
98
Missing Authorization
42
Cross-Site Request Forgery (CSRF)
9
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
8
Authorization Bypass Through User-Controlled Key
5
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
5
Information Exposure
3
Unrestricted Upload of File with Dangerous Type
3
Deserialization of Untrusted Data
2
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
2
Improper Control of Generation of Code (‘Code Injection’)
2
Information Exposure Through Log Files
2
Server-Side Request Forgery (SSRF)
2
Exposure of Sensitive Information Through Metadata
1
Guessable CAPTCHA
1
Improper Authorization
1
Improper Input Validation
1
Incorrect Privilege Assignment
1
Not Failing Securely (‘Failing Open’)
1
Protection Mechanism Failure
1
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
14
12
12
11
11
10
9
9
8
8
7
6
6
5
4
4
4
3
3
3
3
3
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
2Checkout Payment Gateway for WooCommerce
woocommerce-2checkout-payment
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
real3d-flipbook-lite
Access Category Password
access-category-password
Active Products Tables for WooCommerce. Use constructor to create tables
profit-products-tables-for-woocommerce
AI Infographic Maker
infographic-and-list-builder-ilist
App Builder – Create Native Android & iOS Apps On The Flight
app-builder
Attesa Extra
attesa-extra
BA Book Everything
ba-book-everything
Backend Designer
backend-designer
Backup Migration
backup-backup
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
BMI Adult & Kid Calculator
bmi-adultkid-calculator
Bulk Block Converter
bulk-block-converter
Canva – Design beautiful blog graphics
canva
CBX Bookmark & Favorite
cbxwpbookmark
Click to Chat – HoliThemes
click-to-chat-for-whatsapp
Code Insert Manager (Q2W3 Inc Manager)
q2w3-inc-manager
Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More
content-control
Cornerstone
cornerstone
Country State City Dropdown CF7
country-state-city-auto-dropdown
Custom Order Statuses for WooCommerce
custom-order-statuses-for-woocommerce
Custom Thank You Page Customize For WooCommerce by Binary Carpenter
bc-woo-custom-thank-you-pages
Customer Reviews for WooCommerce
customer-reviews-woocommerce
Debug Log Manager
debug-log-manager
Delete Custom Fields
delete-custom-fields
DethemeKit For Elementor
dethemekit-for-elementor
DirectoryPress – Business Directory And Classified Ad Listing
directorypress
Ditty – Responsive News Tickers, Sliders, and Lists
ditty-news-ticker
DSGVO Youtube
dsgvo-youtube
EAN for WooCommerce
ean-for-woocommerce
Easy CountDowner
easy-countdowner
Easy Custom Auto Excerpt
easy-custom-auto-excerpt
Easy Textillate
easy-textillate
eCommerce Product Catalog Plugin for WordPress
ecommerce-product-catalog
EleForms – All In One Form Integration including DB for Elementor
all-contact-form-integration-for-elementor
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
bdthemes-element-pack-lite
Elements Plus!
elements-plus
ElementsKit Pro
elementskit
Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce
email-subscribers
Enhanced Media Library
enhanced-media-library
Envo Extra
envo-extra
EnvíaloSimple: Email Marketing y Newsletters
envialosimple-email-marketing-y-newsletters-gratis
Essential Addons for Elementor Pro
essential-addons-elementor
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
essential-addons-for-elementor-lite
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
essential-blocks
Exclusive Addons for Elementor
exclusive-addons-for-elementor
FileBird – WordPress Media Library Folders & File Manager
filebird
Fixed HTML Toolbar
fixed-html-toolbar
Flash Video Player
flash-video-player
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
form-maker
Forminator – Contact Form, Payment Form & Custom Form Builder
forminator
Frontend Admin by DynamiApps
acf-frontend-form-element
GG Woo Feed for WooCommerce Shopping Feed on Google Facebook and Other Channels
gg-woo-feed
Happy Addons for Elementor
happy-elementor-addons
hCaptcha for WordPress
hcaptcha-for-forms-and-more
HelloAsso
helloasso
HT Mega – Absolute Addons For Elementor
ht-mega-for-elementor
HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce
hurrytimer
HUSKY – Products Filter Professional for WooCommerce
woocommerce-products-filter
Icon Widget
icon-widget
Import Content in WordPress & WooCommerce with Excel
content-excel-importer
Jobs for WordPress
job-postings
Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms
embed-form
Knight Lab Timeline
knight-lab-timelinejs
Language Switcher for Transposh
language-switcher-for-transposh
LearnPress Export Import – WordPress extension for LearnPress
learnpress-import-export
LearnPress – WordPress LMS Plugin
learnpress
LH Add Media From Url
lh-add-media-from-url
Login with phone number
login-with-phone-number
LoginPress Pro
loginpress-pro
Mailster – Email Newsletter Plugin for WordPress
mailster
Master Slider – Responsive Touch Slider
master-slider
MaxGalleria
maxgalleria
Media Library Folders
media-library-plus
Mega Addons For Elementor
ultimate-addons-for-elementor
Mega Elements – Addons for Elementor
mega-elements-addons-for-elementor
MJ Update History
mj-update-history
Mortgage Calculators WP
mortgage-calculators-wp
Multi Currency For WooCommerce
wc-multi-currency
MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more
woorewards
Navigation menu as Dropdown Widget
navigation-menu-as-dropdown-widget
Netgsm
netgsm
Open Close WooCommerce Store – Best Business Schedules Manager
woc-open-close
Order Limit for WooCommerce
wc-order-limit-lite
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE
otter-blocks
Ovic Responsive WPBakery
ovic-vc-addon
Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions
paid-memberships-pro
PeproDev CF7 Database
pepro-cf7-database
PeproDev Ultimate Invoice
pepro-ultimate-invoice
Poll Maker – Best WordPress Poll Plugin
poll-maker
Popup Anything – Popup for opt-ins and Lead Generation Conversions
popup-anything-on-click
Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX
ultimate-post
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
bdthemes-prime-slider-lite
Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds for Google, Facebook/Meta, Bing, & More
woo-product-feed-pro
ProfileGrid – User Profiles, Memberships, Groups and Communities
profilegrid-user-profiles-groups-and-communities
QR Code Composer – Automatic QR code Generator
qr-code-composer
Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress
radio-player
Real Media Library: Media Library Folder & File Manager
real-media-library-lite
Really Simple SSL
really-simple-ssl
Related Posts for WordPress
microkids-related-posts
Restaurant Menu – Food Ordering System – Table Reservation
menu-ordering-reservations
Royal Elementor Addons and Templates
royal-elementor-addons
RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator
feedzy-rss-feeds
RSS Feed Widget
rss-feed-widget
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation
shared-files
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor)
woolentor-addons
Shortcodes and extra features for Phlox theme
auxin-elements
Simple Registration for WooCommerce
woocommerce-simple-registration
Simple Testimonials Showcase
simple-testimonials-showcase
Slider by 10Web – Responsive Image Slider
slider-wd
Smart Forms – when you need more than just a contact form
smart-forms
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer
smartcrawl-seo
SP Project & Document Manager
sp-client-document-manager
Speed Optimizer – The All-In-One WordPress Performance-Boosting Plugin
sg-cachepress
Support Genix – Support Tickets Managing System & Helpdesk Plugin for WordPress and WooCommerce
support-genix-lite
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics
taggbox-widget
Tagembed: Embed Twitter Feed, Google Reviews, YouTube Videos, TikTok, RSS Feed & More Social Media Feeds
tagembed-widget
Tax Rate Upload
tax-rate-upload
Theme My Login
theme-my-login
TrackShip for WooCommerce
trackship-for-woocommerce
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin
user-registration
VikBooking Hotel Booking Engine & PMS
vikbooking
Void Elementor WHMCS Elements For Elementor Page Builder
void-elementor-whmcs-elements
What’s New Generator
whats-new-genarator
WooCommerce Google Feed Manager
wp-product-feed-manager
WooCommerce Multilingual & Multicurrency with WPML
woocommerce-multilingual
WordPress Automatic Plugin
wp-automatic
WordPress Menu Plugin — Superfly Responsive Menu
superfly-menu
WordPress Simple HTML Sitemap
wp-simple-html-sitemap
WP 2FA – Two-factor authentication for WordPress
wp-2fa
WP 404 Auto Redirect to Similar Post
wp-404-auto-redirect-to-similar-post
WP Club Manager – WordPress Sports Club Plugin
wp-club-manager
WP Cookie Consent ( for GDPR, CCPA & ePrivacy )
gdpr-cookie-consent
WP Cost Estimation & Payment Forms Builder
wp-estimation-form
WP Dummy Content Generator
wp-dummy-content-generator
WP Dynamic Keywords Injector
wp-dynamic-keywords-injector
WP File Download Light
wp-file-download-light
WP Helper Premium
wp-helper-lite
WP Meta SEO
wp-meta-seo
WP Poll Maker – Best WordPress Poll Plugin for Voting Contest
epoll-wp-voting
WP Show Posts
wp-show-posts
WP Smart Import : Import any XML File to WordPress
wp-smart-import
WP Social Comments
gs-facebook-comments
WP Stripe Checkout
wp-stripe-checkout
WP TradingView
wp-tradingview
WP Ultimate Review
wp-ultimate-review
WP-Cufon
wp-cufon
WP-FormAssembly
formassembly-web-forms
WP-Lister Lite for eBay
wp-lister-for-ebay
WP-Recall – Registration, Profile, Commerce & More
wp-recall
WPC Frequently Bought Together for WooCommerce
woo-bought-together
WPC Grouped Product for WooCommerce
wpc-grouped-product
Yoga Schedule Momoyoga
momoyoga-integration
Zero Spam for WordPress
zero-spam
Zynith SEO
zynith-seo
WordPress Themes with Reported Vulnerabilities Last Week
Software Name
Software Slug
GuCherry Blog
gucherry-blog
Tainacan Interface
tainacan-interface
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32599
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32680
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32514
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32551
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-28890
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-3729
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-2876
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32523
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32600
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32511
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-31077
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32602
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3849
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32507
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-2417
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
High (8.2)
CVE-ID
CVE-2024-1567
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2023-6214
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2023-7064
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32565
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32582
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32567
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-2082
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3600
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3067
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2023-6961
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32541
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32562
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32691
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3295
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32594
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3672
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32589
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32577
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32508
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32596
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-6892
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32526
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1429
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1426
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32457
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3598
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32456
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3333
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3645
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2751
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2503
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2345
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3891
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3724
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4014
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32697
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2085
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2084
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2790
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3307
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3308
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32556
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1993
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2542
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32554
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3560
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32580
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32575
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32581
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3725
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32564
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32560
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2328
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32579
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-6805
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1057
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1533
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3341
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1357
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1396
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3517
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1348
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32530
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32552
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32561
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32592
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32553
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32566
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32597
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32571
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32536
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-49768
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32529
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32694
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32535
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32542
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32545
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32547
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32570
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3731
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-0613
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32538
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32558
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32587
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-31857
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32531
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32585
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-2833
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32695
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32588
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32533
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3615
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32543
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32544
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32578
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3867
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32546
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32563
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32574
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32568
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32559
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32510
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32528
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32595
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-31229
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32696
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32569
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2840
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3818
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2346
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32688
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-1730
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32693
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0629
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32686
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0615
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3312
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2043
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32676
Patch Status
Unpatched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32677
Patch Status
Unpatched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32675
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3215
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32518
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3601
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32601
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32682
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32513
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32679
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3287
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32532
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2023-49742
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32678
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3599
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32509
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2023-6962
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32684
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32683
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32685
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32521
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32598
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32591
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32540
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32534
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32126
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32690
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32548
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32539
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32573
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32550
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3520
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32524
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32517
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3243
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3869
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-6897
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32537
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32519
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3581
Patch Status
Patched
Published
Apr 19, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32515
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32516
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32522
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32142
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-41864
Patch Status
Unpatched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3606
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32506
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32549
Patch Status
Unpatched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-7067
Patch Status
Patched
Published
Apr 18, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1306
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32525
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-6731
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32689
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32604
Patch Status
Patched
Published
Apr 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32687
Patch Status
Patched
Published
Apr 17, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32520
Patch Status
Patched
Published
Apr 15, 2024
CVSS Rating
Low (3.1)
CVE-ID
CVE-2024-32681
Patch Status
Patched
Published
Apr 17, 2024
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) appeared first on Wordfence.
