(647) 243-4688

Did you know we’re running a Bug Bounty Extravaganza again?

Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!

Last week, there were 280 vulnerabilities disclosed in 220 WordPress Plugins and 22 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 61 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status
Number of Vulnerabilities

Patched
220

Unpatched
60

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating
Number of Vulnerabilities

Low Severity
4

Medium Severity
227

High Severity
28

Critical Severity
21

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE
Number of Vulnerabilities

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
85

Missing Authorization
82

Cross-Site Request Forgery (CSRF)
23

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
12

Information Exposure
12

Server-Side Request Forgery (SSRF)
12

Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
6

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
6

Information Exposure Through Log Files
6

Unrestricted Upload of File with Dangerous Type
5

Authorization Bypass Through User-Controlled Key
4

Deserialization of Untrusted Data
4

Improper Privilege Management
4

External Control of Assumed-Immutable Web Parameter
3

Use of Less Trusted Source
3

Improper Control of Generation of Code (‘Code Injection’)
2

Improper Input Validation
2

Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’)
2

Authentication Bypass Using an Alternate Path or Channel
1

Guessable CAPTCHA
1

Improper Access Control
1

Improper Authorization
1

Improper Neutralization of Alternate XSS Syntax
1

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
1

URL Redirection to Untrusted Site (‘Open Redirect’)
1

Researchers That Contributed to WordPress Security Last Week

Researcher Name
Number of Vulnerabilities

29

23

17

17

13

12

12

11

10

10

7

7

7

7

7

6

6

6

5

4

4

4

4

3

3

3

2

2

2

2

2

2

2

2

1

1

1

ST

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name
Software Slug

Academy LMS – eLearning and online course solution for WordPress

academy

Accessibility Widget

accessibility-widget

ActiveDEMAND

activedemand

Admin and Customer Messages After Order for WooCommerce: OrderConvo

admin-and-client-message-after-order-for-woocommerce

Admin Bar Editor – Hide Toolbar by User Roles

admin-bar

Advanced Floating Content Lite

advanced-floating-content-lite

Advanced Local Pickup for WooCommerce

advanced-local-pickup-for-woocommerce

Advanced Most Recent Posts Mod

advanced-most-recent-posts-mod

Advanced Post List

advanced-post-list

Advanced Testimonial Carousel for Elementor

advanced-testimonial-carousel-for-elementor

AGCA – Custom Dashboard & Login Page

ag-custom-admin

All-in-one Like Widget

all-in-one-facebook-like-widget

Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy)

wp-analytify

Annual Archive

anual-archive

Appointment Hour Booking – WordPress Booking Plugin

appointment-hour-booking

AppPresser – Mobile App Framework

apppresser

Arconix FAQ

arconix-faq

Arconix Shortcodes

arconix-shortcodes

ARforms

arforms

ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup

armember-membership

Assistant – Every Day Productivity Apps

assistant

Auto Featured Image (Auto Post Thumbnail)

auto-post-thumbnail

BackUpWordPress

backupwordpress

Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.

barcode-scanner-lite-pos-to-manage-products-inventory-and-orders

Better Elementor Addons

better-elementor-addons

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

bp-better-messages

BizPrint – Print WooCommerce Order Receipts, Invoices, Labels & More.

print-google-cloud-print-gcp-woocommerce

Blog2Social: Social Media Auto Post & Scheduler

blog2social

Booking Ultra Pro Appointments Booking Calendar Plugin

booking-ultra-pro

Brevo for WooCommerce

woocommerce-sendinblue-newsletter-subscription

Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg

5-stars-rating-funnel

Car Dealer (Dealership) and Vehicle sales

cardealer

CF7 File Download – File Download for CF7

cf7-file-download

ChatBot Conversational Forms

conversational-forms

Classified Listing – Classified ads & Business Directory Plugin

classified-listing

ClickCease Click Fraud Protection

clickcease-click-fraud-protection

Client Dash

client-dash

CM Tooltip Glossary

enhanced-tooltipglossary

Colibri Page Builder

colibri-page-builder

Collapse-O-Matic

jquery-collapse-o-matic

Comments – wpDiscuz

wpdiscuz

Contact Form 7 Database Addon – CFDB7

contact-form-cfdb7

Contact Form 7 Extension For Mailchimp

contact-form-7-mailchimp-extension

Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder

arforms-form-builder

Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode)

content-views-query-and-display-post-page

Cookie Information | Free GDPR Consent Solution

wp-gdpr-compliance

CookieHub – Cookie Consent Banner (DSGVO, CCPA, RGPD and GDPR compliance)

cookiehub

Cornerstone

cornerstone

Coupon & Discount Code Reveal Button

coupon-reveal-button

Crelly Slider

crelly-slider

Culqi

culqi-checkout

Custom field finder

custom-field-finder

Customify Site Library

customify-sites

Data Tables Generator by Supsystic

data-tables-generator-by-supsystic

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

Easy Accept Payments via PayPal

wordpress-easy-paypal-payment-or-donation-accept-plugin

Easy Property Listings

easy-property-listings

Easy Set Favicon

easy-set-favicon

Element Pack Pro – Addon for Elementor Page Builder WordPress Plugin

bdthemes-element-pack

ElementsKit Elementor addons and Templates Library

elementskit-lite

ElementsKit Pro

elementskit

Elespare – Blog, Magazine and Newspaper Addons for Elementor with Templates, Widgets, Kits, and Header/Footer Builder. One Click Import: No Coding Required!

elespare

Email Customizer for WooCommerce | Drag and Drop Email Templates Builder

email-customizer-for-woocommerce

Embed Google Photos album

embed-google-photos-album-easily

ENL Newsletter

enl-newsletter

EPROLO Dropshipping

eprolo-dropshipping

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

essential-addons-for-elementor-lite

Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media

evergreen-content-poster

Exclusive Addons for Elementor

exclusive-addons-for-elementor

Export and Import Users and Customers

users-customers-import-export-for-wp-woocommerce

FameTheme Demo Importer

famethemes-demo-importer

Fan Page Widget by ThemeNcode

facebook-fan-page-widget

Fancy Product Designer

fancy-product-designer

FG Joomla to WordPress

fg-joomla-to-wordpress

FileOrganizer – Manage WordPress and Website Files

fileorganizer

Filterable Portfolio

jungbillig-portfolio-gallery

Five Star Restaurant Reservations – WordPress Booking Plugin

restaurant-reservations

Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

form-maker

FOX – Currency Switcher Professional for WooCommerce

woocommerce-currency-switcher

Frontend Dashboard

frontend-dashboard

FV Flowplayer Video Player

fv-wordpress-flowplayer

GeoDirectory – WordPress Business Directory Plugin, or Classified Directory

geodirectory

Getwid – Gutenberg Blocks

getwid

Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers

rafflepress

Happy Addons for Elementor

happy-elementor-addons

Header Footer Code Manager Pro

99robots-header-footer-code-manager-pro

Headline Analyzer

headline-analyzer

Hide Dashboard Notifications

wp-hide-backed-notices

HT Mega – Absolute Addons For Elementor

ht-mega-for-elementor

Hummingbird – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript

hummingbird-performance

Image Optimizer, Resizer and CDN – Sirv

sirv

Image Slider

image-slider-widget

Import and export users and customers

import-users-from-csv-with-meta

InstaWP Connect – 1-click WP Staging & Migration

instawp-connect

Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site

integrate-google-drive

Interactive World Maps

interactive-world-maps

Jeg Elementor Kit

jeg-elementor-kit

KB Support – WordPress Help Desk and Knowledge Base

kb-support

Knowledge Base documentation & wiki plugin – BasePress Docs

basepress

Leaky Paywall

leaky-paywall

List Custom Taxonomy Widget

list-custom-taxonomy-widget

Login with phone number

login-with-phone-number

Maintenance Mode

hkdev-maintenance-mode

MainWP Child Reports

mainwp-child-reports

Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor

master-addons

Max Addons Pro for Bricks

max-addons-pro-bricks

MDTF – Meta Data and Taxonomies Filter

wp-meta-data-filter-and-taxonomy-filter

Meks Smart Social Widget

meks-smart-social-widget

Meks ThemeForest Smart Widget

meks-themeforest-smart-widget

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor

metform

MF Gig Calendar

mf-gig-calendar

myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin

mycred

Newsletters

newsletters-lite

Opal Widgets For Elementor

opal-widgets-for-elementor

Page Builder: Live Composer

live-composer-page-builder

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

paid-member-subscriptions

Payment Gateway Based Fees and Discounts for WooCommerce

checkout-fees-for-woocommerce

PDF Invoices & Packing Slips for WooCommerce

woocommerce-pdf-invoices-packing-slips

Photo Gallery by 10Web – Mobile-Friendly Image Gallery

photo-gallery

Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery

gt3-photo-video-gallery

Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress

contest-gallery

Piotnet Addons For Elementor

piotnet-addons-for-elementor

Piotnet Addons For Elementor Pro

piotnet-addons-for-elementor-pro

Podlove Podcast Publisher

podlove-podcasting-plugin-for-wordpress

Poll | Vote | Contest – Best Poll Plugin for WordPress

totalpoll-lite

Popup Box – Best WordPress Popup Plugin

ays-popup-box

Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation

optinmonster

PopupAlly

popupally

Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)

buddyforms

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

ultimate-post

Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks

post-grid

Premium Addons for Elementor

premium-addons-for-elementor

Pretty Google Calendar

pretty-google-calendar

Pricing Table by Supsystic

pricing-table-by-supsystic

Print Invoice & Delivery Notes for WooCommerce

woocommerce-delivery-notes

Product Addons & Fields for WooCommerce

woocommerce-product-addon

ProfileGrid – User Profiles, Memberships, Groups and Communities

profilegrid-user-profiles-groups-and-communities

PropertyHive

propertyhive

Qi Addons For Elementor

qi-addons-for-elementor

Quick Featured Images

quick-featured-images

Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress

radio-player

Radio Station by netmix® – Manage and play your Show Schedule in WordPress!

radio-station

Rank Math SEO with AI Best SEO Tools

seo-by-rank-math

Rate My Post – Star Rating Plugin by FeedbackWP

rate-my-post

Recencio Book Reviews

recencio-book-reviews

Reviews Plus

reviews-plus

RomethemeForm For Elementor

romethemeform

RomethemeKit For Elementor

rometheme-for-elementor

Royal Elementor Addons and Templates

royal-elementor-addons

rtMedia for WordPress, BuddyPress and bbPress

buddypress-media

Salon booking system

salon-booking-system

Save as PDF Plugin by Pdfcrowd

save-as-pdf-by-pdfcrowd

SchedulePress – Best Editorial Calendar, Missed Schedule & Auto Social Share

wp-scheduled-posts

Schema & Structured Data for WP & AMP

schema-and-structured-data-for-wp

Secure Copy Content Protection and Content Locking

secure-copy-content-protection

Seers | GDPR & CCPA Cookie Consent & Compliance

seers-cookie-consent-banner-privacy-policy

Send PDF for Contact Form 7

send-pdf-for-contact-form-7

Serious Slider

cryout-serious-slider

SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy

woo-aliexpress-dropshipping

ShortPixel Critical CSS

shortpixel-critical-css

Simple Membership

simple-membership

Simply Static

simply-static

Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)

sina-extension-for-elementor

Slash Admin

slash-admin

Smart Forms – when you need more than just a contact form

smart-forms

Smart Maintenance Mode

smart-maintenance-mode

Smart Recent Posts Widget

smart-recent-posts-widget

Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap

socialsnap

Social Sharing Plugin – Social Warfare

social-warfare

Solid Affiliate

solid-affiliate

Spectra – WordPress Gutenberg Blocks

ultimate-addons-for-gutenberg

SSU – WordPress Amazon S3 & Wasabi Smart File Uploads Plugin

wp-s3-smart-upload

Sticky Anything

toast-stick-anything

StreamWeasels Twitch Integration

streamweasels-twitch-integration

Table Rate Shipping Method for WooCommerce by Flexible Shipping

flexible-shipping

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)

the-pack-addon

The Plus Addons for Elementor

the-plus-addons-for-elementor-page-builder

The Plus Blocks for Block Editor | Gutenberg

the-plus-addons-for-block-editor

Timetable and Event Schedule by MotoPress

mp-timetable

Tutor LMS – eLearning and online course solution

tutor

Ultimate 410 Gone Status Code

ultimate-410

User Meta – User Profile Builder and User management plugin

user-meta

USPS Shipping for WooCommerce – Live Rates

flexible-shipping-usps

Video Conferencing with Zoom

video-conferencing-with-zoom-api

VikRentCar Car Rental Management System

vikrentcar

Vision – Image Map Builder

vision

Vitepos – Point of sale (POS) plugin for WooCommerce

vitepos-lite

VK Block Patterns

vk-block-patterns

VOD Infomaniak

vod-infomaniak

Wallet for WooCommerce – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds

woo-wallet

Widget Post Slider

widget-post-slider

WooCommerce Amazon Affiliates – Wordpress Plugin

woozone

WooCommerce Shipping Label

shipping-labels-for-woo

WordPress Ad Widget

ad-widget

WordPress Backup & Migration

wp-migration-duplicator

WP ADA Compliance Check Basic – Most Comprehensive Web Accessibility Solution for WordPress

wp-ada-compliance-check-basic

WP Club Manager – WordPress Sports Club Plugin

wp-club-manager

WP Datepicker

wp-datepicker

WP Fusion Lite – Marketing Automation and CRM Integration for WordPress

wp-fusion-lite

WP GoToWebinar

wp-gotowebinar

WP LinkedIn Auto Publish

wp-linkedin-auto-publish

WP Masquerade

wp-masquerade

WP Media Category Management

wp-media-category-management

WP Page Post Widget Clone

wp-page-post-widget-clone

WP SMTP

wp-smtp

WP STAGING Pro WordPress Backup Plugin

wp-staging-pro

WP STAGING WordPress Backup Plugin – Migration Backup Restore

wp-staging

WP Time Slots Booking Form

wp-time-slots-booking-form

WP Travel Engine – Best Travel Booking WordPress Plugin

wp-travel-engine

WP ULike – Most Advanced WordPress Marketing Toolkit

wp-ulike

WP-Lister Lite for eBay

wp-lister-for-ebay

WP-Members Membership Plugin

wp-members

WP-Recall – Registration, Profile, Commerce & More

wp-recall

WPC Composite Products for WooCommerce

wpc-composite-products

WPCal.io – Easy Meeting Scheduler

wpcal

WPPizza – A Restaurant Plugin

wppizza

WPZOOM Addons for Elementor (Templates, Widgets)

wpzoom-elementor-addons

XforWooCommerce

xforwoocommerce

XStore Core

et-core-plugin

YITH WooCommerce Compare

yith-woocommerce-compare

WordPress Themes with Reported Vulnerabilities Last Week

Software Name
Software Slug

Accountra

accountra

Althea WP

althea-wp

Blocksy

blocksy

Brite

brite

Colibri WP

colibri-wp

ColorNews

colornews

Elevate WP

elevate-wp

Financio

financio

Hugo WP

hugo-wp

Intrace

intrace

Pathway

pathway

Photology

photology

Royal Elementor Kit

royal-elementor-kit

Startupzy

startupzy

Teluro

teluro

Travey

travey

uDesign – Responsive WordPress Theme

u-design

Vertice

vertice

Virtue

virtue

WP Portfolio

wp-portfolio

XStore

xstore

Zeever

zeever

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32809
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ActiveDEMAND
Researcher

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33644
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Customify Site Library
Researcher

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33544
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32709
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33559
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-33551
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-3342
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33546
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32710
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-33556
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33566
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-3962
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-32959
Patch Status
Patched
Published
Apr 23, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33560
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33553
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-33552
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-3060
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
ENL Newsletter
Researcher

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32954
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Newsletters
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32706
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ARforms
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33541
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Better Elementor Addons
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-32960
Patch Status
Patched
Published
Apr 23, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33641
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Custom field finder
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3500
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
ElementsKit Pro
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33549
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3895
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
WP Datepicker
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33550
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
WP Masquerade
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33628
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XforWooCommerce
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33564
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33557
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
High (8.1)
CVE-ID
CVE-2024-32703
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ARforms
Researcher

CVSS Rating
High (7.5)
CVE-ID
CVE-2024-32729
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ChatBot Conversational Forms
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3715
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32835
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32817
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3047
Patch Status
Patched
Published
Apr 24, 2024

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3045
Patch Status
Patched
Published
Apr 24, 2024

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33634
Patch Status
Unpatched
Published
Apr 25, 2024

Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33592
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32807
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Brevo for WooCommerce
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-33646
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Sticky Anything
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-1789
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
WP SMTP

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32836
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WP-Lister Lite for eBay
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32725
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-32814
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-2798
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3553
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-33558
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32831
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Accessibility Widget
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33643
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33629
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32961
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
Blocksy
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3747
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
Blocksy

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3337
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Colibri Page Builder
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-7030
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
Collapse-O-Matic

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33540
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
ColorNews
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32819
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Culqi
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32775
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Embed Google Photos album
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2750
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Exclusive Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3985
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Exclusive Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3489
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Exclusive Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32955
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
FV Flowplayer Video Player
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3588
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Getwid – Gutenberg Blocks
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3890
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3819
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Jeg Elementor Kit
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33649
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Opal Widgets For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33630
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Piotnet Addons For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32791
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Premium Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3885
Patch Status
Patched
Published
Apr 23, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3647
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
Premium Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33640
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Pretty Google Calendar
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3309
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Qi Addons For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-29811
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3665
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33648
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Recencio Book Reviews

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32956
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
RomethemeKit For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33684
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Save as PDF Plugin by Pdfcrowd
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3199
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
The Plus Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3197
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
The Plus Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3677
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Ultimate 410 Gone Status Code
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4034
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Virtue
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33537
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
WP Portfolio
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1572
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1759
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2838
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2477
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Comments – wpDiscuz

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33539
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-33555
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32702
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ARforms
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-28002
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Cornerstone
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33645
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Easy Set Favicon
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-0905
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Fancy Product Designer
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3473
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Header Footer Code Manager Pro
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3681
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
Interactive World Maps
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32952
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Max Addons Pro for Bricks
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33633
Patch Status
Unpatched
Published
Apr 25, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32789
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32958
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
Slash Admin
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4077
Patch Status
Unpatched
Published
Apr 23, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33584
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Video Conferencing with Zoom
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33571
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
VOD Infomaniak
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33548
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32950
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WP Media Category Management
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33562
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33554
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore Core
Researcher

CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-33627
Patch Status
Unpatched
Published
Apr 24, 2024

Researcher

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32714
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33542
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Crelly Slider
Researcher

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3730
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
Simple Membership
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32783
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32720
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32776
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33538
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32777
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3678
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32802
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33652
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Client Dash
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3870
Patch Status
Patched
Published
Apr 26, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32784
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33591
Patch Status
Patched
Published
Apr 25, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32799
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Easy Property Listings
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32788
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
FG Joomla to WordPress
Researcher(s): Unknown

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32726
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Frontend Dashboard
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32792
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33594
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Leaky Paywall
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32832
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Login with phone number
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32708
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Maintenance Mode

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32951
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Max Addons Pro for Bricks
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32953
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Newsletters
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33586
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33635
Patch Status
Unpatched
Published
Apr 25, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3897
Patch Status
Patched
Published
Apr 24, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32774
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32823
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32727
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
RomethemeForm For Elementor
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32786
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33587
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3585
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
Send PDF for Contact Form 7
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32724
Patch Status
Patched
Published
Apr 22, 2024

Researcher(s): Unknown

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32825
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Simply Static
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32805
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33637
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Solid Affiliate
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33597
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32716
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33575
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32811
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32780
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32779
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Vision – Image Map Builder
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32826
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
VK Block Patterns
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33545
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32719
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33543
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
WP Time Slots Booking Form
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32798
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2920
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
WP-Members Membership Plugin
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33561
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32723
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Advanced Floating Content Lite
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33642
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Advanced Post List
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32815
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
All-in-one Like Widget
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33598
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Annual Archive
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33697
Patch Status
Unpatched
Published
Apr 26, 2024

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3338
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Colibri Page Builder
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32722
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33695
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
Fan Page Widget by ThemeNcode
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2324
Patch Status
Patched
Published
Apr 23, 2024

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4234
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
Filterable Portfolio
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32707
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Image Slider
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32833
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
List Custom Taxonomy Widget
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33693
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
Meks Smart Social Widget
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33694
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
Meks ThemeForest Smart Widget
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33639
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
PopupAlly
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33692
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
Smart Recent Posts Widget
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32801
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Widget Post Slider
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33696
Patch Status
Unpatched
Published
Apr 26, 2024

Affected Software
WordPress Ad Widget
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1716
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32704
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ARforms
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32705
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ARforms
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33678
Patch Status
Unpatched
Published
Apr 26, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4086
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
CM Tooltip Glossary
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33686
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33677
Patch Status
Unpatched
Published
Apr 26, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32829
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33573
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
EPROLO Dropshipping
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32824
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33679
Patch Status
Unpatched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33690
Patch Status
Patched
Published
Apr 25, 2024

Affected Software
Financio
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33596
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32828
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32806
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Headline Analyzer
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33683
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Hide Dashboard Notifications
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32782
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32701
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33589
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33588
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33680
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33651
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
MF Gig Calendar
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33685
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32957
Patch Status
Patched
Published
Apr 23, 2024

Affected Software
Page Builder: Live Composer

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32812
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Podlove Podcast Publisher
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32712
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Podlove Podcast Publisher
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3607
Patch Status
Patched
Published
Apr 24, 2024

Affected Software
PropertyHive
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3664
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Quick Featured Images
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32822
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Reviews Plus
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32773
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Royal Elementor Kit
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-2429
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
Salon booking system
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32717
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32787
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33650
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Serious Slider
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32810
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
ShortPixel Critical CSS
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33593
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33638
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
Smart Maintenance Mode

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3107
Patch Status
Patched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33572
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32821
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33574
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3546
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WordPress Backup & Migration
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32818
Patch Status
Patched
Published
Apr 22, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33682
Patch Status
Unpatched
Published
Apr 26, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32804
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WP GoToWebinar
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32797
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WP LinkedIn Auto Publish
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33636
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
WP Page Post Widget Clone
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32795
Patch Status
Patched
Published
Apr 22, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33576
Patch Status
Patched
Published
Apr 25, 2024

Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33547
Patch Status
Unpatched
Published
Apr 25, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33563
Patch Status
Unpatched
Published
Apr 25, 2024

Affected Software
XStore
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32699
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
YITH WooCommerce Compare

CVSS Rating
Low (3.3)
CVE-ID
CVE-2024-32834
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
WooCommerce Shipping Label
Researcher

CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-3034
Patch Status
Patched
Published
Apr 26, 2024

Affected Software
BackUpWordPress
Researcher

CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-4214
Patch Status
Patched
Published
Apr 25, 2024

CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-32790
Patch Status
Patched
Published
Apr 22, 2024

Affected Software
Pricing Table by Supsystic
Researcher

As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024) appeared first on Wordfence.