Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 202 vulnerabilities disclosed in 185 WordPress Plugins, 21 WordPress Themes, and one in WordPress Core that have been added to the Wordfence Intelligence Vulnerability Database, and there were 63 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 15,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Forminator – Contact Form, Payment Form & Custom Form Builder <= 1.29.2 – Authenticated (Contributor+) Stored Cross-Site Scripting
WordPress Core < 6.5.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block
WAF-RULE-690 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Patched
160
Unpatched
42
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Medium Severity
178
High Severity
11
Critical Severity
13
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Cross-Site Request Forgery (CSRF)
92
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
49
Missing Authorization
24
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
14
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
6
Deserialization of Untrusted Data
3
Information Exposure
3
Server-Side Request Forgery (SSRF)
3
Improper Authorization
2
Improper Input Validation
2
Unrestricted Upload of File with Dangerous Type
2
URL Redirection to Untrusted Site (‘Open Redirect’)
2
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
51
12
11
7
6
5
5
5
5
5
4
4
4
4
4
4
4
3
3
3
3
3
2
2
2
2
2
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
5 star review funnel for Google Reviews, Trustpilot, ProvenExpert and more | RRatingg
5-stars-rating-funnel
Account Engagement
pardot
ActiveCampaign – Forms, Site Tracking, Live Chat
activecampaign-subscription-forms
Ads.txt Admin
ads-txt-admin
Advanced Cron Manager – debug & control
advanced-cron-manager
Advanced iFrame
advanced-iframe
Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress
advanced-page-visit-counter
Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page
advanced-post-block
AffiEasy
affieasy
AIKit – WordPress AI Automatic Writer, Chatbot, Writing Assistant & Content Repurposer / OpenAI GPT
aikit-wordpress-ai-writing-assistant-using-gpt3
All-in-One Addons for Elementor – WidgetKit
widgetkit-for-elementor
Appointment Bookings for Zoom GoogleMeet and more – Wappointment
wappointment
AppPresser – Mobile App Framework
apppresser
Asgaros Forum
asgaros-forum
Aspose.Words – Import and Export word documents
aspose-doc-exporter
BA Book Everything
ba-book-everything
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
woo-bulk-editor
Before And After: Lead Capture Forms For WordPress
before-and-after
Benchmark Email Lite
benchmark-email-lite
Better Chat Support – Chat Bubble and Chat Button with Gutenberg, Elementor and Shortcode
chat-help
BizCalendar Web
bizcalendar-web
Blocksy Companion
blocksy-companion
Bold Page Builder
bold-page-builder
Booking for Appointments and Events Calendar – Amelia
ameliabooking
Boostify Header Footer Builder for Elementor
boostify-header-footer-builder
bunny.net – WordPress CDN Plugin
bunnycdn
BWL Advanced FAQ Manager
bwl-advanced-faq-manager
Calendarista Basic Edition – WordPress appointment booking system
calendarista-basic-edition
Carousel Slider
carousel-slider
Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce
wp-carousel-free
CBX Bookmark & Favorite
cbxwpbookmark
Church Admin
church-admin
Church Content – Sermons, Events and More
church-theme-content
Citadela Directory
citadela-directory
Clone
wp-clone-by-wp-academy
Contact Form Plugin
contact-form-lite
Convert Post Types
convert-post-types
Crony Cronjob Manager
crony
Currency per Product for WooCommerce
currency-per-product-for-woocommerce
Customily Product Personalizer
customily-v2
Dashboard To-Do List
dashboard-to-do-list
Dashboard Welcome for Elementor
dashboard-welcome-for-elementor
Disable Comments | WPZest
disable-comments-wpz
Download Manager
downloadmanager
E2Pdf – Export To Pdf Tool for WordPress
e2pdf
Easy Logo
easylogo
eCommerce Product Catalog Plugin for WordPress
ecommerce-product-catalog
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
bdthemes-element-pack-lite
Elementor Addons by Livemesh
addons-for-elementor
ELEX WooCommerce Dynamic Pricing and Discounts
elex-woocommerce-dynamic-pricing-and-discounts
Email Marketing for WooCommerce by Omnisend
omnisend-connect
eRoom – Zoom Meetings & Webinars
eroom-zoom-meetings-webinar
Essential Grid Gallery WordPress Plugin
essential-grid
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin
mage-eventpress
Exclusive Addons for Elementor
exclusive-addons-for-elementor
Extra Product Options Builder for WooCommerce
additional-product-fields-for-woocommerce
EZ Form Calculator
ez-form-calculator
F4 Improvements
f4-improvements
Favicon by RealFaviconGenerator
favicon-by-realfavicongenerator
Filter Custom Fields & Taxonomies Light
filter-custom-fields-taxonomies-light
Finale Lite – Sales Countdown Timer & Discount for WooCommerce
finale-woocommerce-sales-countdown-timer-discount
Find Duplicates
find-duplicates
Forminator – Contact Form, Payment Form & Custom Form Builder
forminator
Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook
forms-to-zapier
Freshdesk (official)
freshdesk-support
FV Flowplayer Video Player
fv-wordpress-flowplayer
Gallery Box
gallery-box
GEO my WordPress
geo-my-wp
Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported)
gift-voucher
GiveWP – Donation Plugin and Fundraising Platform
give
GP Unique ID
gp-unique-id
Gutenberg
gutenberg
Gutenberg Blocks by Kadence Blocks – Page Builder Features
kadence-blocks
Import any XML or CSV File to WordPress
wp-all-import
Import Users from CSV
import-users-from-csv
Inline Related Posts
intelly-related-posts
InstaWP Connect – 1-click WP Staging & Migration
instawp-connect
Intagrate Lite
instagrate-to-wordpress
IP2Location Country Blocker
ip2location-country-blocker
Ivory Search – WordPress Search Plugin
add-search-to-menu
Jobs for WordPress
job-postings
Kimili Flash Embed
kimili-flash-embed
Language Translate Widget for WordPress – ConveyThis
conveythis-translate
Leadinfo
leadinfo
Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
leaflet-maps-marker
Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator
legal-pages
Libsyn Publisher Hub
libsyn-podcasting
LifterLMS – WordPress LMS Plugin for eLearning
lifterlms
Link Whisper Free
link-whisper
Load More Anything
ajax-load-more-anything
Login With Ajax – Fast Logins, 2FA, Redirects
login-with-ajax
Login with phone number
login-with-phone-number
Login | Login Page | Login Logo | Rename Login Page | Custom Login Page | Temporary Users | Rebrand Login | Login Captcha
feather-login-page
Mail logging – WP Mail Catcher
wp-mail-catcher
MailChimp Forms by MailMunch
mailchimp-forms-by-mailmunch
Marker.io – Visual Website Feedback
marker-io
Membership Plugin – Restrict Content
restrict-content
Migration, Backup, Staging – WPvivid
wpvivid-backuprestore
MihanPanel – User Login , Registration and Dashboard
mihanpanel-lite
MultiParcels Shipping For WooCommerce
multiparcels-shipping-for-woocommerce
MWW Disclaimer Buttons
mww-disclaimer-buttons
Newsletter – Send awesome emails from WordPress
newsletter
NextMove Lite – Thank You Page for WooCommerce
woo-thank-you-page-nextmove-lite
No-Bot Registration
no-bot-registration
Novelist
novelist
Ocean Extra
ocean-extra
Order Delivery Date for WooCommerce
order-delivery-date-for-woocommerce
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE
otter-blocks
Ovic Addon Toolkit
ovic-addon-toolkit
Page Builder: Live Composer
live-composer-page-builder
Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
wp-user-avatar
Podlove Podcast Publisher
podlove-podcasting-plugin-for-wordpress
POEditor
poeditor
Popup by Supsystic
popup-by-supsystic
Popup Like box – Page Plugin
ays-facebook-popup-likebox
Post Type Builder
themify-ptb
Premium Addons for Elementor
premium-addons-for-elementor
Premmerce Product Filter for WooCommerce
premmerce-woocommerce-product-filter
Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More
purple-xmls-google-product-feed-for-woocommerce
Product Input Fields for WooCommerce
product-input-fields-for-woocommerce
ProfileGrid – User Profiles, Memberships, Groups and Communities
profilegrid-user-profiles-groups-and-communities
Realtyna Organic IDX plugin + WPL Real Estate
real-estate-listing-realtyna-wpl
ReDi Restaurant Reservation
redi-restaurant-reservation
Redirection
redirect-redirection
Remove Footer Credit
remove-footer-credit
Responsive Contact Form Builder & Lead Generation Plugin
lead-form-builder
Responsive Slider – Sangar Slider
sangar-slider-lite
RestroPress – Online Food Ordering System
restropress
Save as Image Plugin by Pdfcrowd
save-as-image-by-pdfcrowd
Search Keyword Redirect
wp-search-keyword-redirect
SEO Booster
seo-booster
Shopkeeper Extender
shopkeeper-extender
Shopping Cart & eCommerce Store
wp-easycart
Short URL
shorten-url
Simple Post Notes
simple-post-notes
Siteimprove
siteimprove
Slider Revolution
revslider
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows
ml-slider
Smart Slider 3
smart-slider-3
Smash Balloon Social Post Feed
custom-facebook-feed
Spotlight Social Feeds [Block, Shortcode, and Widget]
spotlight-social-photo-feeds
Subscribe2 – Form, Email Subscribers & Newsletters
subscribe2
Sync Post With Other Site
sync-post-with-other-site
Table Plugin for WordPress with Google Sheets Integration – Sheets to WP Table Live Sync
sheets-to-wp-table-live-sync
Tablesome – Responsive Table, Email Log, Form Automation – Contact Form 7, Elementor, WPForms, Gravity Forms, Fluent, Forminator
tablesome
TempTool [Show Current Template Info]
current-template-name
The Events Calendar
the-events-calendar
Top Bar
top-bar
TOP Table Of Contents
top-table-of-contents
TWIPLA (Visitor Analytics IO) – Privacy-First Website Stats, Session Recordings, Heatmaps, Polls and Surveys
visitor-analytics-io
Ultimate Before After Image Slider & Gallery – BEAF
beaf-before-and-after-gallery
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
ultimate-member
Ultimate Product Catalog
ultimate-product-catalogue
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider
ultimate-store-kit
UNKNOWN-CVE-2014-4663
UNKNOWN-CVE-2014-4663
Unlimited Elementor Inner Sections By BoomDevs
unlimited-elementor-inner-sections-by-boomdevs
User Activity Log Pro
user-activity-log-pro
UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress
userswp
USPS Shipping for WooCommerce – Live Rates
flexible-shipping-usps
Wallet System for WooCommerce – Digital Wallet, Cashback Rewards, Recharge User Wallets, View Transaction History
wallet-system-for-woocommerce
Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition
webinar-ignition
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode
coming-soon
Welcart e-Commerce
usc-e-shop
WOLF – WordPress Posts Bulk Editor and Manager Professional
bulk-editor
WooCommerce UPS Shipping – Live Rates and Access Points
flexible-shipping-ups
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds
another-wordpress-classifieds-plugin
WordPress Flipbook by Supsystic
digital-publications-by-supsystic
WordPress Hosting Benchmark tool
wpbenchmark
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly
tour-booking-manager
WP Accessibility Helper (WAH)
wp-accessibility-helper
WP Activity Log Premium
wp-security-audit-log-premium
WP Client Reports
wp-client-reports
WP Compress – Image Optimizer [All-In-One]
wp-compress-image-optimizer
WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, Security+
wp-letsencrypt-ssl
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress
wp-event-aggregator
WP Google Analytics Events – No-Code Custom Event Tracking for Google Analytics
wp-google-analytics-events
WP Login and Logout Redirect
wp-login-and-logout-redirect
WP Matterport Shortcode
shortcode-gallery-for-matterport-showcase
WP Radio – Worldwide Online Radio Stations Directory for WordPress
wp-radio
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden
wp2leads
WPBakery Visual Composer
js_composer
WPC Smart Quick View for WooCommerce
woo-smart-quick-view
WPZOOM Social Feed Widget & Block
instagram-widget-by-wpzoom
XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin]
faq-for-woocommerce
Zoho Campaigns
zoho-campaigns
WordPress Themes with Reported Vulnerabilities Last Week
Software Name
Software Slug
Blocksy
blocksy
CityLogic
citylogic
Default Mag
default-mag
Emmet Lite
emmet-lite
Gridsby
gridsby
HappenStance
happenstance
i-excel
i-excel
i-max
i-max
Lightning
lightning
Namaha
namaha
NewsXpress
newsxpress
Panoramic
panoramic
PopularFX
popularfx
Sarada Lite
sarada-lite
Sensible WP
sensible-wp
Shopstar!
shopstar
Sliding Door
sliding-door
Soledad
soledad
Spa and Salon
spa-and-salon
The Conference
the-conference
X-T9
x-t9
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-32128
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-31370
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32125
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32127
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32139
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-32137
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-2667
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32098
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32136
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32132
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32135
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32134
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-32087
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3211
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-2018
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
High (8.5)
CVE-ID
CVE-2023-6964
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-32086
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2023-7046
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3020
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-1774
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-32431
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2023-6811
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
High (7.2)
CVE-ID
Unknown
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-3054
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-2665
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32079
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2137
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2735
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2734
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2736
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32147
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2655
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2539
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3053
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1957
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (6.4)
CVE-ID
Unknown
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3670
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32140
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3167
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3344
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3343
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2867
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3210
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-0376
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2664
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2306
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2801
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3285
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3027
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-31357
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1041
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1042
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1805
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1842
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1840
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1841
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-1780
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32133
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32129
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32149
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-31365
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32138
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-32145
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (5.8)
CVE-ID
CVE-2024-32107
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-32430
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-32454
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2733
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32078
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2666
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-2765
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-31943
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-32144
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31358
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0908
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31430
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31932
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32131
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2966
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32105
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3235
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0710
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32112
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31359
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31432
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-31368
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31926
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31361
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3703
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32083
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31925
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31929
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32428
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32453
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31387
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32429
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31931
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-32080
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31928
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31937
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-31927
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2023-6494
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32448
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32435
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31425
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31374
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32110
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32440
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32146
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32447
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32433
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32084
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31360
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31382
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31942
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32090
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32094
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32085
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32088
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32108
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32102
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31920
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31376
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32089
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32443
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31373
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32437
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31364
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32101
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3275
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31940
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31422
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31923
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32081
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32097
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32436
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31939
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31435
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31426
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3233
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32092
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32451
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32141
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31363
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31934
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-30546
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31424
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31378
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31427
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31389
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32095
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31386
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31434
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31938
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32104
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31372
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32093
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32434
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32432
Patch Status
Unpatched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31933
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32148
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32143
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31383
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31421
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31366
Patch Status
Unpatched
Published
Apr 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31431
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31362
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31385
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1415
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1416
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32449
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32091
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31429
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32438
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31935
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32103
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31379
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31369
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31367
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31384
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31381
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32082
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31388
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31428
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31433
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31921
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31936
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32446
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32445
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31944
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31922
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31423
Patch Status
Patched
Published
Apr 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32439
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32106
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32452
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31371
Patch Status
Patched
Published
Apr 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32099
Patch Status
Patched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32109
Patch Status
Unpatched
Published
Apr 11, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31375
Patch Status
Patched
Published
Apr 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32450
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3662
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32442
Patch Status
Patched
Published
Apr 12, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-32441
Patch Status
Patched
Published
Apr 12, 2024
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024) appeared first on Wordfence.
