Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 180 vulnerabilities disclosed in 142 WordPress Plugins and 6 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 62 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 16,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Patched
133
Unpatched
47
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Low Severity
1
Medium Severity
144
High Severity
17
Critical Severity
18
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
82
Cross-Site Request Forgery (CSRF)
23
Missing Authorization
18
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
8
Unrestricted Upload of File with Dangerous Type
8
Information Exposure
7
Deserialization of Untrusted Data
6
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
5
Improper Control of Generation of Code (‘Code Injection’)
4
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
4
Server-Side Request Forgery (SSRF)
3
Authentication Bypass Using an Alternate Path or Channel
2
Information Exposure Through Log Files
2
Authorization Bypass Through User-Controlled Key
1
Improper Access Control
1
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
1
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)
1
Improper Privilege Management
1
Incorrect Authorization
1
Insecure Storage of Sensitive Information
1
Unprotected Alternate Channel
1
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
19
15
9
8
8
7
7
7
6
6
5
5
4
4
4
4
3
3
3
3
2
2
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
140+ Widgets | Best Addons For Elementor – FREE
xpro-elementor-addons
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin
real3d-flipbook-lite
Academy LMS – eLearning and online course solution for WordPress
academy
ADFO – Custom data in admin dashboard
admin-form
Advanced Ads – Ad Manager & AdSense
advanced-ads
AI Engine
ai-engine
Aiomatic – Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit
aiomatic-automatic-ai-content-writer
All Bootstrap Blocks
all-bootstrap-blocks
All-in-One Addons for Elementor – WidgetKit
widgetkit-for-elementor
Arigato Autoresponder and Newsletter
bft-autoresponder
Auto Affiliate Links
wp-auto-affiliate-links
AWSOM News Announcement
awsom-news-announcement
Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro
back-in-stock-notifier-for-woocommerce
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
Beaver Builder – WordPress Page Builder
beaver-builder-lite-version
Better Elementor Addons
better-elementor-addons
Blocksy Companion
blocksy-companion
BlogLentor – Blog Designer Pack for Elementor
bloglentor-for-elementor
Breakdance
breakdance
Brozzme Scroll Top
brozzme-scroll-top
Business Card
business-card-by-esterox-100
canvasio3D Light
canvasio3d-light
Church Admin
church-admin
ClickCease Click Fraud Protection
clickcease-click-fraud-protection
Comments Evolved for WordPress
gplus-comments
Configure Login Timeout
configure-login-timeout
Contact List – Premium Staff Listing, Business Directory & Address Book
contact-list
Content Blocks (Custom Post Widget)
custom-post-widget
Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode)
content-views-query-and-display-post-page
Counter Up – Animated Number Counter & Milestone Showcase
wp-counter-up
Custom Field Suite
custom-field-suite
Debug Info
debug-info
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler
cf7-styler
Ditty – Responsive News Tickers, Sliders, and Lists
ditty-news-ticker
Divi Builder
divi-builder
DS Site Message
ds-site-message
Dynamics 365 Integration
integration-dynamics
Easy Affiliate Links
easy-affiliate-links
Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy)
easy-digital-downloads
Edwiser Bridge – WordPress Moodle LMS Integration
edwiser-bridge
EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor
embedpress
Enter Addons – Ultimate Template Builder for Elementor
enteraddons
Envo’s Elementor Templates & Widgets for WooCommerce
envo-elementor-for-woocommerce
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
essential-addons-for-elementor-lite
Falang multilanguage for WordPress
falang
Featured Content Gallery
featured-content-gallery
Flo Forms – Easy Drag & Drop Form Builder
flo-forms
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
form-maker
Forty Four – 404 Plugin for WordPress
forty-four
Gallery Block (Meow Gallery)
meow-gallery
GDPR Compliance
gdpr-compliance
gee Search Plus, improved WordPress search
gsearch-plus
Ghost
ghost
Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers
rafflepress
Gold Addons for Elementor
gold-addons-for-elementor
Graphina – Elementor Charts and Graphs
graphina-elementor-charts-and-graphs
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
kadence-blocks
Gutenify – Visual Site Builder Blocks & Site Templates.
gutenify
Heateor Social Login WordPress
heateor-social-login
Hostel
hostel
Hotel Booking Lite
motopress-hotel-booking-lite
HT Mega – Absolute Addons For Elementor
ht-mega-for-elementor
HTML5 Audio Player- Best WordPress Audio Player Plugin
html5-audio-player
If-So Dynamic Content Personalization
if-so
Image Hover Effects – Elementor Addon
image-hover-effects-addon-for-elementor
Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms
integration-for-contact-form-7-and-pipedrive
Joli FAQ SEO – WordPress FAQ Plugin
joli-faq-seo
KKProgressbar2 Free – advanced progress bars
kkprogressbar
Kognetiks Chatbot for WordPress
chatbot-chatgpt
LearnPress – WordPress LMS Plugin
learnpress
Link Library
link-library
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )
magical-addons-for-elementor
Mesmerize Companion
mesmerize-companion
Mihdan: Yandex Turbo Feed
mihdan-yandex-turbo-feed
Move Addons for Elementor
move-addons
Netgsm
netgsm
One Click Demo Import
one-click-demo-import
Orders Tracking for WooCommerce
woo-orders-tracking
Pk Favicon Manager
phpsword-favicon-manager
Playlist for Youtube
playlist-for-youtube
Pods – Custom Content Types and Fields
pods
Pootle Pagebuilder – WordPress Page builder
pootle-page-builder
Porto Theme – Functionality
porto-functionality
Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder
ajax-filter-posts
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
bdthemes-prime-slider-lite
Propovoice CRM – Best CRM & Invoicing Plugin to Manage Leads, Clients and Billings automation
propovoice
Pure Chat – Live Chat Plugin & More!
pure-chat
QuickieBar
quickiebar
Shared Counts – Social Media Share Buttons
shared-counts
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation
shared-files
Shipment Tracking, Tracking, and Order Tracking for WooCommerce – ParcelPanel (Free to install)
parcelpanel
ShopBuilder – Elementor WooCommerce Builder Addons
shopbuilder
Shopping Cart & eCommerce Store
wp-easycart
ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
shortpixel-adaptive-images
Simple Website Banner
corona-virus-covid-19-banner
SKT Addons for Elementor
skt-addons-for-elementor
Soccer Engine – Soccer Plugin for WordPress
soccer-engine-lite
Social Connect
social-connect
Social Sharing Plugin – Social Warfare
social-warfare
SP Project & Document Manager
sp-client-document-manager
Spectra Pro
spectra-pro
SportsPress – Sports Club & League Manager
sportspress
Squelch Tabs and Accordions Shortcodes
squelch-tabs-and-accordions-shortcodes
Starter Templates — Elementor, WordPress & Beaver Builder Templates
astra-sites
Startklar Elementor Addons
startklar-elmentor-forms-extwidgets
Sticky banner
sticky-banner
Sticky Social Link
sticky-social-link
Stockholm Core
stockholm-core
Swift Performance Lite
swift-performance-lite
Table Maker
table-maker
The Best WordPress Knowledgebase and Documentation Plugin – weDocs
wedocs
The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce
the-plus-addons-for-elementor-page-builder
Themify Shortcodes
themify-shortcodes
Thim Elementor Kit
thim-elementor-kit
Timber
timber-library
Translate Multilingual sites – TranslatePress
translatepress-multilingual
TT Custom Post Type Creator
tt-custom-post-type-creator
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider
ultimate-store-kit
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
unlimited-elements-for-elementor
Unyson
unyson
Viet Affiliate Link
viet-affiliate-link
Viet Nam Affiliate
viet-nam-affiliate
Visual Footer Credit Remover
visual-footer-credit-remover
WC Serial Numbers – Ultimate License Manager for Selling, Licensing & Securely Delivering Digital Content with WooCommerce
wc-serial-numbers
White Label CMS
white-label-cms
WOLF – WordPress Posts Bulk Editor and Manager Professional
bulk-editor
WooCommerce Wishlist (High customization, fast setup,Free Elementor Wishlist, most features)
smart-wishlist-for-more-convert
WordPress Affiliates Plugin — SliceWP Affiliates
slicewp
WordPress Webinar Plugin – WebinarPress
wp-webinarsystem
WP Discourse
wp-discourse
WP etracker
wp-etracker
WP Favorite Posts
wp-favorite-posts
WP Job Manager
wp-job-manager
WP Latest Posts
wp-latest-posts
WP Photo Album Plus
wp-photo-album-plus
WP Post Author – Enhance Your Posts with the Author Bio, Co-Authors, Guest Authors, and Post Rating System, including User Registration Form Builder
wp-post-author
WP STAGING WordPress Backup Plugin – Migration Backup Restore
wp-staging
WPCS ( WordPress Custom Search )
wpcs-wp-custom-search
XML Sitemap & Google News
xml-sitemap-feed
Yoast SEO
wordpress-seo
Z-Downloads
z-downloads
Zotpress
zotpress
WordPress Themes with Reported Vulnerabilities Last Week
Software Name
Software Slug
Divi
Divi
Divi Extra
extra
Himalayas
himalayas
Porto
porto
raindrops
raindrops
Stockholm
stockholm
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-31377
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-34411
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-34412
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4186
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4413
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4560
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4434
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-3806
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4393
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4345
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-34551
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-4606
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-34440
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-34386
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-4533
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-34416
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-4346
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-34555
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-4605
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3954
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-4397
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3807
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3809
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3808
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3828
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-34552
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-34554
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3055
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-4441
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-2290
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-4534
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-34433
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-4747
Patch Status
Unpatched
Published
May 10, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-29800
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-2662
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-4038
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-4448
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-4039
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34561
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3952
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-35169
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34548
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3923
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4430
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34432
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4487
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34421
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34566
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4446
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34564
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3939
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34441
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4490
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4316
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3680
Patch Status
Unpatched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3831
Patch Status
Unpatched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-35167
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4449
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4275
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4386
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34563
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4574
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4209
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4481
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-32674
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34571
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3989
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3990
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4398
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1166
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4277
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4281
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2923
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3494
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4411
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34562
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34573
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4339
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3595
Patch Status
Unpatched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34414
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34436
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34445
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4630
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-0445
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2785
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4567
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34415
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4329
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34569
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4104
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-34553
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3547
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-34431
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4041
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-34560
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-3937
Patch Status
Unpatched
Published
May 8, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-35172
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-34826
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3956
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-34390
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3722
Patch Status
Unpatched
Published
May 8, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-34574
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-4135
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-35171
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34556
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34821
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34550
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32100
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-35174
Patch Status
Unpatched
Published
May 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34559
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-35165
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34820
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4535
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4444
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34819
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34813
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-35173
Patch Status
Unpatched
Published
May 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
Unknown
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34438
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34812
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4213
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34442
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4280
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34549
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.7)
CVE-ID
CVE-2024-4469
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34570
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34428
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34426
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34420
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34419
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34429
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3068
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34565
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4417
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34424
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34437
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34423
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34425
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-35170
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34546
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34430
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34422
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34417
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2846
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34558
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34413
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34418
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4103
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34435
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34823
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34557
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4532
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4531
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4529
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4530
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34828
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-6810
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34439
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-31113
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34388
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4745
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4314
Patch Status
Patched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34817
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4082
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34547
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4746
Patch Status
Unpatched
Published
May 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4689
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4312
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34825
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1693
Patch Status
Unpatched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4463
Patch Status
Patched
Published
May 7, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1467
Patch Status
Patched
Published
May 8, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34827
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34814
Patch Status
Patched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34818
Patch Status
Unpatched
Published
May 9, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-35168
Patch Status
Patched
Published
May 10, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34427
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34389
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34387
Patch Status
Unpatched
Published
May 6, 2024
CVSS Rating
Low (3.5)
CVE-ID
CVE-2024-34824
Patch Status
Patched
Published
May 9, 2024
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024) appeared first on Wordfence.