WordPress Core — Security Update!
WordPress 6.4.1 was released on December 6, 2023, as a short-cycle maintenance and security release with seven bug fixes and one security patch for a potential Remote Code Execution (RCE) vulnerability that is not directly exploitable in most situations. However, combined with certain plugins on a multisite network, this vulnerability could be exploited and pose a high-severity risk. The 6.4.1 update will prevent PHP object injections from being chained into a potential RCE, according to details published by Patchstack.
WordPress 6.4.1 was released on November 8, 2023, as a short-cycle maintenance release to address several bugs, including loss of backward compatibility with a dependency, cURL 7.29 or earlier. This broke the WordPress internal update facility on servers running very old, insecure cURL versions.
WordPress 6.4 was released on November 7, 2023, as the third major release of the year. Following a major release, you should not update live sites without taking backups and testing the update in a non-production environment first.
WordPress Plugins — 124 Patched / 80 Unpatched
Nested Pages
Plugin:Nested Pages
Plugin Slug:wp-nested-pages
Installations:100,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49195
Aruba HiSpeed Cache
Plugin:Aruba HiSpeed Cache
Plugin Slug:aruba-hispeed-cache
Installations:90,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-44983
Simple Calendar – Google Calendar Plugin
Plugin Slug:google-calendar-events
Installations:60,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49151
Enhanced Text Widget
Plugin:Enhanced Text Widget
Plugin Slug:enhanced-text-widget
Installations:50,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49192
Grow Social
Plugin:Grow Social
Plugin Slug:social-pug
Installations:50,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49193
Site Offline Or Coming Soon Or Maintenance Mode
Plugin Slug:site-offline
Installations:40,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49190
GoDaddy Email Marketing
Plugin:GoDaddy Email Marketing
Plugin Slug:godaddy-email-marketing-sign-up-forms
Installations:30,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49156
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
Plugin:Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms
Plugin Slug:happyforms
Installations:30,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-48752
Restricted Site Access
Plugin:Restricted Site Access
Plugin Slug:restricted-site-access
Installations:20,000+
Vulnerability:Bypass Vulnerability
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48753
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce
Plugin Slug:wp-event-manager
Installations:20,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49181
Elementor Timeline Widget
Plugin:Elementor Timeline Widget
Plugin Slug:3r-elementor-timeline-widget
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49755
AppMySite – Create an app with the Best Mobile App Builder
Plugin Slug:appmysite
Installations:10,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49762
Awesome Support – WordPress HelpDesk & Support Plugin
Plugin Slug:awesome-support
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49757
Business Directory Plugin – Easy Listing Directories for WordPress
Plugin Slug:business-directory-plugin
Installations:10,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-5803
Forms by CaptainForm – Form Builder for WordPress
Plugin Slug:captainform
Installations:10,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49170
Coming soon and Maintenance mode
Plugin Slug:coming-soon-page
Installations:10,000+
Vulnerability:Bypass Vulnerability
Patched in Version:No Fix
Severity Score:Low
CVE:2023-49741
Quantity Plus Minus Button for WooCommerce by CodeAstrology
Plugin Slug:wc-quantity-plus-minus-button
Installations:10,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48768
Event Manager, Event Calendar, Event Tickets for WooCommerce – Eventin
Plugin Slug:wp-event-solution
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49756
MkRapel Regiones y Ciudades de Chile para WC
Plugin Slug:wc-ciudades-y-regiones-de-chile
Installations:8,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48781
SoundCloud Shortcode
Plugin:SoundCloud Shortcode
Plugin Slug:soundcloud-shortcode
Installations:7,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-34018
Button Generator – easily Button Builder
Plugin Slug:button-generation
Installations:6,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49155
Button Generator – easily Button Builder
Plugin Slug:button-generation
Installations:6,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49154
Ads by datafeedr.com
Plugin:Ads by datafeedr.com
Plugin Slug:ads-by-datafeedrcom
Installations:5,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49169
Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates
Plugin Slug:affiliatebooster-blocks
Installations:5,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49148
Aparat
Plugin:Aparat
Plugin Slug:aparat
Installations:5,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48770
LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing…
Plugin Slug:ladipage
Installations:5,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:High
CVE:2023-49158
Social Share Buttons & Analytics Plugin – GetSocial.io
Plugin Slug:wp-share-buttons-analytics-by-getsocial
Installations:5,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49189
Client Dash
Plugin:Client Dash
Plugin Slug:client-dash
Installations:4,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49165
CommentLuv
Plugin:CommentLuv
Plugin Slug:commentluv
Installations:4,000+
Vulnerability:Server Side Request Forgery (SSRF)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49159
Campaign Monitor for WordPress
Plugin Slug:forms-for-campaign-monitor
Installations:4,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-38474
Product Size Chart For WooCommerce
Plugin Slug:product-size-chart-for-woo
Installations:4,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48778
which template file
Plugin:which template file
Plugin Slug:which-template-file
Installations:4,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49177
Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back
Plugin:Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back
Plugin Slug:chat-bubble
Installations:3,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48769
Database for CF7
Plugin:Database for CF7
Plugin Slug:database-for-cf7
Installations:3,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49167
Formzu WP
Plugin:Formzu WP
Plugin Slug:formzu-wp
Installations:3,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49160
Add to Cart Text Changer and Customize Button, Add Custom Icon
Plugin Slug:woo-add-to-cart-text-change
Installations:3,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49153
WooCommerce Login Redirect
Plugin:WooCommerce Login Redirect
Plugin Slug:woo-login-redirect
Installations:3,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48773
Crypto Converter ? Widget
Plugin:Crypto Converter ? Widget
Plugin Slug:crypto-converter-widget
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49150
Doofinder WP & WooCommerce Search
Plugin Slug:doofinder-for-woocommerce
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49185
File Gallery
Plugin:File Gallery
Plugin Slug:file-gallery
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-48771
Product Enquiry for WooCommerce
Plugin Slug:gm-woocommerce-quote-popup
Installations:2,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49761
WordPress Brute Force Protection – Stop Brute Force Attacks
Plugin Slug:guardgiant
Installations:2,000+
Vulnerability:SQL Injection
Patched in Version:No Fix
Severity Score:High
CVE:2023-48764
Multiple Post Passwords
Plugin:Multiple Post Passwords
Plugin Slug:multiple-post-passwords
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49157
Sign In Scheduling Online Appointment Booking System
Plugin Slug:10to8-online-booking
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49173
360 Javascript Viewer
Plugin:360 Javascript Viewer
Plugin Slug:360deg-javascript-viewer
Installations:1,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48779
AdFoxly – Ad Manager, AdSense Ads & Ads.txt
Plugin Slug:adfoxly
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-46617
Automatic Youtube Video Posts Plugin
Plugin Slug:automatic-youtube-video-posts
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49180
Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo
Plugin Slug:biteship
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49767
Block for Font Awesome
Plugin:Block for Font Awesome
Plugin Slug:block-for-font-awesome
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49751
Bulk Edit Post Titles
Plugin:Bulk Edit Post Titles
Plugin Slug:bulk-edit-post-titles
Installations:1,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49754
canvasio3D Light
Plugin:canvasio3D Light
Plugin Slug:canvasio3d-light
Installations:1,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48776
Credit Tracker
Plugin:Credit Tracker
Plugin Slug:credit-tracker
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49152
Currency Converter Calculator
Plugin Slug:currency-converter-calculator
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49149
Event post
Plugin:Event post
Plugin Slug:event-post
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49179
Importify – Dropshipping WooCommerce Plugin for Aliexpress, Amazon, Etsy, Alibaba, Walmart & More
Plugin:Importify – Dropshipping WooCommerce Plugin for Aliexpress, Amazon, Etsy, Alibaba, Walmart & More
Plugin Slug:importify
Installations:1,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49194
KP Fastest Tawk.to Chat
Plugin:KP Fastest Tawk.to Chat
Plugin Slug:kp-fastest-tawk-to-chat
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49175
List all posts by Authors, nested Categories and Titles
Plugin Slug:list-all-posts-by-authors-nested-categories-and-titles
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49182
Parallax Slider Block
Plugin:Parallax Slider Block
Plugin Slug:parallax-slider-block
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49184
Prevent Landscape Rotation
Plugin:Prevent Landscape Rotation
Plugin Slug:prevent-landscape-rotation
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48772
SVGator – Add Animated SVG Easily
Plugin Slug:svgator
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48766
WP Catalogue
Plugin:WP Catalogue
Plugin Slug:wp-catalogue
Installations:1,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48780
WP CleanFix
Plugin:WP CleanFix
Plugin Slug:wp-cleanfix
Installations:1,000+
Vulnerability:Broken Access Control
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48775
WPsoonOnlinePage
Plugin:WPsoonOnlinePage
Plugin Slug:wp-soononline-page
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49760
BigCommerce For WordPress
Plugin:BigCommerce For WordPress
Plugin Slug:bigcommerce
Installations:900+
Vulnerability:Sensitive Data Exposure
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49162
HDW Player Plugin (Video Player & Video Gallery)
Plugin Slug:hdw-player-video-player-video-gallery
Installations:900+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49178
Track Geolocation Of Users Using Contact Form 7
Plugin Slug:track-geolocation-of-users-using-contact-form-7
Installations:600+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49188
Bravo Translate
Plugin:Bravo Translate
Plugin Slug:bravo-translate
Installations:500+
Vulnerability:SQL Injection
Patched in Version:No Fix
Severity Score:High
CVE:2023-49161
GDPR Cookie Consent by Supsystic
Plugin Slug:gdpr-compliance-by-supsystic
Installations:500+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49191
Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media
Plugin Slug:evergreen-content-poster
Installations:100+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-41127
Innovs HR – Complete Human Resource Management System for Your Business
Plugin Slug:innovs-hr-manager
Installations:100+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49171
Simple Long Form
Plugin:Simple Long Form
Plugin Slug:simple-long-form
Installations:90+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-41136
WP Pocket URLs
Plugin:WP Pocket URLs
Plugin Slug:wp-pocket-urls
Installations:80+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49176
BrainCert – HTML5 Virtual Classroom
Plugin Slug:html5-virtual-classroom
Installations:70+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49172
MSync
Plugin:MSync
Plugin Slug:msync
Installations:10+
Vulnerability:SQL Injection
Patched in Version:No Fix
Severity Score:High
CVE:2023-49166
MyTube PlayList
Plugin:MyTube PlayList
Plugin Slug:mytube
Installations:10+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-48767
WooDiscuz – WooCommerce Comments
Plugin:WooDiscuz – WooCommerce Comments
Plugin Slug:woodiscuz-woocommerce-comments
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49759
Powr Pack
Plugin:Powr Pack
Plugin Slug:powr-pack
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-45609
Machic Core
Plugin:Machic Core
Plugin Slug:machic-core
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:No Fix
Severity Score:High
CVE:2023-49186
Delete Post Revisions In WordPress
Plugin:Delete Post Revisions In WordPress
Plugin Slug:delete-post-revisions-on-single-click
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-48754
CSprite
Plugin:CSprite
Plugin Slug:csprite
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:No Fix
Severity Score:Medium
CVE:2023-49763
Contact Form 7
Plugin:Contact Form 7
Plugin Slug:contact-form-7
Installations:5,000,000+
Vulnerability:Arbitrary File Upload
Patched in Version:5.8.4
Severity Score:Medium
CVE:2023-6449
Antispam Bee
Plugin:Antispam Bee
Plugin Slug:antispam-bee
Installations:700,000+
Vulnerability:Bypass Vulnerability
Patched in Version:2.11.4
Severity Score:Medium
CVE:2023-41134
Ocean Extra
Plugin:Ocean Extra
Plugin Slug:ocean-extra
Installations:700,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.2.3
Severity Score:Medium
CVE:2023-49164
WP Shortcodes Plugin — Shortcodes Ultimate
Plugin Slug:shortcodes-ultimate
Installations:600,000+
Vulnerability:Insecure Direct Object References (IDOR)
Patched in Version:7.0.0
Severity Score:Medium
CVE:2023-6226
WP Shortcodes Plugin — Shortcodes Ultimate
Plugin Slug:shortcodes-ultimate
Installations:600,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:7.0.0
Severity Score:Medium
CVE:2023-6225
SiteOrigin Widgets Bundle
Plugin:SiteOrigin Widgets Bundle
Plugin Slug:so-widgets-bundle
Installations:600,000+
Vulnerability:Local File Inclusion
Patched in Version:1.51.0
Severity Score:High
CVE:2023-6295
MW WP Form
Plugin:MW WP Form
Plugin Slug:mw-wp-form
Installations:200,000+
Vulnerability:Arbitrary File Upload
Patched in Version:5.0.2
Severity Score:Critical
CVE:2023-6316
Page Builder: Pagelayer – Drag and Drop website builder
Plugin Slug:pagelayer
Installations:200,000+
Vulnerability:Broken Access Control
Patched in Version:1.7.8
Severity Score:Medium
CVE:2023-49196
Responsive Lightbox & Gallery
Plugin Slug:responsive-lightbox
Installations:200,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.4.6
Severity Score:Medium
CVE:2023-49174
Advanced Database Cleaner
Plugin:Advanced Database Cleaner
Plugin Slug:advanced-database-cleaner
Installations:100,000+
Vulnerability:SQL Injection
Patched in Version:3.1.3
Severity Score:High
CVE:2023-49764
Email Address Encoder
Plugin:Email Address Encoder
Plugin Slug:email-address-encoder
Installations:100,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:1.0.23
Severity Score:Medium
CVE:2023-48765
SpeedyCache – Cache, Optimization, Performance
Plugin Slug:speedycache
Installations:100,000+
Vulnerability:Server Side Request Forgery (SSRF)
Patched in Version:1.1.3
Severity Score:Medium
CVE:2023-49746
HUSKY – Products Filter for WooCommerce Professional
Plugin Slug:woocommerce-products-filter
Installations:100,000+
Vulnerability:SQL Injection
Patched in Version:1.3.4.3
Severity Score:Critical
CVE:2023-40010
Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina)
Plugin Slug:wp-retina-2x
Installations:100,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:6.4.6
Severity Score:Medium
CVE:2023-44982
Backup Migration
Plugin:Backup Migration
Plugin Slug:backup-backup
Installations:90,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:1.3.7
Severity Score:High
CVE:2023-6266
NextScripts: Social Networks Auto-Poster
Plugin Slug:social-networks-auto-poster-facebook-twitter-g
Installations:60,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:4.4.3
Severity Score:High
CVE:2023-49183
Razorpay for WooCommerce
Plugin:Razorpay for WooCommerce
Plugin Slug:woo-razorpay
Installations:60,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:4.5.7
Severity Score:Medium
Razorpay for WooCommerce
Plugin:Razorpay for WooCommerce
Plugin Slug:woo-razorpay
Installations:60,000+
Vulnerability:Broken Access Control
Patched in Version:4.5.7
Severity Score:Medium
CF7 Google Sheets Connector
Plugin:CF7 Google Sheets Connector
Plugin Slug:cf7-google-sheets-connector
Installations:40,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:5.0.6
Severity Score:High
CVE:2023-44989
JetFormBuilder — Dynamic Blocks Form Builder
Plugin Slug:jetformbuilder
Installations:40,000+
Vulnerability:Content Injection
Patched in Version:3.1.5
Severity Score:Medium
CVE:2023-48763
Media File Renamer: Rename Files (Manual, Auto & AI)
Plugin Slug:media-file-renamer
Installations:40,000+
Vulnerability:Sensitive Data Exposure
Patched in Version:5.7.0
Severity Score:Medium
CVE:2023-44991
Ultimate Addons for Contact Form 7
Plugin Slug:ultimate-addons-for-contact-form-7
Installations:30,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:3.2.1
Severity Score:High
CVE:2023-49766
Abandoned Cart Lite for WooCommerce
Plugin Slug:woocommerce-abandoned-cart
Installations:30,000+
Vulnerability:Broken Access Control
Patched in Version:5.16.2
Severity Score:Medium
CVE:2023-41671
Rate my Post – WP Rating System
Plugin Slug:rate-my-post
Installations:20,000+
Vulnerability:Insecure Direct Object References (IDOR)
Patched in Version:3.4.2
Severity Score:Medium
CVE:2023-49765
Seraphinite Accelerator
Plugin:Seraphinite Accelerator
Plugin Slug:seraphinite-accelerator
Installations:20,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.20.29
Severity Score:High
CVE:2023-49740
Video PopUp
Plugin:Video PopUp
Plugin Slug:video-popup
Installations:20,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:1.1.4
Severity Score:Medium
CVE:2023-4962
WCFM Marketplace – Best Multivendor Marketplace for WooCommerce
Plugin Slug:wc-multivendor-marketplace
Installations:20,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:3.6.3
Severity Score:Medium
CVE:2023-4960
YASR – Yet Another Star Rating Plugin for WordPress
Plugin Slug:yet-another-stars-rating
Installations:20,000+
Vulnerability:Broken Access Control
Patched in Version:3.4.4
Severity Score:Medium
CVE:2023-39305
BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin
Plugin Slug:bookingpress-appointment-booking
Installations:10,000+
Vulnerability:Arbitrary File Upload
Patched in Version:1.0.77
Severity Score:Medium
CVE:2023-6219
Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss
Plugin Slug:bp-better-messages
Installations:10,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.4.1
Severity Score:Medium
CVE:2023-49168
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login
Plugin Slug:custom-registration-form-builder-with-submission-manager
Installations:10,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:5.2.3.0
Severity Score:Medium
CVE:2023-47645
Author Box, Guest Author and Co-Authors for Your Posts – Molongui
Plugin Slug:molongui-authorship
Installations:10,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:4.6.20
Severity Score:Medium
CVE:2023-39921
Participants Database
Plugin:Participants Database
Plugin Slug:participants-database
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:2.5.6
Severity Score:Medium
CVE:2023-48751
Qode Essential Addons
Plugin:Qode Essential Addons
Plugin Slug:qode-essential-addons
Installations:10,000+
Vulnerability:Remote Code Execution (RCE)
Patched in Version:1.5.3
Severity Score:Critical
CVE:2023-47840
WP Tripadvisor Review Widgets
Plugin Slug:review-widgets-for-tripadvisor
Installations:10,000+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Swift Performance Lite
Plugin:Swift Performance Lite
Plugin Slug:swift-performance-lite
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:2.3.6.15
Severity Score:Medium
CVE:2023-6289
WP Booking System – Booking Calendar
Plugin Slug:wp-booking-system
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:2.0.19.3
Severity Score:Medium
CVE:2023-49758
SchedulePress – Best Editorial Calendar, Missed Schedule & Auto Social Share
Plugin Slug:wp-scheduled-posts
Installations:10,000+
Vulnerability:Broken Access Control
Patched in Version:5.0.5
Severity Score:Medium
Chatbot for WordPress ??
Plugin:Chatbot for WordPress ??
Plugin Slug:collectchat
Installations:8,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.4.0
Severity Score:Medium
CVE:2023-5691
Widgets for Reviews & Recommendations
Plugin Slug:free-facebook-reviews-and-recommendations-widgets
Installations:7,000+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Guest Author
Plugin:Guest Author
Plugin Slug:guest-author
Installations:7,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.4
Severity Score:Medium
CVE:2023-49747
SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything!
Plugin Slug:suretriggers
Installations:7,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:1.0.24
Severity Score:Medium
CVE:2023-49749
Export WP Page to Static HTML/CSS
Plugin Slug:export-wp-page-to-static-html
Installations:6,000+
Vulnerability:Broken Access Control
Patched in Version:2.2.0
Severity Score:Medium
CVE:2023-6369
Void Elementor Post Grid Addon for Elementor Page builder
Plugin Slug:void-elementor-post-grid-addon-for-elementor-page-builder
Installations:6,000+
Vulnerability:Broken Access Control
Patched in Version:2.2
Severity Score:Medium
CVE:2023-48750
Dashboard Widgets Suite
Plugin:Dashboard Widgets Suite
Plugin Slug:dashboard-widgets-suite
Installations:5,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:3.4.2
Severity Score:Medium
CVE:2023-49743
Gift Up Gift Cards for WordPress and WooCommerce
Plugin Slug:gift-up
Installations:5,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.22
Severity Score:Medium
CVE:2023-49744
Widgets for Booking.com Reviews
Plugin Slug:review-widgets-for-booking-com
Installations:5,000+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Airbnb Reviews
Plugin:Widgets for Airbnb Reviews
Plugin Slug:review-widgets-for-airbnb
Installations:3,000+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Spiffy Calendar
Plugin:Spiffy Calendar
Plugin Slug:spiffy-calendar
Installations:3,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:4.9.6
Severity Score:Medium
CVE:2023-49745
UPS, Mondial Relay & Chronopost for WooCommerce – WCMultiShipping
Plugin Slug:wc-multishipping
Installations:3,000+
Vulnerability:Broken Access Control
Patched in Version:2.3.8
Severity Score:Medium
affiliate-toolkit – WordPress Affiliate Plugin
Plugin Slug:affiliate-toolkit-starter
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:3.4.4
Severity Score:High
CVE:2023-46086
BSK Forms Blacklist
Plugin:BSK Forms Blacklist
Plugin Slug:bsk-gravityforms-blacklist
Installations:2,000+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:3.7
Severity Score:Medium
CVE:2023-5980
Customer Reviews Collector for WooCommerce
Plugin Slug:customer-reviews-collector-for-woocommerce
Installations:2,000+
Vulnerability:Arbitrary File Upload
Patched in Version:4.0
Severity Score:High
CVE:2023-48275
DoFollow Case by Case
Plugin:DoFollow Case by Case
Plugin Slug:dofollow-case-by-case
Installations:2,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:3.5.0
Severity Score:Medium
CVE:2023-49197
teachPress
Plugin:teachPress
Plugin Slug:teachpress
Installations:2,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:9.0.6
Severity Score:Medium
CVE:2023-49163
teachPress
Plugin:teachPress
Plugin Slug:teachpress
Installations:2,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:9.0.5
Severity Score:Medium
CVE:2023-48755
Debug Log Manager
Plugin:Debug Log Manager
Plugin Slug:debug-log-manager
Installations:1,000+
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.2.2
Severity Score:Medium
CVE:2023-5772
IdeaPush
Plugin:IdeaPush
Plugin Slug:ideapush
Installations:1,000+
Vulnerability:Broken Access Control
Patched in Version:8.58
Severity Score:Medium
CVE:2023-48774
Widgets for Amazon Reviews
Plugin:Widgets for Amazon Reviews
Plugin Slug:review-widgets-for-amazon
Installations:1,000+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
12 Step Meeting List
Plugin:12 Step Meeting List
Plugin Slug:12-step-meeting-list
Installations:900+
Vulnerability:Server Side Request Forgery (SSRF)
Patched in Version:3.14.25
Severity Score:Medium
CVE:2023-46641
Widgets for Yelp Reviews
Plugin:Widgets for Yelp Reviews
Plugin Slug:reviews-widgets-for-yelp
Installations:800+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Best Chart Plugin – Chartify
Plugin:Best Chart Plugin – Chartify
Plugin Slug:chart-builder
Installations:500+
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:1.9.7
Severity Score:Medium
Widgets for Thumbtack Reviews
Plugin Slug:widgets-for-thumbtack-reviews
Installations:300+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Ebay Reviews
Plugin:Widgets for Ebay Reviews
Plugin Slug:widgets-for-ebay-reviews
Installations:200+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Capterra Reviews
Plugin:Widgets for Capterra Reviews
Plugin Slug:review-widgets-for-capterra
Installations:100+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Zillow Reviews
Plugin:Widgets for Zillow Reviews
Plugin Slug:widgets-for-zillow-reviews
Installations:100+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for WordPress Reviews
Plugin Slug:reviews-widgets
Installations:50+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Expedia Reviews
Plugin:Widgets for Expedia Reviews
Plugin Slug:widgets-for-expedia-reviews
Installations:40+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Opentable Reviews
Plugin Slug:review-widgets-for-opentable
Installations:30+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Hotels.com Reviews
Plugin Slug:review-widgets-for-hotels-com
Installations:20+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Árukeres? Reviews
Plugin Slug:review-widgets-for-arukereso
Installations:10+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Foursquare Reviews
Plugin Slug:review-widgets-for-foursquare
Installations:10+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Review Widgets for Szallas.hu
Plugin Slug:review-widgets-for-szallas-hu
Installations:10+
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for SourceForge Reviews
Plugin Slug:widgets-for-sourceforge-reviews
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for AliExpress Reviews
Plugin Slug:widgets-for-aliexpress-reviews
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Widgets for Alibaba Reviews
Plugin:Widgets for Alibaba Reviews
Plugin Slug:widgets-for-alibaba-reviews
Vulnerability:Arbitrary File Upload
Patched in Version:11.1
Severity Score:High
CVE:2023-48275
Theme My Login 2FA
Plugin:Theme My Login 2FA
Plugin Slug:tml-2fa
Vulnerability:Bypass Vulnerability
Patched in Version:1.2
Severity Score:Medium
CVE:2023-6272
PowerPack Pro for Elementor
Plugin:PowerPack Pro for Elementor
Plugin Slug:powerpack-elements
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:2.9.24
Severity Score:High
CVE:2023-49739
JetProductGallery
Plugin:JetProductGallery
Plugin Slug:jet-woo-product-gallery
Vulnerability:Broken Access Control
Patched in Version:2.1.13.2
Severity Score:High
CVE:2023-48760
JetProductGallery
Plugin:JetProductGallery
Plugin Slug:jet-woo-product-gallery
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.1.13.2
Severity Score:Medium
CVE:2023-48762
JetProductGallery
Plugin:JetProductGallery
Plugin Slug:jet-woo-product-gallery
Vulnerability:Broken Access Control
Patched in Version:2.1.13.2
Severity Score:Medium
CVE:2023-48761
JetWooBuilder
Plugin:JetWooBuilder
Plugin Slug:jet-woo-builder
Vulnerability:Broken Access Control
Patched in Version:2.1.7.3
Severity Score:High
CVE:2023-48760
JetWooBuilder
Plugin:JetWooBuilder
Plugin Slug:jet-woo-builder
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.1.7.3
Severity Score:Medium
CVE:2023-48762
JetWooBuilder
Plugin:JetWooBuilder
Plugin Slug:jet-woo-builder
Vulnerability:Broken Access Control
Patched in Version:2.1.7.3
Severity Score:Medium
CVE:2023-48761
JetTricks
Plugin:JetTricks
Plugin Slug:jet-tricks
Vulnerability:Broken Access Control
Patched in Version:1.4.6.2
Severity Score:High
CVE:2023-48760
JetTricks
Plugin:JetTricks
Plugin Slug:jet-tricks
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:1.4.6.2
Severity Score:Medium
CVE:2023-48762
JetTricks
Plugin:JetTricks
Plugin Slug:jet-tricks
Vulnerability:Broken Access Control
Patched in Version:1.4.6.2
Severity Score:Medium
CVE:2023-48761
JetThemeCore
Plugin:JetThemeCore
Plugin Slug:jet-theme-core
Vulnerability:Broken Access Control
Patched in Version:2.1.2.2
Severity Score:High
CVE:2023-48760
JetThemeCore
Plugin:JetThemeCore
Plugin Slug:jet-theme-core
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.1.2.2
Severity Score:Medium
CVE:2023-48762
JetThemeCore
Plugin:JetThemeCore
Plugin Slug:jet-theme-core
Vulnerability:Broken Access Control
Patched in Version:2.1.2.2
Severity Score:Medium
CVE:2023-48761
JetTabs
Plugin:JetTabs
Plugin Slug:jet-tabs
Vulnerability:Broken Access Control
Patched in Version:2.1.25.2
Severity Score:High
CVE:2023-48760
JetTabs
Plugin:JetTabs
Plugin Slug:jet-tabs
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.1.25.2
Severity Score:Medium
CVE:2023-48762
JetTabs
Plugin:JetTabs
Plugin Slug:jet-tabs
Vulnerability:Broken Access Control
Patched in Version:2.1.25.2
Severity Score:Medium
CVE:2023-48761
JetSmartFilters
Plugin:JetSmartFilters
Plugin Slug:jet-smart-filters
Vulnerability:Broken Access Control
Patched in Version:3.2.2.1
Severity Score:High
CVE:2023-48760
JetSmartFilters
Plugin:JetSmartFilters
Plugin Slug:jet-smart-filters
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:3.2.2.1
Severity Score:Medium
CVE:2023-48762
JetSmartFilters
Plugin:JetSmartFilters
Plugin Slug:jet-smart-filters
Vulnerability:Broken Access Control
Patched in Version:3.2.2.1
Severity Score:Medium
CVE:2023-48761
JetSearch
Plugin:JetSearch
Plugin Slug:jet-search
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:3.1.2.1
Severity Score:Medium
CVE:2023-48762
JetSearch
Plugin:JetSearch
Plugin Slug:jet-search
Vulnerability:Broken Access Control
Patched in Version:3.1.2.1
Severity Score:Medium
CVE:2023-48761
JetReviews
Plugin:JetReviews
Plugin Slug:jet-reviews
Vulnerability:Broken Access Control
Patched in Version:2.3.2.1
Severity Score:High
CVE:2023-48760
JetReviews
Plugin:JetReviews
Plugin Slug:jet-reviews
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.3.2.1
Severity Score:Medium
CVE:2023-48762
JetReviews
Plugin:JetReviews
Plugin Slug:jet-reviews
Vulnerability:Broken Access Control
Patched in Version:2.3.2.1
Severity Score:Medium
CVE:2023-48761
JetPopup
Plugin:JetPopup
Plugin Slug:jet-popup
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.0.2.1
Severity Score:Medium
CVE:2023-48762
JetPopup
Plugin:JetPopup
Plugin Slug:jet-popup
Vulnerability:Broken Access Control
Patched in Version:2.0.2.1
Severity Score:Medium
CVE:2023-48761
JetMenu
Plugin:JetMenu
Plugin Slug:jet-menu
Vulnerability:Broken Access Control
Patched in Version:2.4.2
Severity Score:High
CVE:2023-48760
JetMenu
Plugin:JetMenu
Plugin Slug:jet-menu
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.4.2
Severity Score:Medium
CVE:2023-48762
JetMenu
Plugin:JetMenu
Plugin Slug:jet-menu
Vulnerability:Broken Access Control
Patched in Version:2.4.2
Severity Score:Medium
CVE:2023-48761
JetEngine
Plugin:JetEngine
Plugin Slug:jet-engine
Vulnerability:Privilege Escalation
Patched in Version:3.2.5
Severity Score:High
CVE:2023-48757
Plugin:JetEngine
Plugin Slug:jet-engine
Vulnerability:Broken Access Control
Patched in Version:3.2.5
Severity Score:High
CVE:2023-48758
JetEngine
Plugin:JetEngine
Plugin Slug:jet-engine
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:3.2.5.2
Severity Score:Medium
CVE:2023-48762
JetEngine
Plugin:JetEngine
Plugin Slug:jet-engine
Vulnerability:Broken Access Control
Patched in Version:3.2.5.2
Severity Score:Medium
CVE:2023-48761
JetElements For Elementor
Plugin:JetElements For Elementor
Plugin Slug:jet-elements
Vulnerability:Arbitrary File Download
Patched in Version:2.6.13.1
Severity Score:High
CVE:2023-48759
JetElements For Elementor
Plugin:JetElements For Elementor
Plugin Slug:jet-elements
Vulnerability:Broken Access Control
Patched in Version:2.6.13.1
Severity Score:High
CVE:2023-48760
JetElements For Elementor
Plugin:JetElements For Elementor
Plugin Slug:jet-elements
Vulnerability:Broken Access Control
Patched in Version:2.6.13.1
Severity Score:Medium
CVE:2023-48761
JetElements For Elementor
Plugin:JetElements For Elementor
Plugin Slug:jet-elements
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.6.13.1
Severity Score:Medium
CVE:2023-48762
JetCompareWishlist
Plugin:JetCompareWishlist
Plugin Slug:jet-compare-wishlist
Vulnerability:Broken Access Control
Patched in Version:1.5.5.2
Severity Score:High
CVE:2023-48760
JetCompareWishlist
Plugin:JetCompareWishlist
Plugin Slug:jet-compare-wishlist
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:1.5.5.2
Severity Score:Medium
CVE:2023-48762
JetCompareWishlist
Plugin:JetCompareWishlist
Plugin Slug:jet-compare-wishlist
Vulnerability:Broken Access Control
Patched in Version:1.5.5.2
Severity Score:Medium
CVE:2023-48761
JetBlog
Plugin:JetBlog
Plugin Slug:jet-blog
Vulnerability:Broken Access Control
Patched in Version:2.3.5.1
Severity Score:High
CVE:2023-48760
JetBlog
Plugin:JetBlog
Plugin Slug:jet-blog
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:2.3.5.1
Severity Score:Medium
CVE:2023-48762
JetBlog
Plugin:JetBlog
Plugin Slug:jet-blog
Vulnerability:Broken Access Control
Patched in Version:2.3.5.1
Severity Score:Medium
CVE:2023-48761
JetBlocks For Elementor
Plugin:JetBlocks For Elementor
Plugin Slug:jet-blocks
Vulnerability:Cross Site Scripting (XSS)
Patched in Version:1.3.8.1
Severity Score:High
CVE:2023-48756
JetBlocks For Elementor
Plugin:JetBlocks For Elementor
Plugin Slug:jet-blocks
Vulnerability:Broken Access Control
Patched in Version:1.3.8.1
Severity Score:High
CVE:2023-48760
JetBlocks For Elementor
Plugin:JetBlocks For Elementor
Plugin Slug:jet-blocks
Vulnerability:Cross Site Request Forgery (CSRF)
Patched in Version:1.3.8.1
Severity Score:Medium
CVE:2023-48762
JetBlocks For Elementor
Plugin:JetBlocks For Elementor
Plugin Slug:jet-blocks
Vulnerability:Broken Access Control
Patched in Version:1.3.8.1
Severity Score:Medium
CVE:2023-48761