Wordfence Intelligence Weekly WordPress Vulnerability Report (October 14, 2024 to October 20, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024:

All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
Top-tier researchers earn automatic bonuses of between 10% to 120% for valid submissions
Pending report limits are increased for all
It’s possible to earn up to $31,200 for high impact vulnerabilities!

Last week, there were 223 vulnerabilities disclosed in 207 WordPress Plugins and 4 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 52 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 19,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our PremiumCare, and Response customers last week:

WAF-RULE-756 – Data redacted while we work with the vendor on a patch.

Wordfence PremiumCare, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status
Number of Vulnerabilities

Patched
97

Unpatched
126

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating
Number of Vulnerabilities

Medium Severity
152

High Severity
39

Critical Severity
32

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE
Number of Vulnerabilities

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
100

Cross-Site Request Forgery (CSRF)
32

Unrestricted Upload of File with Dangerous Type
17

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
15

Missing Authorization
12

Deserialization of Untrusted Data
10

Exposure of Sensitive Information to an Unauthorized Actor
7

Improper Control of Generation of Code (‘Code Injection’)
5

Authentication Bypass Using an Alternate Path or Channel
4

Authorization Bypass Through User-Controlled Key
4

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
4

Incorrect Privilege Assignment
4

Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
3

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
1

Improper Check or Handling of Exceptional Conditions
1

Improper Privilege Management
1

Reliance on Cookies without Validation and Integrity Checking in a Security Decision
1

Server-Side Request Forgery (SSRF)
1

Weak Password Recovery Mechanism for Forgotten Password
1

Researchers That Contributed to WordPress Security Last Week

Researcher Name
Number of Vulnerabilities

24

22

18

16

13

12

8

6

6

6

6

5

4

4

4

4

4

4

4

3

3

Gab

3

3

2

2

2

2

2

2

2

2

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

UKO

1

1

1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name
Software Slug

AADMY – Add Auto Date Month Year Into Posts

auto-date-year-month

AB Categories Search Widget

ab-categories-search-widget

Accordion Slider

accordion-slider

Ad Inserter – Ad Manager & AdSense Ads

ad-inserter

Add Categories Post Footer

add-categories-post-footer

Add Widget After Content

add-widget-after-content

Adding drop down roles in registration

user-drop-down-roles-in-registration

ADIF Log Search Widget

adif-log-search-widget

Admin Management Xtended

admin-management-xtended

Advanced Advertising System

advanced-advertising-system

Advanced Category and Custom Taxonomy Image

advanced-category-and-custom-taxonomy-image

Advanced Custom Fields

advanced-custom-fields

Advanced Custom Fields Pro

advanced-custom-fields-pro

Affiliator

affiliator-lite

Ahime Image Printer

ahime-image-printer

Ahmeti Wp Timeline

ahmeti-wp-timeline

Ajax Custom CSS/JS

ajax-awesome-css

Ajax Rating with Custom Login

ajax-rating-with-custom-login

ajax-extend

ajax-extend

Akismet htaccess writer

akismet-htaccess-writer

Analyse Uploads

analyse-uploads

Animator – Scroll Triggered Animations

scroll-triggered-animations

Apa Banner Slider

apa-banner-slider

APA Register Newsletter Form

apa-register-newsletter-form

Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin

simply-schedule-appointments

AppPresser – Mobile App Framework

apppresser

Arconix Shortcodes

arconix-shortcodes

Arkhe Blocks

arkhe-blocks

Author Discussion

author-discussion

Awesome Contact Form7 for Elementor

awesome-contact-form7-for-elementor

Azz Anonim Posting

azz-anonim-posting

Back Link Tracker

back-link-tracker

Better Author Bio

better-author-bio

Booking.com Banner Creator

bookingcom-banner-creator

Branding

branding

BuddyPress Better Registration

better-bp-registration

Bulk images optimizer: Resize, optimize, convert to webp, rename …

bulk-image-resizer

bVerse Convert

bverse-convert

Calculated Fields Form

calculated-fields-form

CJ Change Howdy

cj-change-howdy

Click to Chat – WP Support All-in-One Floating Widget

support-chat

Clio Grow Form

clio-grow-form

Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors

publishpress-authors

Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App

peepso-core

Community Lite Video Chat

avchat-3

Contact Form by Supsystic

contact-form-by-supsystic

Contact Forms, Live Support, CRM, Video Messages

live-support-tickets

Cooked Pro

cooked-pro

Cookie Scanner – automated cookie list

cookie-scanner

Country Flags for Elementor

country-flags-for-elementor

Crazy Call To Action Box

crazy-call-to-action-box

cSlider

cslider

CSV Product Import Export for WooCommerce

csv-wc-product-import-export

CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 8.x

woo-multi-currency

Custom Add to Cart Button Label and Link

woo-custom-cart-button

Customer Email Verification for WooCommerce

emails-verification-for-woocommerce

Da Reactions

da-reactions

Debrandify · Remove or Replace WordPress Branding

debrandify

Digital Lottery

digital-lottery

Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons

woo-discount-rules

DPD Baltic Shipping

woo-shipping-dpd-baltic

Duplicate Title Validate

duplicate-title-validate

Dynamic Elementor Addons

dynamic-elementor-addons

Easy Addons for Elementor

easy-addons-for-elementor

Easy Menu Manager | WPZest

easy-menu-manager-wpzest

Edit WooCommerce Templates

woo-edit-templates

Edwiser Bridge – WordPress Moodle LMS Integration

edwiser-bridge

El mejor Cluster

mejorcluster

Elemenda

elemenda

ElementInvader Addons for Elementor

elementinvader-addons-for-elementor

Elementor Website Builder – More than Just a Page Builder

elementor

ElementsReady Addons for Elementor

element-ready-lite

Email Template Customizer for WooCommerce

email-template-customizer-for-woo

Encyclopedia / Glossary / Wiki

encyclopedia-lexicon-glossary-wiki-dictionary

Endless Posts Navigation

endless-posts-navigation

EventON Pro

eventon

Events Addon for Elementor

events-addon-for-elementor

Exclusive Addons for Elementor

exclusive-addons-for-elementor

Feed Comments Number

feed-comments-number

FERMA.ru.net

ferma-ru-net-checkout

File Manager Pro

wp-file-manager-pro

Flat UI Button

flat-ui-button

Flexmls® IDX Plugin

flexmls-idx

Fonto – Custom Web Fonts Manager

fonto

Forminator Forms – Contact Form, Payment Form & Custom Form Builder

forminator

FREE DOWNLOAD MANAGER

free-download-manager

Free Stock Photos Foter

free-stock-photos-foter

G Meta Keywords

g-meta-keywords

Gantry 4 Framework

gantry

GERRYWORKS Post by Mail

gerryworks-post-by-mail

GetResponse Forms by Optin Cat

getresponse

Giveaway Boost

giveaway-boost

GiveWP – Donation Plugin and Fundraising Platform

give

Google Map Locations

google-map-locations

GoogleDrive folder list

googledrive-folder-list

Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file

htaccess-file-editor

Hyperlink Group Block

hyperlink-group-block

IdeaPush

ideapush

Infinite-Scroll

infinite-scroll

Jetpack – WP Security, Backup, Speed, & Growth

jetpack

JiangQie Free Mini Program

jiangqie-free-mini-program

Job Board Manager for WordPress

jemployee

Kama SpamBlock

kama-spamblock

Leyka

leyka

Lightbox slider – Responsive Lightbox Gallery

simple-lightbox-gallery

Limb Gallery | Create Beautiful Image & Video Galleries

limb-gallery

Linked Variation for WooCommerce

linked-variation-for-woocommerce

Locatoraid Store Locator

locatoraid

Maan Addons For Elementor

maan-elementor-addons

MAS Companies For WP Job Manager

mas-wp-job-manager-company

MAS Elementor

mas-addons-for-elementor

Mighty Builder – Drag & Drop WordPress Page Builder

mighty-builder

Miniorange OTP Verification with Firebase

miniorange-firebase-sms-otp-verification

Mitm Bug Tracker

mitm-bug-tracker

Most And Least Read Posts Widget

most-and-least-read-posts-widget

Multiline files upload for contact form 7

multiline-files-for-contact-form-7

My Favorites

my-favorites

My Reading Library

my-reading-library

MyTweetLinks

mytweetlinks

Nextend Social Login Pro

nextend-social-login-pro

Nice Backgrounds

nicebackgrounds

Omnipress

omnipress

Parallax Image

parallax-image

Parcel Pro

woo-parcel-pro

PeproDev Ultimate Invoice

pepro-ultimate-invoice

Photo Gallery Builder

photo-gallery-builder

Photo Gallery Slideshow & Masonry Tiled Gallery

wp-responsive-photo-gallery

photokit

photokit

Pinpoint Booking System – WordPress Booking Plugin

booking-system

Plexx Elementor Extension

plexx-elementor-extension

Plugin Name: Sovratec Case Management

sovratec-case-management

Point Maker

point-maker

Post From Frontend

post-from-frontend

Primary Addon for Elementor

primary-addon-for-elementor

Product Customizer Light

product-customizer-light

Product Website Showcase

product-websites-showcase

ProfileGrid – User Profiles, Groups and Communities

profilegrid-user-profiles-groups-and-communities

Property Lot Management System

plms

Rate Own Post

rate-own-post

Recently – Viewed, Most Viewed and Sold Products for WooCommerce

recently-viewed-most-viewed-and-sold-products-for-woocommerce

ReDi Restaurant Reservation

redi-restaurant-reservation

Responsive Lightbox & Gallery

responsive-lightbox

Responsive Pricing Table Builder – wpPricing Builder

wppricing-builder-lite-responsive-pricing-table-builder

Royal Elementor Addons and Templates

royal-elementor-addons

RS-Members

rs-members

RSS Feed Widget

rss-feed-widget

SafetyForms – Create forms with Real-time Email Validation

safetymails-forms

Secure Custom Fields

advanced-custom-fields

SendGrid for WordPress

wp-sendgrid-mailer

SendPulse Free Web Push

sendpulse-web-push

SEO Manager

seo-manager

SermonAudio Widgets

sermonaudio-widgets

Shipyaari Shipping Management

shipyaari-shipping-managment

Simple Code Insert Shortcode

simple-code-insert-shortcode

Simple Custom Post Order

simple-custom-post-order

Simple Testimonials Showcase

simple-testimonials-showcase

Simple User Registration

wp-registration

Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)

sina-extension-for-elementor

SiteBuilder Dynamic Components

sitebuilder-dynamic-components

SlimStat Analytics

wp-slimstat

Smart Blocks

smart-blocks

Smart Online Order for Clover

clover-online-orders

Social Auto Poster

social-auto-poster

Social Link Groups

social-link-groups

Social Share With Floating Bar

social-share-with-floating-bar

StreamWeasels Twitch Integration

streamweasels-twitch-integration

Suki Sites Import

suki-sites-import

Surfer – WordPress Plugin

surferseo

SW Contact Form

sw-contact-form

Table of Contents Plus

table-of-contents-plus

TAKETIN To WP Membership

taketin-to-wp-membership

The Ultimate WordPress Toolkit – WP Extended

wpextended

Themesflat Addons For Elementor

themesflat-addons-for-elementor

Time Clock Pro

time-clock-pro

Time Clock – A WordPress Employee & Volunteer Time Clock Plugin

time-clock

Tito

tito

Ultimate AI

Ultimate_AI

UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode)

ultraaddons-elementor-lite

Unlimited Addon For Elementor

unlimited-addon-for-elementor

Unlimited Elements For Elementor (Free Widgets, Addons, Templates)

unlimited-elements-for-elementor

VKontakte Wall Post

vkontakte-wall-post

VOD Infomaniak

vod-infomaniak

Woo Manage Fraud Orders

woo-manage-fraud-orders

WooCommerce

woocommerce

Woostagram Connect

woostagram-connect

WordPress Image SEO

wp-image-seo

WordPress Portfolio Builder – Portfolio Gallery

uber-grid

WordPress Social Share Buttons

share-button

WordPress Video

wordpress-video

WP 2FA with Telegram

two-factor-login-telegram

WP Content Copy Protection & No Right Click

wp-content-copy-protector

WP Dropbox Dropins

wp-dropbox-dropins

WP Easy Post Types

easy-post-types

WP Education – Education WordPress Plugin for Elementor

wp-education

WP Photo Album Plus

wp-photo-album-plus

WP Popup Builder – Popup Forms and Marketing Lead Generation

wp-popup-builder

WP REST API FNS Plugin

rest-api-fns

WP SendFox

wp-sendfox

WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin

timetics

WP ULike – All-in-One Engagement Toolkit

wp-ulike

WP VR – 360 Panorama and Virtual Tour Builder For WordPress

wpvr

WP-Spreadplugin

wp-spreadplugin

WPIDE – File Manager & Code Editor

wpide

Wsify widget

wsify-widget

Zita Elementor Site Library

zita-site-library

Zoho CRM Lead Magnet

zoho-crm-forms

افزونه پیامک ووکامرس Persian WooCommerce SMS

persian-woocommerce-sms

WordPress Themes with Reported Vulnerabilities Last Week

Software Name
Software Slug

Digitally

digitally

Disconnected

disconnected

my flatonica

my-flatonica

my wooden under construction

my-wooden-under-construction

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49217
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49624
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Advanced Advertising System
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49326
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Affiliator
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49245
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ahime Image Printer
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49254
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
ajax-extend
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49253
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Analyse Uploads
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49257
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Azz Anonim Posting
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49247
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
BuddyPress Better Registration
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49291
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49242
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Digital Lottery
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49216
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Feed Comments Number
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49332
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Giveaway Boost
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49314
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
JiangQie Free Mini Program
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49322
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9862
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49318
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
My Reading Library
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9893
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Nextend Social Login Pro
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49610
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
photokit
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49611
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Product Website Showcase
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49218
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49626
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Shipyaari Shipping Management
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49604
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Simple User Registration
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49625
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
SiteBuilder Dynamic Components
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49324
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9105
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Ultimate AI
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49327
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49607
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Dropbox Dropins
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49328
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
Researcher
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-49329
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP REST API FNS Plugin
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49622
Patch Status
Unpatched
Published
Oct 17, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49621
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49617
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49623
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Duplicate Title Validate
Researcher(s): Unknown
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49243
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49620
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
FERMA.ru.net
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-8507
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49227
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Free Stock Photos Foter
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49608
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
GERRYWORKS Post by Mail
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49251
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49618
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
MyTweetLinks
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49330
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Nice Backgrounds
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49317
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Point Maker
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49616
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Rate Own Post
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49219
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
RS-Members
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49615
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49614
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49613
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49619
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Social Link Groups
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49612
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
SW Contact Form
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49226
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
TAKETIN To WP Membership
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-49260
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-9687
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WP 2FA with Telegram
Researcher
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10079
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-9305
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-9861
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49246
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ajax Rating with Custom Login
Researcher
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49305
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-8746
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-49315
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
FREE DOWNLOAD MANAGER
Researcher
CVSS Rating
High (7.4)
CVE-ID
CVE-2024-8918
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
File Manager Pro
CVSS Rating
High (7.3)
CVE-ID
CVE-2024-9837
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-49331
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Property Lot Management System
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-9184
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
SendPulse Free Web Push
Researcher
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-9548
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
SlimStat Analytics
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49609
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Author Discussion
Researcher(s): Unknown
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49244
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49258
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-9820
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WP 2FA with Telegram
Researcher
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-49297
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9582
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Accordion Slider
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49307
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9703
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Arconix Shortcodes
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49261
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Arkhe Blocks
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49319
Patch Status
Patched
Published
Oct 15, 2024
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49265
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Booking.com Banner Creator
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9452
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Branding
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49228
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
bVerse Convert
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49289
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49262
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49236
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Crazy Call To Action Box
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49296
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49255
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Da Reactions
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49631
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Easy Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9366
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Easy Menu Manager | WPZest
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49312
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49232
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
El mejor Cluster
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9373
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Elemenda
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9444
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49264
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49292
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Exclusive Addons for Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10014
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Flat UI Button
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8920
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49301
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
G Meta Keywords
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49279
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Hyperlink Group Block
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49280
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49233
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
MAS Elementor
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-48049
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49263
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
My Favorites
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49278
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Omnipress
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9898
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Parallax Image
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49298
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
PeproDev Ultimate Invoice
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49234
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Plexx Elementor Extension
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49259
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9848
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Product Customizer Light
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49282
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Responsive Lightbox & Gallery
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10057
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
RSS Feed Widget
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9521
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
SEO Manager
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49270
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Smart Blocks
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9895
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Smart Online Order for Clover
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8916
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Suki Sites Import
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49310
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49241
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Tito
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49267
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49302
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49231
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
WordPress Video
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10080
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49630
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-49225
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8921
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Zita Elementor Site Library
Researcher
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-10078
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
WP Easy Post Types
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49240
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
AB Categories Search Widget
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49248
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49239
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Add Categories Post Footer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49238
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
ADIF Log Search Widget
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49237
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ahmeti Wp Timeline
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49230
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Ajax Custom CSS/JS
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49316
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Akismet htaccess writer
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49308
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49605
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
Community Lite Video Chat
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49223
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
CJ Change Howdy
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49276
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Clio Grow Form
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49220
Patch Status
Unpatched
Published
Oct 14, 2024
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49221
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
cSlider
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49283
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49309
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Digitally
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49268
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Disconnected
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9350
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
DPD Baltic Shipping
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10049
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Edit WooCommerce Templates
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49320
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Encyclopedia / Glossary / Wiki
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8719
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Flexmls® IDX Plugin
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9382
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Gantry 4 Framework
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8740
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
GetResponse Forms by Optin Cat
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49606
Patch Status
Unpatched
Published
Oct 18, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49335
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
GoogleDrive folder list
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9647
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Kama SpamBlock
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9652
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Locatoraid Store Locator
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9206
Patch Status
Patched
Published
Oct 17, 2024
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49224
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Mitm Bug Tracker
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49269
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9383
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Parcel Pro
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9213
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49304
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9240
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
ReDi Restaurant Reservation
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8787
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Smart Online Order for Clover
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8790
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Social Share With Floating Bar
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9347
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-49313
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
VKontakte Wall Post
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9937
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Woo Manage Fraud Orders
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9951
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
WP Photo Album Plus
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9219
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
WordPress Social Share Buttons
Researcher
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-48048
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Wsify widget
Researcher
CVSS Rating
Medium (5.6)
CVE-ID
CVE-2024-9104
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Ultimate AI
Researcher
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-49266
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
WP-Spreadplugin
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-49229
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Better Author Bio
Researcher
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-9888
Patch Status
Patched
Published
Oct 15, 2024
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9940
Patch Status
Patched
Published
Oct 16, 2024
Affected Software
Calculated Fields Form
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-49235
Patch Status
Unpatched
Published
Oct 14, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10040
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Infinite-Scroll
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9689
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Post From Frontend
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9944
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
WooCommerce
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-49284
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
WP SendFox
Researcher
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-9546
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2019-25218
Patch Status
Patched
Published
Oct 18, 2024
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2024-49299
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Surfer – WordPress Plugin
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-9892
Patch Status
Patched
Published
Oct 17, 2024
Affected Software
Add Widget After Content
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-48046
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Contact Form by Supsystic
Researcher
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-49288
Patch Status
Unpatched
Published
Oct 15, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-49295
Patch Status
Unpatched
Published
Oct 15, 2024
Affected Software
Simple Testimonials Showcase
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49290
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Cooked Pro
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9889
Patch Status
Patched
Published
Oct 18, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6757
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49629
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
Endless Posts Navigation
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2023-6243
Patch Status
Patched
Published
Oct 18, 2024
Affected Software
EventON Pro
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49256
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49275
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
IdeaPush
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
Unknown
Patch Status
Patched
Published
Oct 14, 2024
Researcher(s): Unknown
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49252
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Leyka
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-48047
Patch Status
Unpatched
Published
Oct 14, 2024
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49628
Patch Status
Patched
Published
Oct 18, 2024
Researcher(s): Unknown
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49325
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
Photo Gallery Builder
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49273
Patch Status
Patched
Published
Oct 14, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-7417
Patch Status
Patched
Published
Oct 16, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9364
Patch Status
Unpatched
Published
Oct 17, 2024
Affected Software
SendGrid for WordPress
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49321
Patch Status
Patched
Published
Oct 15, 2024
Affected Software
Simple Custom Post Order
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49272
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
Social Auto Poster
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49250
Patch Status
Unpatched
Published
Oct 14, 2024
Affected Software
Table of Contents Plus
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49274
Patch Status
Patched
Published
Oct 14, 2024
Affected Software
VOD Infomaniak
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49627
Patch Status
Unpatched
Published
Oct 18, 2024
Affected Software
WordPress Image SEO
Researcher
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49306
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-9649
Patch Status
Patched
Published
Oct 15, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-49293
Patch Status
Patched
Published
Oct 15, 2024

As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (October 14, 2024 to October 20, 2024) appeared first on Wordfence.

Leave a Comment