Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024:
All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
Top-tier researchers earn automatic bonuses of between 10% to 120% for valid submissions
Pending report limits are increased for all
It’s possible to earn up to $31,200 for high impact vulnerabilities!
Last week, there were 161 vulnerabilities disclosed in 147 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 19,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Patched
127
Unpatched
34
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Medium Severity
141
High Severity
15
Critical Severity
5
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
121
Missing Authorization
9
Deserialization of Untrusted Data
5
Cross-Site Request Forgery (CSRF)
4
Unrestricted Upload of File with Dangerous Type
4
URL Redirection to Untrusted Site (‘Open Redirect’)
4
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
3
Authentication Bypass Using an Alternate Path or Channel
2
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
2
Improper Control of Generation of Code (‘Code Injection’)
2
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
2
Improper Neutralization of Alternate XSS Syntax
1
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
1
Improper Privilege Management
1
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
22
21
12
8
6
6
5
5
4
4
4
4
4
3
3
3
3
3
3
3
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
123.chat – Video Chat
123-chat-videochat
Advanced Woo Labels – Product Labels for WooCommerce
advanced-woo-labels
Affiliate Program Suite — SliceWP Affiliates
slicewp
Aggregator Advanced Settings
aggregator-advanced-settings
Author Avatars List/Block
author-avatars
Auto Amazon Links – Amazon Associates Affiliate Plugin
amazon-auto-links
Auto Featured Image from Title
auto-featured-image-from-title
Automatically Hierarchic Categories in Menu
automatically-hierarchic-categories-in-menu
AVIF Uploader
avif-support
BA Book Everything
ba-book-everything
BerqWP – Automated All-In-One PageSpeed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript
searchpro
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress
file-manager
BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed
blockspare
Bold Page Builder
bold-page-builder
Broken Link Checker
broken-link-checker
BSK Forms Blacklist
bsk-gravityforms-blacklist
CartBounty – Save and recover abandoned carts for WooCommerce
woo-save-abandoned-carts
Checkout Field Editor (Checkout Manager) for WooCommerce
woo-checkout-field-editor-pro
Clio Grow Form
clio-grow-form
Code Embed
simple-embed-code
Confetti Fall Animation
confetti-fall-animation
Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder
fluentform
Copyscape Premium
copyscape-premium
Cozy Blocks – Page Builder for Gutenberg & Site Editor, Post Blocks, WooCommerce Blocks, Magazine Blocks, WordPress Gutenberg Blocks, Patterns and Templates Library
cozy-addons
Custom Banners
custom-banners
Demo Importer Plus
demo-importer-plus
DethemeKit For Elementor
dethemekit-for-elementor
Display Medium Posts
display-medium-posts
DK PDF
dk-pdf
Easy Demo Importer – A Modern One-Click Demo Import Solution
easy-demo-importer
Easy Load More
easy-load-more
Easy WordPress Subscribe – Optin Hound
opt-in-hound
Echo RSS Feed Post Generator
rss-feed-post-generator-echo
Elastik Page Builder
elastik-page-builder
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)
bdthemes-element-pack-lite
ElementInvader Addons for Elementor
elementinvader-addons-for-elementor
Elementor Addon Elements
addon-elements-for-elementor-page-builder
ElementsReady Addons for Elementor
element-ready-lite
Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce
email-subscribers
Enter Addons – Ultimate Template Builder for Elementor
enteraddons
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
essential-blocks
EventPrime – Events Calendar, Bookings and Tickets
eventprime-event-calendar-management
FAQ / Accordion / Docs / KB – Helpie WordPress FAQ Accordion plugin
helpie-faq
Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate
fish-and-ships
Form plugin for WordPress – Zoho Forms
zoho-forms
Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials
stars-testimonials-with-slider-and-masonry-grid
Gallery Lightbox
gallery-lightbox-slider
Geo Mashup
geo-mashup
Gravity Forms Toolbar
gravity-forms-toolbar
Guten Post Layout – An Advanced Post Grid Collection
guten-post-layout
Happy Addons for Elementor
happy-elementor-addons
Hash Form – Drag & Drop Form Builder
hash-form
Hello World
hello-world
Ibtana – WordPress Website Builder
ibtana-visual-editor
Iconize
iconize
Include Fussball.de Widgets
include-fussball-de-widgets
Jeg Elementor Kit
jeg-elementor-kit
JobSearch WP Job Board
wp-jobsearch
KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin
kb-support
Keap Official Opt-in Forms
infusionsoft-official-opt-in-forms
LA-Studio Element Kit for Elementor
lastudio-element-kit
LH Copy Media File
lh-copy-media-file
LiteSpeed Cache
litespeed-cache
LocateAndFilter
locateandfilter
Loggedin – Limit Active Logins
loggedin
Login Logout Shortcode
login-logout-shortcode
Logo Carousel – Clients logo carousel for WP
responsive-client-logo-carousel-slider
Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid
magazine-blocks
MaxSlider
maxslider
MC4WP: Mailchimp Top Bar
mailchimp-top-bar
Memberful – Membership Plugin
memberful-wp
Move Addons for Elementor
move-addons
NEX-Forms – Ultimate Form Builder – Contact forms and much more
nex-forms-express-wp-form-builder
Online Booking & Scheduling Calendar for WordPress by vcita
meeting-scheduler-by-vcita
Page-list
page-list
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction
paid-member-subscriptions
Payflex Payment Gateway
payflex-payment-gateway
PDF Image Generator
pdf-image-generator
Popularis Extra
popularis-extra
Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder
popup-maker
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)
buddyforms
Premium Blocks – Gutenberg Blocks for WordPress
premium-blocks-for-gutenberg
Product Delivery Date for WooCommerce – Lite
product-delivery-date-for-woocommerce-lite
PWA — easy way to Progressive Web App
iworks-pwa
QS Dark Mode Plugin
qs-dark-mode
Quantity Dynamic Pricing & Bulk Discounts for WooCommerce
wholesale-pricing-woocommerce
Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress
quillforms
R Animated Icon Plugin
r-animated-icon
RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more
rabbit-loader
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
seo-by-rank-math
Re:WP
rewp
Relogo
relogo
Robokassa payment gateway for Woocommerce
robokassa
RomethemeKit For Elementor
rometheme-for-elementor
RumbleTalk Live Group Chat – HTML5
rumbletalk-chat-a-chat-with-themes
Search Analytics for WP
search-analytics
Search Atlas SEO – Best SEO Plugin for One-Click WP Publishing & Integrated AI Optimization
metasync
SEOPress – On-site SEO
wp-seopress
ShiftController Employee Shift Scheduling
shiftcontroller
Shortcodes and extra features for Phlox theme
auxin-elements
Simple Membership After Login Redirection
simple-membership-after-login-redirection
Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel
depicter
Slider Revolution
revslider
Slideshow Gallery LITE
slideshow-gallery
Smart Custom 404 Error Page
404page
Social Auto Poster
social-auto-poster
Social Web Suite – Social Media Auto Post, Social Media Auto Publish
social-web-suite
Soumettre.fr
soumettre-fr
Spice Starter Sites
spice-starter-sites
Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More
woocommerce-exporter
Strong Testimonials
strong-testimonials
SVG Complete
svg-complete
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)
the-pack-addon
The Ultimate WordPress Toolkit – WP Extended
wpextended
Themify Builder
themify-builder
TinyPNG – JPEG, PNG & WebP image compression
tiny-compress-images
TNC PDF viewer
pdf-viewer-by-themencode
Top Bar – PopUps – by WPOptin
wpoptin
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
ultimate-member
Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider
ultimate-store-kit
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
unlimited-elements-for-elementor
VdoCipher: Secure Video Player and Hosting
vdocipher
Visual CSS Style Editor
yellow-pencil-visual-theme-customizer
Web Directory Free
web-directory-free
Wechat Social login 微信QQ钉钉登录插件
wechat-social-login
WordPress & WooCommerce Affiliate Program
wp-wc-affiliate-program
WordPress Captcha Plugin by Captcha Bank
captcha-bank
WordPress Infinite Scroll – Ajax Load More
ajax-load-more
WP Blocks Hub
wp-blocks-hub
WP Booking Calendar
booking
WP Bulk Delete
wp-bulk-delete
WP Cleanup and Basic Functions
wp-cleanup-and-basic-functions
WP Compress – Instant Performance & Speed Optimization
wp-compress-image-optimizer
WP Easy Gallery – WordPress Gallery Plugin
wp-easy-gallery
WP Hotel Booking
wp-hotel-booking
WP MyLinks
wp-mylinks
WP Travel Gutenberg Blocks
wp-travel-blocks
WP-Lister Lite for eBay
wp-lister-for-ebay
WP-WebAuthn
wp-webauthn
WPCOM Member
wpcom-member
WPMobile.App — Android and iOS Mobile Application
wpappninja
XLTab – Accordions and Tabs for Elementor Page Builder
xl-tab
XO Slider
xo-liteslider
YITH WooCommerce Ajax Search
yith-woocommerce-ajax-search
YITH WooCommerce Product Add-Ons
yith-woocommerce-product-add-ons
YML for Yandex Market
yml-for-yandex-market
Zotpress
zotpress
WordPress Themes with Reported Vulnerabilities Last Week
Software Name
Software Slug
Create
create
Empowerment
empowerment
Full Frame
full-frame
UltraPress
ultrapress
Unseen Blog
unseen-blog
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9265
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-47636
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9106
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9108
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-9289
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-7433
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-47351
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-7434
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-7432
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-9018
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-7855
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-8548
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-47645
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-8352
Patch Status
Patched
Published
Oct 2, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-47350
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-7869
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-47649
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-47374
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-9314
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
High (7.1)
CVE-ID
CVE-2024-8981
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.8)
CVE-ID
CVE-2024-8743
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-9224
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-8632
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-9161
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47622
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9368
Patch Status
Unpatched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47370
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47365
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9060
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47363
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47391
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8804
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47641
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47355
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47356
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9172
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47632
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9445
Patch Status
Unpatched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9071
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9274
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47392
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47630
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47366
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47625
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47385
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-44010
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47623
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8990
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8288
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47357
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8282
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47643
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47390
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47642
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47628
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47373
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9304
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9421
Patch Status
Unpatched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47631
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9242
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47364
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47382
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47368
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8967
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9118
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47393
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9272
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9271
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9269
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47626
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8720
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8486
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8107
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8989
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9119
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47383
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8519
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47629
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47639
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8505
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9372
Patch Status
Unpatched
Published
Oct 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9455
Patch Status
Unpatched
Published
Oct 4, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47627
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47650
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47375
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8324
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47633
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-47621
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9349
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8786
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47360
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9344
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47624
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8802
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47644
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8799
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8727
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8728
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9267
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47353
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47648
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9237
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8718
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9417
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47394
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9220
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9228
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9218
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9210
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47389
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47638
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9222
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47646
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9241
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9353
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9345
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9384
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8800
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47395
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9225
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9435
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47354
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47388
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9204
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47369
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-8793
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47386
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9385
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-45454
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47379
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9375
Patch Status
Unpatched
Published
Oct 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47352
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47384
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9209
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47380
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47378
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47349
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47348
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-47367
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9378
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-8254
Patch Status
Patched
Published
Oct 1, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-47359
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-47358
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-8430
Patch Status
Unpatched
Published
Sep 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-8520
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (4.9)
CVE-ID
CVE-2024-9528
Patch Status
Patched
Published
Oct 4, 2024
CVSS Rating
Medium (4.7)
CVE-ID
CVE-2024-8499
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47647
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47377
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47381
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47387
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47376
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47372
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-9306
Patch Status
Patched
Published
Oct 3, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-47371
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-47634
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-47361
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-47637
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-8675
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-47362
Patch Status
Patched
Published
Sep 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-47635
Patch Status
Patched
Published
Sep 30, 2024
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (September 30, 2024 to October 6, 2024) appeared first on Wordfence.