Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
Last week, there were 162 vulnerabilities disclosed in 143 WordPress Plugins and 7 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 71 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 16,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
WAF-RULE-698 – Data redacted while we work with the vendor on a patch.
WAF-RULE-696 – Data redacted while we work with the vendor on a patch.
WAF-RULE-693 – Data redacted while we work with the vendor on a patch.
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Patched
107
Unpatched
55
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Medium Severity
145
High Severity
14
Critical Severity
3
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
81
Missing Authorization
38
Cross-Site Request Forgery (CSRF)
8
Deserialization of Untrusted Data
5
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
5
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
4
Information Exposure
3
Improper Access Control
2
Improper Control of Generation of Code (‘Code Injection’)
2
Server-Side Request Forgery (SSRF)
2
URL Redirection to Untrusted Site (‘Open Redirect’)
2
Authorization Bypass Through User-Controlled Key
1
Exposure of System Data to an Unauthorized Control Sphere
1
External Control of Assumed-Immutable Web Parameter
1
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’)
1
Improper Input Validation
1
Information Exposure Through Log Files
1
Insecure Storage of Sensitive Information
1
Unrestricted Upload of File with Dangerous Type
1
Use of Insufficiently Random Values
1
Use of Less Trusted Source
1
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
16
15
11
10
8
8
8
7
7
6
5
5
4
4
4
3
3
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
3D FlipBook – PDF Flipbook WordPress
interactive-3d-flipbook-powered-physics-engine
5280 Bootstrap Modal Contact Form
5280-bootstrap-modal-contact-form
AA Cash Calculator
aa-calculator
Academy LMS – eLearning and online course solution for WordPress
academy
ACF Front End Editor
acf-front-end-editor
ACF On-The-Go
acf-on-the-go
Admin Page Spider
admin-page-spider
AJAX Login and Registration modal popup + inline form
ajax-login-and-registration-modal-popup
All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic
all-in-one-seo-pack
All-in-One Addons for Elementor – WidgetKit
widgetkit-for-elementor
All-in-One Video Gallery
all-in-one-video-gallery
Alt Text AI – Automatically generate image alt text for SEO and accessibility
alttext-ai
Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy)
wp-analytify
AnnounceKit
announcekit
Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms
stop-spammer-registrations-plugin
Archives Calendar Widget
archives-calendar-widget
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
armember-membership
AWeber for WooCommerce
woocommerce-aweber-newsletter-subscription
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader.
barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
Booster Extension
booster-extension
Booster for WooCommerce
woocommerce-jetpack
Breakdance
breakdance
BuddyPress
buddypress
Button contact VR
button-contact-vr
Calendar
calendar
Carousel Slider
carousel-slider
ChatBot Conversational Forms
conversational-forms
CodeBard’s Patron Button and Widgets for Patreon
patron-button-and-widgets-by-codebard
Contact Form by WPForms – Drag & Drop Form Builder for WordPress
wpforms-lite
ConvertPlus
convertplug
Cost Calculator Builder PRO
cost-calculator-builder-pro
CPO Companion
cpo-companion
Custom WooCommerce Checkout Fields Editor
add-fields-to-checkout-page-woocommerce
Customer Email Verification for WooCommerce
emails-verification-for-woocommerce
Debug Log Manager
debug-log-manager
Democracy Poll
democracy-poll
Different Menu in Different Pages – Control Menu Visibility (All in One)
different-menus-in-different-pages
Directorist – WordPress Business Directory Plugin with Classified Ads Listings
directorist
Drag and Drop Multiple File Upload – Contact Form 7
drag-and-drop-multiple-file-upload-contact-form-7
EAN, UPC, ISBN Generator: Product Barcode Inventory for WooCommerce
ean-for-woocommerce
Easy Restaurant Table Booking
easy-table-booking
Eleblog – Elementor Blog And Magazine Addons
ele-blog
Elementor Addon Elements
addon-elements-for-elementor-page-builder
Elementor ImageBox
fd-elementor-imagebox
Elementor Website Builder Pro
elementor-pro
ElementsKit Elementor addons and Templates Library
elementskit-lite
ElementsReady Addons for Elementor
element-ready-lite
Embed Google Fonts
embed-google-fonts
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
essential-addons-for-elementor-lite
Event Monster – Event Management, Tickets Booking, Upcoming Event
event-monster
EventON
eventon-lite
Exclusive Addons for Elementor
exclusive-addons-for-elementor
Fancy Elementor Flipbox
fancy-elementor-flipbox
Flattr
flattr
Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager
folders
Follow Us Badges
wpsite-follow-us-badges
Giphypress
giphypress
Google Doc Embedder
google-document-embedder
Google Typography
google-typography
Grid Gallery – Photo Image Grid Gallery
new-grid-gallery
Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor
front-editor
Gutenberg Blocks with AI by Kadence WP – Page Builder Features
kadence-blocks
GWP-Histats
gwp-histats
Import and export users and customers
import-users-from-csv-with-meta
Inline Google Spreadsheet Viewer
inline-google-spreadsheet-viewer
iPages Flipbook For WordPress
ipages-flipbook
iPanorama 360 – WordPress Virtual Tour Builder
ipanorama-360-virtual-tour-builder-lite
Jeg Elementor Kit
jeg-elementor-kit
JW Player for WordPress
jw-player-7-for-wp
LA-Studio Element Kit for Elementor
lastudio-element-kit
Last Viewed Posts by WPBeginner
last-viewed-posts
LeadConnector
leadconnector
Login Logout Register Menu
login-logout-register-menu
Login with phone number
login-with-phone-number
MailerLite – Signup forms (official)
official-mailerlite-sign-up-forms
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
master-addons
Masteriyo LMS – eLearning and Online Course Builder for WordPress
learning-management-system
MasterStudy LMS WordPress Plugin – for Online Courses and Education
masterstudy-lms-learning-management-system
MDTF – Meta Data and Taxonomies Filter
wp-meta-data-filter-and-taxonomy-filter
Media Cleaner: Clean your WordPress!
media-cleaner
Mhr Post Ticker
mhr-post-ticker
Min and Max Purchase for WooCommerce
min-and-max-purchase-for-woocommerce
Mini Loops
mini-loops
Mooberry Book Manager
mooberry-book-manager
PB MailCrypt – AntiSpam Email Encryption
pb-mailcrypt-antispam-email-encryption
Perfect Pullquotes
perfect-pullquotes
Pet Manager
pet-manager
Photo Gallery – Responsive Photo Gallery, Image Gallery, Portfolio Gallery, Logo Gallery And Team Gallery
new-photo-gallery
Photo Gallery, Images, Slider in Rbs Image Gallery
robo-gallery
Popup Box – Best WordPress Popup Plugin
ays-popup-box
Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder
ajax-filter-posts
Premium Addons for Elementor
premium-addons-for-elementor
Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce
a4-barcode-generator
Print My Blog – Print, PDF, & eBook Converter WordPress Plugin
print-my-blog
Print-O-Matic
print-o-matic
Progressive WordPress (PWA)
progressive-wp
PropertyHive
propertyhive
Rank Math SEO with AI Best SEO Tools
seo-by-rank-math
Realtyna Organic IDX plugin + WPL Real Estate
real-estate-listing-realtyna-wpl
RegistrationMagic – User Registration Plugin with Custom Registration Forms
custom-registration-form-builder-with-submission-manager
ReviewX – Multi-criteria Rating & Reviews for WooCommerce
reviewx
RomethemeKit For Elementor
rometheme-for-elementor
rtMedia for WordPress, BuddyPress and bbPress
buddypress-media
Sailthru Triggermail
sailthru-triggermail
SEOPress – On-site SEO
wp-seopress
Share This Image
share-this-image
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor)
woolentor-addons
Simple Basic Contact Form
simple-basic-contact-form
Simple Image Popup
simple-image-popup
Simple Membership
simple-membership
SimpleShop
simpleshop-cz
Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)
sina-extension-for-elementor
Slider Revolution
revslider
Sliding Widgets
sliding-widgets
Social Icons Widget & Block by WPZOOM
social-icons-widget-by-wpzoom
Social Share Icons & Social Share Buttons
ultimate-social-media-plus
SP Project & Document Manager
sp-client-document-manager
Subway – Private Site Option
subway
Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder
supreme-modules-for-divi
SVS Pricing Tables
svs-pricing-tables
Swift Framework
swift-framework
Sydney Toolbox
sydney-toolbox
Tabellen von faustball.com
docollipics-faustball-de
Table Plugin for WordPress with Google Sheets Integration – Sheets to WP Table Live Sync
sheets-to-wp-table-live-sync
Testimonial Slider
testimonial-slider
The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid
the-post-grid
The School Management Pro
school-management-pro
TweetScroll Widget
tweetscroll-widget
Ultimate Under Construction
ultimate-under-construction
Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery
new-video-gallery
Web Push Notifications – Webpushr
webpushr-web-push-notifications
Where Did You Hear About Us Checkout Field for WooCommerce
wc-customer-source
Woo Total Sales
woo-total-sales
WordPress Flipbook by Supsystic
digital-publications-by-supsystic
WordPress Header Builder Plugin – Pearl
pearl-header-builder
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting
erp
WP Recipe Maker
wp-recipe-maker
WP Shortcodes Plugin — Shortcodes Ultimate
shortcodes-ultimate
WP Video Lightbox
wp-video-lightbox
WPify Woo Czech
wpify-woo
WTI Like Post
wti-like-post
Xserver Migrator
xserver-migrator
ZD YouTube FLV Player
zd-youtube-flv-player
WordPress Themes with Reported Vulnerabilities Last Week
Software Name
Software Slug
Adventure Journal
adventure-journal
Blocksy
blocksy
Edge
edge
Freesia Empire
freesia-empire
Pliska
pliska
Restaurant and Cafe
restaurant-and-cafe
Unique
unique
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-3070
Patch Status
Patched
Published
May 2, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-33911
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-34434
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-4033
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-2661
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-2831
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-3240
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
High (8.8)
CVE-ID
Unknown
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-34384
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
High (8.8)
CVE-ID
CVE-2024-33913
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
High (8.3)
CVE-ID
CVE-2024-2663
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
High (8.1)
CVE-ID
CVE-2024-4185
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-1895
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-1897
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
High (7.5)
CVE-ID
CVE-2024-1896
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-4097
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
High (7.2)
CVE-ID
CVE-2024-1173
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-3957
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-1371
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3883
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33953
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33918
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3554
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3368
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4158
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2023-6854
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3974
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33916
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34376
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33945
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3743
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3074
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4107
Patch Status
Patched
Published
May 2, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3650
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34374
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4156
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2349
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3280
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33955
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33927
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-0216
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-2273
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33926
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3674
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-0334
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3161
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3005
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33932
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1386
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4265
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33934
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33935
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33951
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33954
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-1679
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33936
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-34381
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4335
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3991
Patch Status
Patched
Published
May 2, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4383
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4092
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33938
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4334
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4036
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4193
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33948
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-33952
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4000
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3490
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3550
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4324
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-3942
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.3)
CVE-ID
CVE-2024-1677
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-0848
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4133
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33928
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-3917
Patch Status
Unpatched
Published
May 2, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-34367
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33924
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33947
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4289
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-4150
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-34369
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-33946
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-4372
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-2752
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-1809
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3237
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33914
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3868
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33949
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-3918
Patch Status
Unpatched
Published
May 2, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-4203
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-33930
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.4)
CVE-ID
CVE-2023-7065
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2109
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3649
Patch Status
Patched
Published
May 1, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33920
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33910
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33929
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3717
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34370
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33909
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33941
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33931
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-2797
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33939
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33922
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34368
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34372
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33907
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34382
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33919
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34383
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2023-6327
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-1229
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-32820
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-1678
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3916
Patch Status
Unpatched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3915
Patch Status
Unpatched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-34377
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33908
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-1688
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33944
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-33917
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2401
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3023
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33950
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2220
Patch Status
Unpatched
Published
May 2, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34380
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34366
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33940
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3920
Patch Status
Unpatched
Published
May 2, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2967
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-3021
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4290
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-34375
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4433
Patch Status
Unpatched
Published
May 2, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2189
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-2958
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-4085
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-33943
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-0847
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33912
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3072
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3071
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33956
Patch Status
Patched
Published
Apr 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33915
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3206
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-4083
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33925
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33942
Patch Status
Unpatched
Published
Apr 30, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1050
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34371
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33937
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-34379
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33921
Patch Status
Patched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1230
Patch Status
Patched
Published
May 3, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-33923
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-2960
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-2959
Patch Status
Unpatched
Published
Apr 29, 2024
CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-3936
Patch Status
Patched
Published
Apr 30, 2024
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024) appeared first on Wordfence.