Wordfence Intelligence Weekly WordPress Vulnerability Report (November 4, 2024 to November 10, 2024)


🦸 💥 Calling all superheroes and hunters! Introducing the End of Year Holiday Extravaganza and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through December 9th, 2024:

  • All in-scope vulnerability types for WordPress plugins/themes with >= 1,000 active installations are in-scope for ALL researchers
  • All plugins and themes with 50-999 active installs hosted in the WordPress.org repository and updated within the last 2 years are in-scope for all researchers!
  • Minimum bounty of $5 for all valid in-scope submissions.
  • All researchers earn automatic bonuses of between 5% to 180% for valid submissions
  • Pending report limits are increased for all
  • It’s possible to earn up to $31,200 for high impact vulnerabilities!

Last week, there were 286 vulnerabilities disclosed in 273 WordPress Plugins and 5 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 43 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 20,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.


New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our PremiumCare, and Response customers last week:

Wordfence PremiumCare, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Patched 75
Unpatched 211

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Medium Severity 252
High Severity 14
Critical Severity 20

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 225
Unrestricted Upload of File with Dangerous Type 11
Missing Authorization 10
Authorization Bypass Through User-Controlled Key 7
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) 7
Exposure of Sensitive Information to an Unauthorized Actor 6
Improper Authentication 4
Improper Control of Generation of Code (‘Code Injection’) 4
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) 3
Server-Side Request Forgery (SSRF) 2
Authentication Bypass Using an Alternate Path or Channel 1
Cross-Site Request Forgery (CSRF) 1
Improper Access Control 1
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) 1
Improper Handling of Missing Values 1
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) 1
Insecure Storage of Sensitive Information 1

Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
123
32

Gab

21
17
8
6
6
6
6
5
4
4
4
3
3
3
3
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
140+ Widgets | Xpro Addons For Elementor – FREE xpro-elementor-addons
AA Audio Player aa-audio-player
AchillesTheme-shortcodes achilles-shortcodes
Active Products Tables for WooCommerce. Use constructor to create tables  profit-products-tables-for-woocommerce
Add Ribbon Shortcode add-ribbon
Admin Amplify wpr-admin-amplify
Advanced Video Player with Analytics advanced-video-player-with-analytics
Adventure Bucket List adventure-bucket-list
AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress agendapress
Ajax Content Filter ajax-content-filter
Alert Me! alert-me
Algori PDF Viewer algori-pdf-viewer
Anant Addons for Elementor anant-addons-for-elementor
Assist24 Help Desk assist24it
Attesa Extra attesa-extra
audioCase audiocase
Awesome Fitness Testimonials awesome-fitness-testimonials
Awesome Tool Tip awesome-tool-tip
AzonBox azonbox
Bamboo Enquiries bamboo-enquiries
Banner System banner-system
Basticom Framework basticom-framework
Be Shortcodes be-shortcodes
Beacon For Help Scout beacon-for-helpscout
BeBetter Social Icons bebetter-social-icons
best bootstrap widgets for elementor best-bootstrap-widgets-for-elementor
Bg Patriarchia BU bg-patriarchia-bu
Bing Search API Integration abbs-bing-search
Bitcoin Payments bitcoin-payments
Blocks Post Grid blocks-post-grid
Boombox Shortcode Plugin boombox-shortcode
Brand my Footer brand-my-footer
Browsing History browsing-history
BU Slideshow bu-slideshow
Buooy Sticky Header buooy-sticky-header
Category Ajax Filter category-ajax-filter
CE21 Suite ce21-suite
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More charitable
Charity Addon for Elementor charity-addon-for-elementor
Christian Science Bible Lesson Subjects christian-science-bible-lesson-subjects
Code Embed simple-embed-code
codeSnips codesnips
Combo WP Rewrite Slugs combo-wp-rewrite-slugs
Community Yard Sale community-yard-sale
Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension
Contact Form 7 – PayPal & Stripe Add-on contact-form-7-paypal-add-on
Content Slider Block content-slider-block
Content Syndication Toolkit Reader content-syndication-toolkit-reader
Conversion Helper conversion-helper
Cookie Nonsense for YT yt-cookie-nonsense
Countdown Timer block – Display the event’s date into a timer. countdown-time
Cowidgets – Elementor Addons cowidgets-elementor-addons
Creative Blocks – Ultimate Blocks for Gutenberg creative-blocks
CRM 2go – Formulario de contacto crm2go
CRM WordPress Plugin – RepairBuddy computer-repair-shop
Custom Dashboard Widget create-custom-dashboard-widget
Custom URL Shortener custom-url-shorter
Daily Image daily-image
Dashing Memberships dashing-memberships
Debug Tool debug-tool
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler cf7-styler
Don’t Break The Code dont-break-the-code
Doofinder doofinder
drop in image slideshow gallery drop-in-image-slideshow-gallery
DuoGeek – Gutenberg Blocks duogeek-blocks
Dynamic Post Grid Elementor Addon dynamic-post-grid-elementor-addon
Easy Social Sharebar easy-social-sharebar
Easy SVG Support easy-svg
eewee admin custom eewee-admincustom
Ekiline Block Collection ekiline-block-collection
EleForms – All In One Form Integration including DB for Elementor all-contact-form-integration-for-elementor
Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) bdthemes-element-pack-lite
Elementor Header & Footer Builder header-footer-elementor
ElementsReady Addons for Elementor element-ready-lite
Embed documents shortcode embed-documents-shortcode
Envo Extra envo-extra
ESB Testimonials esb-testimonials
Event post event-post
EventPress wp-eventpress
Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin everest-backup
Fabrica Synced Pattern Instances fabrica-reusable-block-instances
Faltu Testimonial Rotator faltu-testimonial-rotator
Fancy User List fancy-user-listing
Fast Video and Image Display fast-video-and-image-display
Featured product by category name featured-product-by-category-name
File Select Control For Elementor file-select-control-for-elementor
Firework Shoppable Live Video firework-videos
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder form-maker
Forms forms-by-made-it
Forms: 3rd-Party Post Again forms-3rdparty-post-again
FOX – Currency Switcher Professional for WooCommerce woocommerce-currency-switcher
FriendStore for WooCommerce friendstore-for-woocommerce
Gboy Custom Google Map gboy-custom-google-map
Geoportail Shortcode geoportail-shortcode
Geotagged Media geotagged-media
Google Visualization Charts google-visualization-charts
GreenCon – Table, Listing, Marketing builder for Gutenberg greencon
Gutenium Blocks gutenium
HB AUDIO GALLERY hb-audio-gallery
Heateor Social Login WordPress heateor-social-login
Hola Free Video Player hola-free-video-player
Horsemanager fruitcake-horsemanager
HQ60 Fidelity Card hq60-fidelity-card
I Plant A Tree i-plant-a-tree
IA Map Analytics Basic ia-map-analytics-basic
Icon Widget icon-widget-with-links
Image Carousel Shortcode image-carousel-shortcode
Image Classify image-classify
imPress wp-js-impress
Inline Click To Tweet inline-click-to-tweet
IntelliWidget Elements intelliwidget-elements
Jigoshop – Store Toolkit jigoshop-store-toolkit
JobSearch WP Job Board wp-jobsearch
Keymaster Chord Notation Free keymaster-chord-notation-free
Kings Tab Slider kings-tab-slider
L Squared Hub WP – Virtual Device Plugin l-squared-hub-wp-virtual-device
Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages landing-page-cat
Lead capture, gated content & newsletter opt-ins bread-butter
Lenxel Core for Lenxel(LNX) LMS lenxel-core
Leopard – WordPress Offload Media leopard-wordpress-offload-media
Lewe Bootstrap Visuals shortcode-bootstrap-visuals
LIQUID BLOCKS – Slider, Carousel, Accordion liquid-blocks
Location Click Map location-click-map
Loginizer loginizer
Loginizer Security loginizer-security
Loginplus loginplus
Luzuk Slider luzuk-slider
Luzuk Team luzuk-team
Luzuk Testimonials luzuk-testimonials
Mage Front End Forms mage-forms
Magic Slider magic-slider
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) magical-addons-for-elementor
Map Store Locator map-store-location
Mapme mapme
MapPress Maps for WordPress mappress-google-maps-for-wordpress
Master Bar master-bar
MDC YouTube Downloader mdc-youtube-downloader
mFolio Lite mfolio-lite
MG Post Contributors mg-post-contributors
Minical Hotel Booking Plugin minical
Mobile Kiosk mobile-kiosk
Moka Get Posts Shortcode moka-get-posts
Moose Elementor Kit moose-elementor-kit
Multi-day Booking Calendar multi-day-booking-calendar
Multifox Plus multifox-plus
Multiple Votes in one page multiple-votes-in-one-page
My Restaurant Menu my-restaurant-menu
myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification mycred
Narnoo Commerce Manager narnoo-commerce-manager
News Articles news-articles
News Ticker newsticker
NV Slider nv-slider
Official SalesWizard CRM Plugin official-saleswizard-crm
Olympus Shortcodes olympus-shortcodes
OpenCart Product Display opencart-product-display
OS BXSlider os-bxslider
OS Our Team os-our-team
OS Pricing Tables os-pricing-tables
OSM – OpenStreetMap osm
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction paid-member-subscriptions
Parallaxer – Parallax Effect on Content parallaxer-lite-parallax-effects-on-images
ParOne Feeds parone
Pay With Stripe – Your WordPress Payments Stripe Gateway payments-stripe-gateway
Pdf Embedder Fay pdf-embedder-fay
Persian Nested Show/Hide Text persian-nested-showhide-text
PF Timer pf-timer
Photo Gallery by 10Web – Mobile-Friendly Image Gallery photo-gallery
Photographer Connections photographer-connections
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons contest-gallery
Plenigo plenigo
Poll Maker – Versus Polls, Anonymous Polls, Image Polls poll-maker
Popup Image popup-image
Postcasa Shortcode postcasa
Postify: Post Layout For Elementor postify-for-elementor
Posts Filter posts-filter
Posts Search posts-search
Pricing Tables WordPress Plugin – Easy Pricing Tables easy-pricing-tables
Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) bdthemes-prime-slider-lite
Pro Addons For Elementor pro-addons-for-elementor
PropertyShift propertyshift
Provide Forex Signals provide-forex-signals
Pull This pull-this
Quform – WordPress Form Builder quform
ra_qrcode ra-qrcode
Realty by BestWebSoft realty
Redirecter shortcode-for-redirection
RegistrationMagic – User Registration Plugin with Custom Registration Forms custom-registration-form-builder-with-submission-manager
Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates responsive-addons-for-elementor
Responsive Data Table responsive-data-table
Responsive Filterable Portfolio responsive-filterable-portfolio
Rig Elements For Elementor rig-elements
RSV 360 View rsv-360-view
RSV PDF Preview rsv-pdf-preview
Saragna – Social Stream WordPress saragna-social-stream
Satisfaction Reports from Help Scout happiness-reports-for-help-scout
scrollup scrollup
Search order by product SKU for WooCommerce search-order-by-product-sku-for-woocommerce
Sell Media File with Stripe sell-media-file
Semantic Shortcode semantic-shortcode
Seriously Simple Podcasting seriously-simple-podcasting
Share Buttons – Social Media rich-web-share-button
Shortcode Collection shortcode-collection
Shortcodes Blocks Creator Ultimate ultimate-shortcodes-creator
Simple Modal simplemodal
Simple Shortcode for Google Maps simple-google-maps-short-code
Simple Social Share Block simple-social-share-block
SimpleGMaps simplegmaps
Simplistic SEO simplistic-seo
Simpul Events by Esotech simpul-events-by-esotech
SKT Addons for Elementor skt-addons-for-elementor
Smooth Maps colour-smooth-maps
Social button social-button
Social Locker – Increase Traffic social-locker-content
Social Share, Social Login and Social Comments Plugin – Super Socializer super-socializer
SrcSet Responsive Images for WordPress truenorth-srcset
Stylish Internal Links stylish-internal-links
Surbma | Font Awesome surbma-font-awesome
SV Forms sv-forms
SVT Simple svt-simple
SysBasics Customize My Account for WooCommerce customize-my-account-for-woocommerce
Team Showcase and Slider – Team Members Builder team-showcase-ultimate
TeleAdmin teleadmin
Testimonial Slider Shortcode testimonial-slider-shortcode
Text Advertisements text-advertisements
The Novel Design Store Directory noveldesign-store-directory
The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) the-pack-addon
Tickera – WordPress Event Ticketing tickera-event-ticketing-system
Tigris Flexplatform tigris-flexplatform
TinyCode tinycode
Topbar ID for Elementor topbar-id-for-elementor
Trendy Restaurant Menu – Best Restaurant Plugin for WordPress trendy-restaurant-menu
Tumult Hype Animations tumult-hype-animations
Twitter real time search scrolling twitter-real-time-search-scrolling
Ultimate Accordion ultimate-accordion
Ultimate Bootstrap Elements for Elementor ultimate-bootstrap-elements-for-elementor
Ultimate Flipbox Addon for Elementor ultimate-flipbox-addon-for-elementor
User Meta – User Profile Builder and User management plugin user-meta
User Password Reset user-password-reset
Utech Spinning Earth utech-spinning-earth
UW Freelancer uw-freelancer
Video Gallery for WooCommerce video-wc-gallery
VP Sitemap vp-sitemap
Wd-image-magnifier-xoss wd-image-magnifier-xoss
WE – Client Logo Carousel we-client-logo-carousel
Web Stories Widgets For Elementor shortcodes-for-amp-web-stories-and-elementor-widget
Websand Subscription Form websand-subscription-form
Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera wp-website-creator
Wezido – Elementor Addon Based on Easy Digital Downloads wezido-elementor-addon-based-on-easy-digital-downloads
WooCommerce – Social Login woo-social-login
WooCommerce Report ithemelandco-woo-report
WooCommerce Support Ticket System woocommerce-support-ticket-system
WordPress User Extra Fields wp-user-extra-fields
WoW Guild Armory Roster guild-armory-roster
WP Agenda wp-agenda
WP Contest wp-contest
WP Listings Pro wp-listings-pro
WP Membership wp-membership
WP MMenu Lite wp-mmenu-lite
WP PagSeguro Payments wp-pagseguro-payments
WP Photo Album Plus wp-photo-album-plus
WP Responsive Video my-wp-responsive-video
Wp Slide Categorywise wp-slide-categorywise
WP Virtual Room Configurator configure-conference-room
WP Visual Adverts wp-visual-adverts
WP-Basics wp-basics
wp_automatic_widget wp-automatic-widget
WPHelpful wphelpful
WS Form LITE – Drag & Drop Contact Form Builder for WordPress ws-form
XT Floating Cart for WooCommerce woo-floating-cart-lite
YaDisk Files wp-yadisk-files
yPHPlista yphplista
Zotpress zotpress
活动链接推广插件 yr-activity-link

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Anih – Creative Agency WordPress Theme anih
Storely storely
Th Shop Mania th-shop-mania
Top Store top-store
WPLMS Learning Management System for WordPress, WordPress LMS wplms

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-8615
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
JobSearch WP Job Board
Researcher

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-9307
Patch Status
Unpatched
Published
Nov 5, 2024

Affected Software
mFolio Lite
Researcher

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-8614
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
JobSearch WP Job Board
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10871
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Category Ajax Filter
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10284
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
CE21 Suite
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10285
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
CE21 Suite
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51793
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10586
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Debug Tool
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51791
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Forms
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51790
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
HB AUDIO GALLERY
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51789
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Image Classify
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10589
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-51788
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10625
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10627
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10801
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
WordPress User Extra Fields
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10547
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
WP Membership
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-10470
Patch Status
Patched
Published
Nov 8, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10674
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Th Shop Mania

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10673
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Top Store

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10711
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
WooCommerce Report
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-10626
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
High (8.1)
CVE-ID
CVE-2024-10020
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
Heateor Social Login WordPress
Researcher

CVSS Rating
High (8.1)
CVE-ID
CVE-2024-10097
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
Loginizer Security
Loginizer
Researcher

CVSS Rating
High (8.1)
CVE-ID
CVE-2024-10114
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
WooCommerce – Social Login
Researcher

CVSS Rating
High (7.4)
CVE-ID
CVE-2024-10709
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
YaDisk Files
Researcher

CVSS Rating
High (7.3)
CVE-ID
CVE-2024-10263
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
High (7.3)
CVE-ID
CVE-2024-10958
Patch Status
Patched
Published
Nov 10, 2024

Affected Software
WP Photo Album Plus
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-10294
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
CE21 Suite
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51882
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Gboy Custom Google Map
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51843
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Horsemanager
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51820
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51845
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Share Buttons – Social Media
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-51837
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP Contest
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52348
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
AA Audio Player
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51878
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
AchillesTheme-shortcodes
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51823
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Add Ribbon Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51824
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51908
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Adventure Bucket List
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51825
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Alert Me!
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51813
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Anant Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51910
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Assist24 Help Desk
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51909
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
audioCase
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51806
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Awesome Fitness Testimonials
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52349
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Awesome Tool Tip
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51931
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
AzonBox
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51859
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Bamboo Enquiries
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51816
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Banner System
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9443
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
Basticom Framework
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51881
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Be Shortcodes
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51828
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Beacon For Help Scout
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51880
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
BeBetter Social Icons
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51851
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51799
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Bg Patriarchia BU
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51826
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Bitcoin Payments
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51928
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Blocks Post Grid
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51827
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Boombox Shortcode Plugin
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51801
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Brand my Footer
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51802
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51885
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Browsing History
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52351
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
BU Slideshow
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51938
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Charity Addon for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52353
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10814
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Code Embed
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51808
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
codeSnips
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51846
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Community Yard Sale
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51933
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Cookie Nonsense for YT
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-8960
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Cowidgets – Elementor Addons
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51822
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52350
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51860
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Custom Dashboard Widget
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51930
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Custom URL Shortener
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51914
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51868
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
DuoGeek – Gutenberg Blocks
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51852
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51833
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Easy Social Sharebar
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10269
Patch Status
Patched
Published
Nov 7, 2024

Affected Software
Easy SVG Support
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51934
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Ekiline Block Collection
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10325
Patch Status
Patched
Published
Nov 7, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51787
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51904
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Embed documents shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51936
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
ESB Testimonials
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10186
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
Event post
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51861
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
EventPress
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51853
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Faltu Testimonial Rotator
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51889
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Fancy User List
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51935
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Fast Video and Image Display
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51911
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51841
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51890
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Geoportail Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51862
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Google Visualization Charts
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51926
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51869
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Gutenium Blocks
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51854
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Hola Free Video Player
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51883
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
I Plant A Tree
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51937
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
IA Map Analytics Basic
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51929
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Icon Widget
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51842
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Image Carousel Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51803
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Inline Click To Tweet
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51912
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
IntelliWidget Elements
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51809
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Keymaster Chord Notation Free
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51932
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Kings Tab Slider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9270
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51810
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Lewe Bootstrap Visuals
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52357
Patch Status
Patched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51844
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Location Click Map
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51834
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Luzuk Slider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51871
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Luzuk Team
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51872
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Luzuk Testimonials
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52339
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Mage Front End Forms
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51896
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Magic Slider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51920
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Map Store Locator
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51913
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Mapme
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10715
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
MapPress Maps for WordPress
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51875
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
MDC YouTube Downloader
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51895
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Minical Hotel Booking Plugin
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51829
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Mobile Kiosk
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51804
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Moka Get Posts Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51856
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Moose Elementor Kit
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51873
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Multi-day Booking Calendar
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51916
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Multifox Plus
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51917
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Multiple Votes in one page
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51849
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
My Restaurant Menu
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51897
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
News Articles
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51830
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
News Ticker
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51887
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
NV Slider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51891
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51857
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Olympus Shortcodes
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51835
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
OpenCart Product Display
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52342
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
OS BXSlider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52341
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
OS Our Team
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52343
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
OS Pricing Tables
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52355
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
OSM – OpenStreetMap
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51848
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51874
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
ParOne Feeds
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51918
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51795
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Pdf Embedder Fay
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2018-5158
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Algori PDF Viewer
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51831
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Persian Nested Show/Hide Text
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51863
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
PF Timer
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52340
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Photographer Connections
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51832
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Plenigo
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51811
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Popup Image
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52352
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Postcasa Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51893
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51886
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Posts Filter
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51884
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Posts Search
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51812
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Pro Addons For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52344
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Provide Forex Signals
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51838
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Pull This
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52345
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
ra_qrcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51786
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
Realty by BestWebSoft
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51855
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Redirecter
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51927
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Rig Elements For Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51906
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
RSV 360 View
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51905
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
RSV PDF Preview
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51921
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
scrollup
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51892
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Sell Media File with Stripe
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51898
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Semantic Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51864
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Shortcode Collection
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10340
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-10621
Patch Status
Patched
Published
Nov 7, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51865
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Simple Social Share Block
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52346
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
SimpleGMaps
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51867
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Simpul Events by Esotech
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51901
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Smooth Maps
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51866
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Social button
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51858
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51794
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Storely
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51939
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Stylish Internal Links
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51798
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Surbma | Font Awesome
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51877
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
SV Forms
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51925
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Testimonial Slider Shortcode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51879
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Text Advertisements
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51819
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Tigris Flexplatform
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51902
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
TinyCode
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51894
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Topbar ID for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51796
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51797
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Ultimate Accordion
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51870
Patch Status
Unpatched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51839
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Utech Spinning Earth
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51922
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
VP Sitemap
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51840
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Wd-image-magnifier-xoss
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51821
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WE – Client Logo Carousel
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-52354
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51923
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Websand Subscription Form
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51836
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51850
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WoW Guild Armory Roster
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51924
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP Agenda
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51903
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP Listings Pro
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51847
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP PagSeguro Payments
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51940
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP Responsive Video
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51907
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
WP Virtual Room Configurator
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51876
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
wp_automatic_widget
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-9178
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51805
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
yPHPlista
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-51814
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
活动链接推广插件
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51691
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Admin Amplify

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51717
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Ajax Content Filter
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51692
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51699
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51689
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10683
Patch Status
Patched
Published
Nov 8, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51696
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10676
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51776
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Daily Image

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51760
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Dashing Memberships
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51779
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51697
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Doofinder

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51780
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51695
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51781
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51783
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51784
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51694
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Geotagged Media

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51713
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
HQ60 Fidelity Card
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51704
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
imPress

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51712
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Jigoshop – Store Toolkit
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51782
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Loginplus
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51698
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Master Bar

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51701
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51708
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51762
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
PropertyShift
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51710
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51711
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51778
Patch Status
Unpatched
Published
Nov 4, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51693
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-9667
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
Seriously Simple Podcasting
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51718
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Simple Modal

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51719
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
Simplistic SEO

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51702
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51759
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
SVT Simple

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-10837
Patch Status
Patched
Published
Nov 9, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51763
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51709
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
TeleAdmin
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51716
Patch Status
Unpatched
Published
Nov 4, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51714
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
User Password Reset
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51706
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
UW Freelancer

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51705
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
WP MMenu Lite

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51690
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51707
Patch Status
Unpatched
Published
Nov 4, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51703
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
WP-Basics

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-51761
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
WPHelpful
Researcher

CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-9775
Patch Status
Unpatched
Published
Nov 8, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10779
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Cowidgets – Elementor Addons
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-8756
Patch Status
Patched
Published
Nov 8, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-10535
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
Video Gallery for WooCommerce
Researcher

CVSS Rating
Medium (4.9)
CVE-ID
CVE-2024-9874
Patch Status
Patched
Published
Nov 8, 2024

CVSS Rating
Medium (4.7)
CVE-ID
CVE-2024-51785
Patch Status
Patched
Published
Nov 4, 2024

Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-9878
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-10710
Patch Status
Unpatched
Published
Nov 4, 2024

Affected Software
YaDisk Files
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10688
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Attesa Extra
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-51817
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Combo WP Rewrite Slugs
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10084
Patch Status
Patched
Published
Nov 5, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10667
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Content Slider Block
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10588
Patch Status
Unpatched
Published
Nov 8, 2024

Affected Software
Debug Tool
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10770
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
Envo Extra
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10693
Patch Status
Patched
Published
Nov 8, 2024

Affected Software
SKT Addons for Elementor
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10543
Patch Status
Patched
Published
Nov 5, 2024

Affected Software
Tumult Hype Animations

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-10329
Patch Status
Patched
Published
Nov 4, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-7429
Patch Status
Patched
Published
Nov 4, 2024

Affected Software
Zotpress
Researcher


As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (November 4, 2024 to November 10, 2024) appeared first on Wordfence.

More great articles

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin

🎉 Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to…

Read Story

Open-Source Projects Use the Wordfence Vulnerability Data Feed API and You Can Too!

Prior to joining the Wordfence Threat Intelligence team, I spent several years as a vulnerability analyst, responsible for collecting, analyzing,…

Read Story

High Severity Vulnerability Patched in WooCommerce Stock Manager Plugin

On May 21, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered…

Read Story

Emergency WordPress Help

One of our techs will get back to you within minutes.