Wordfence Intelligence Weekly WordPress Vulnerability Report (July 8, 2024 to July 14, 2024)


📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest. 


Last week, there were 225 vulnerabilities disclosed in 186 WordPress Plugins and 14 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 62 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 17,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.


New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our PremiumCare, and Response customers last week:

Wordfence PremiumCare, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Patched 93
Unpatched 132

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Low Severity 1
Medium Severity 173
High Severity 32
Critical Severity 19

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 94
Missing Authorization 39
Cross-Site Request Forgery (CSRF) 29
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) 12
Information Exposure 11
Unrestricted Upload of File with Dangerous Type 8
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) 6
Information Exposure Through Log Files 5
Server-Side Request Forgery (SSRF) 5
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) 4
Improper Privilege Management 3
Authentication Bypass Using an Alternate Path or Channel 2
Improper Control of Generation of Code (‘Code Injection’) 2
Authorization Bypass Through User-Controlled Key 1
Deserialization of Untrusted Data 1
File and Directory Information Exposure 1
Use of Hard-coded Credentials 1
Use of Less Trusted Source 1

Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
18
15
14
13
13
12
10
9
7
7
6
6
6
5
4
4
4
4
4
3
3
3
3
3
3
3
2
2
2
2
2
2
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
Academy LMS – eLearning and online course solution for WordPress academy
Admin Dashboard RSS Feed admin-dashboard-rss-feed
AdPush adsense-plugin
Advanced AJAX Page Loader advanced-ajax-page-loader
Advanced File Manager Shortcodes file-manager-advanced-shortcode
Advanced post slider advanced-post-slider
Amazing Hover Effects amazing-hover-effects
Animated Typed JS Shortcode animated-typed-js-shortcode
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps appmaker-woocommerce-mobile-app-manager
Arkhe Blocks arkhe-blocks
Attachment File Icons (AF Icons) attachment-file-icons
Auto Featured Image (Auto Post Thumbnail) auto-post-thumbnail
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. barcode-scanner-lite-pos-to-manage-products-inventory-and-orders
BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript searchpro
Blog, Posts and Category Filter for Elementor blog-posts-and-category-for-elementor
Booking Ultra Pro Appointments Booking Calendar Plugin booking-ultra-pro
Bradmax Player bradmax-player
Branda – White Label WordPress, Custom Login Page Customizer branda-white-labeling
Calendar.online / Kalender.digital – Plugin kalender-digital
Caxton – Create Pro page layouts in Gutenberg caxton
Change From Email wp-from-email
Cliengo – Chatbot cliengo
codoc codoc
Coming Soon Page – Responsive Coming Soon & Maintenance Mode responsive-coming-soon-page
Comment Images Reloaded comment-images-reloaded
ConeBlog – Elementor Blog Widgets coneblog-widgets
Contact Form 7 Summary and Print cf7-summary-and-print
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder bit-form
Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder arforms-form-builder
Default Thumbnail Plus default-thumbnail-plus
DirectoryPress – Business Directory And Classified Ad Listing directorypress
Download Button for Elementor download-button-for-elementor
Duplicator – Migration & Backup Plugin duplicator
Dynamic Word Spinner: CSS3 Animated Rotation css3-rotating-words
Easy Pixels easy-pixels-by-jevnet
EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin eazydocs
EleForms – All In One Form Integration including DB for Elementor all-contact-form-integration-for-elementor
ElementInvader Addons for Elementor elementinvader-addons-for-elementor
EmbedPress – Embed PDF, PDF 3D FlipBook, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor embedpress
Event post event-post
Event Tickets and Registration event-tickets
EventON eventon-lite
Events Calendar for Google events-calendar-for-google
ExS Widgets exs-widgets
Extensions for Elementor extensions-for-elementor
FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor post-block
Featured Image Generator featured-image-generator
Feeds for YouTube (YouTube video, channel, and gallery plugin) feeds-for-youtube
Form Vibes – Database Manager for Forms form-vibes
FormFlow: WhatsApp & Social Form Builder for Leads simple-form
FULL – Cliente full-customer
Fusion Page Builder fusion
GD Rating System gd-rating-system
Generate PDF using Contact Form 7 generate-pdf-using-contact-form-7
Genesis Blocks genesis-blocks
Get Use APIs – JSON Content Importer json-content-importer
Goftino goftino
Google Adsense & Banner Ads by AdsforWP ads-for-wp
Gravity Forms: Multiple Form Instances gravity-forms-multiple-form-instances
Gum Elementor Addon gum-elementor-addon
Gutenberg Forms – WordPress Form Builder Plugin forms-gutenberg
GutSlider – All in One Block Slider slider-blocks
HitPay Payment Gateway for WooCommerce hitpay-payment-gateway
Houzez CRM houzez-crm
Houzez Theme – Functionality houzez-theme-functionality
HT Mega – Absolute Addons For Elementor ht-mega-for-elementor
Image Optimizer, Resizer and CDN – Sirv sirv
Import Spreadsheets from Microsoft Excel import-spreadsheets-from-microsoft-excel
InstaWP Connect – 1-click WP Staging & Migration instawp-connect
Internal Link Juicer: SEO Auto Linker for WordPress internal-links
iPanorama 360 – WordPress Virtual Tour Builder ipanorama-360-virtual-tour-builder-lite
IQ Testimonials iq-testimonials
Job Board Manager job-board-manager
JSON API User json-api-user
Just Custom Fields just-custom-fields
Laposta laposta
LearnDash LMS – Reports wisdm-reports-for-learndash
Light Poll light-poll
Link Library link-library
Login by Auth0 auth0
Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) magical-addons-for-elementor
Magical Posts Display – Elementor Advanced Posts widgets magical-posts-display
MakeStories (for Google Web Stories) makestories-helper
Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor master-addons
Master Popups master-popups-lite
Matomo Analytics – Ethical Stats. Powerful Insights. matomo
MBE eShip mail-boxes-etc
Media Hygiene: Remove or Delete Unused Images and More! media-hygiene
Meks Smart Author Widget meks-smart-author-widget
Meks Video Importer meks-video-importer
Metorik – Reports & Email Automation for WooCommerce metorik-helper
Modern Events Calendar modern-events-calendar
Modern Events Calendar Lite modern-events-calendar-lite
Moloni moloni
MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar mp3-music-player-by-sonaar
MStore API – Create Native Android & iOS Apps On The Cloud mstore-api
oik oik
Olive One Click Demo Import olive-one-click-demo-import
Openpos – WooCommerce Point Of Sale(POS) woocommerce-openpos
OSM – OpenStreetMap osm
Packlink PRO shipping module packlink-pro-shipping
Panda Video pandavideo
Payflex Payment Gateway payflex-payment-gateway
PayPlus Payment Gateway payplus-payment-gateway
Plugin Name: CodePen Embedded Pens Shortcode codepen-embedded-pen-shortcode
Plugin Notes Plus plugin-notes-plus
Plum: Spin Wheel & Email Pop-up qodeblock
Post Layouts for Gutenberg post-layouts
Power BI Embedded for WordPress embed-power-bi
PowerPress Podcasting plugin by Blubrry powerpress
Predictive Search for WooCommerce woocommerce-predictive-search
Premium Addons for Elementor premium-addons-for-elementor
Pricing Table elfsight-pricing-table
Product Delivery Date for WooCommerce – Lite product-delivery-date-for-woocommerce-lite
Product Designer product-designer
Product Table by WBW woo-product-tables
ProfileGrid – User Profiles, Groups and Communities profilegrid-user-profiles-groups-and-communities
Qi Blocks qi-blocks
Realtyna Organic IDX plugin + WPL Real Estate real-estate-listing-realtyna-wpl
ReCaptcha Integration for WordPress wp-recaptcha-integration
Recipe Cards For Your Food Blog from Zip Recipes zip-recipes
ReDi Restaurant Reservation redi-restaurant-reservation
Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction pie-register
REVIEWS.io WooCommerce Plugin reviewscouk-for-woocommerce
ScrollTo Bottom scrollto-bottom
ScrollTo Top scrollto-top
SCSS Happy Compiler – Compile SCSS to CSS & Automatic Enqueue happy-scss-compiler
Search & Replace search-and-replace
Send Users Email send-users-email
Seraphinite Accelerator Pro seraphinite-accelerator-ext
Seraphinite Post .DOCX Source seraphinite-post-docx-source
Simple Alert Boxes simple-alert-boxes
Simple Popup Plugin simple-popup-plugin
Simple Post Notes simple-post-notes
Simple Responsive Slider simple-responsive-slider
SKT Addons for Elementor skt-addons-for-elementor
SKT Skill Bar skt-skill-bar
Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) sky-elementor-addons
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) slingblocks
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer smartcrawl-seo
Social Sharing Plugin – Kiwi kiwi-social-share
Spiffy Calendar spiffy-calendar
Squelch Tabs and Accordions Shortcodes squelch-tabs-and-accordions-shortcodes
Tabs For WPBakery Page Builder (formerly Visual Composer) tabs-for-visual-composer
Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics taggbox-widget
Team Manager – WordPress Showcase Team Members wp-team-manager
Team Members team-members
Timeline Module for Beaver Builder timeline-for-beaver-builder
Titan Anti-spam & Security anti-spam
TOCHAT.BE tochat-be
Tutor LMS – eLearning and online course solution tutor
Typebot | Create advanced chat experiences without coding typebot
Ultimate Classified Listings ultimate-classified-listings
UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) ultraaddons-elementor-lite
Uncanny Automator Pro uncanny-automator-pro
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor
User Activity Log Pro user-activity-log-pro
User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds userfeedback-lite
VK All in One Expansion Unit vk-all-in-one-expansion-unit
Wallet for WooCommerce woo-wallet
Wallet System for WooCommerce – Wallet, Digital Wallet, Cashback, Recharge User Wallets, Partial Payments, Wallet restriction, Refunds wallet-system-for-woocommerce
WappPress – Create Mobile App for any WordPress site with our Mobile App Builder in just 1 minute wapppress-builds-android-app-for-website
Webico Slider Flatsome Addons webico-slider-flatsome-addons
Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More woocommerce-wholesale-prices
WooCommerce Report ithemelandco-woo-report
WordPress Multisite Content Copier/Updater wp-multisite-content-copier
WP Accessibility Helper (WAH) wp-accessibility-helper
WP Announcement | Dynamic Announcement, Banner, & Countdown Timer for Effective Promotions sp-announcement
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting erp
WP Event Aggregator: Import Eventbrite events, Meetup events, social events and any iCal Events into WordPress wp-event-aggregator
WP Fast Total Search – The Power of Indexed Search fulltext-search
WP GoToWebinar wp-gotowebinar
WP Links Page wp-links-page
WP Photo Album Plus wp-photo-album-plus
WP Popups – WordPress Popup builder wp-popups-lite
WP Total Branding – Complete branding solution for WordPress wp-total-branding
WP Travel Engine – Tour Booking Plugin – Tour Operator Software wp-travel-engine
WP User Switch wp-user-switch
WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 wp2speed
WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor
WPCS – WordPress Currency Switcher Professional currency-switcher
XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] faq-for-woocommerce
YITH WooCommerce Ajax Product Filter yith-woocommerce-ajax-navigation
Zephyr Project Manager zephyr-project-manager
Zoho Campaigns zoho-campaigns
Zoho CRM Lead Magnet zoho-crm-forms

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
BuddyBoss Theme buddyboss-theme
Counterpoint counterpoint
i-amaze i-amaze
i-transform i-transform
Noo JobMonster noo-jobmonster
Oceanic oceanic
OnePress onepress
Patricia Blog patricia-blog
Patricia Lite patricia-lite
Point point
Popularis Verse popularis-verse
Responsive Mobile responsive-mobile
SmartMag smartmag-responsive-retina-wordpress-magazine
SociallyViral sociallyviral

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

CVSS Rating
Critical (10.0)
CVE-ID
CVE-2024-37933
Patch Status
Unpatched
Published
Jul 9, 2024

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-38755
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-3604
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
OSM – OpenStreetMap
Researcher

CVSS Rating
Critical (9.9)
CVE-ID
CVE-2024-37564
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
PayPlus Payment Gateway
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38717
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38735
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Event post
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6313
Patch Status
Unpatched
Published
Jul 8, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6397
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6314
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
IQ Testimonials
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-37927
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Noo JobMonster
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6624
Patch Status
Patched
Published
Jul 10, 2024

Affected Software
JSON API User
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6328
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-6365
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Product Table by WBW
Researcher

CVSS Rating
Critical (9.8)
CVE-ID
CVE-2024-38759
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Search & Replace

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38734
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-37928
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Noo JobMonster
Researcher

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38736
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-38692
Patch Status
Patched
Published
Jul 10, 2024

Affected Software
Spiffy Calendar

CVSS Rating
Critical (9.1)
CVE-ID
CVE-2024-37932
Patch Status
Unpatched
Published
Jul 9, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6310
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Advanced AJAX Page Loader
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2023-7061
Patch Status
Unpatched
Published
Jul 8, 2024

Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2023-7062
Patch Status
Unpatched
Published
Jul 8, 2024

Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6309
Patch Status
Unpatched
Published
Jul 8, 2024

Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6161
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Default Thumbnail Plus
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38716
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38715
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
ExS Widgets

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5325
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38709
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
GD Rating System

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6317
Patch Status
Unpatched
Published
Jul 8, 2024

Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6316
Patch Status
Unpatched
Published
Jul 8, 2024

Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5792
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Houzez CRM
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5793
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Houzez Theme – Functionality
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5441
Patch Status
Patched
Published
Jul 8, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-5456
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Panda Video
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6321
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
ScrollTo Bottom
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6320
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
ScrollTo Top
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-6353
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Wallet for WooCommerce
Researcher

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-38704
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
High (8.8)
CVE-ID
CVE-2024-37560
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
WP User Switch
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-5479
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Easy Pixels
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6180
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
EventON
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-6447
Patch Status
Patched
Published
Jul 10, 2024

Affected Software
FULL – Cliente
Researcher

CVSS Rating
High (7.2)
CVE-ID
CVE-2024-37563
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
TOCHAT.BE
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-5992
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Cliengo – Chatbot
Researcher

CVSS Rating
Medium (6.5)
CVE-ID
CVE-2024-38700
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38750
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Advanced post slider
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38741
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Amazing Hover Effects
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38679
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Animated Typed JS Shortcode
Researcher(s): Unknown

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38675
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Arkhe Blocks

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38676
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37957
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Bradmax Player
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38678
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37960
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37918
Patch Status
Patched
Published
Jul 9, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38718
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Download Button for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38720
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38705
Patch Status
Patched
Published
Jul 11, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-4868
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Extensions for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37962
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Fusion Page Builder

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3563
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Genesis Blocks

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38697
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Goftino
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37955
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38722
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38723
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37958
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Meks Smart Author Widget
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6391
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
oik
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38739
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
OnePress
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-3603
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
OSM – OpenStreetMap
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5457
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Panda Video
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38682
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Post Layouts for Gutenberg
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37959
Patch Status
Unpatched
Published
Jul 10, 2024

Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-6495
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Premium Addons for Elementor
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38712
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Qi Blocks

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37949
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Responsive Mobile
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38677
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
REVIEWS.io WooCommerce Plugin
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38728
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Seraphinite Post .DOCX Source
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5937
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Simple Alert Boxes
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38674
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38698
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
SKT Skill Bar
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37936
Patch Status
Unpatched
Published
Jul 9, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38670
Patch Status
Patched
Published
Jul 10, 2024

Affected Software
Team Members
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38757
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37956
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
VK All in One Expansion Unit

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-5881
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Webico Slider Flatsome Addons
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38671
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
WP GoToWebinar
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38713
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
WP Photo Album Plus
Researcher

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-37944
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (6.4)
CVE-ID
CVE-2024-38752
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Zoho Campaigns
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38672
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
AdPush
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37920
Patch Status
Patched
Published
Jul 9, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37961
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
codoc
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38724
Patch Status
Unpatched
Published
Jul 11, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37559
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Counterpoint
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38711
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Link Library
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2023-6813
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
Login by Auth0
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37953
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
MBE eShip
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38694
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Moloni
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38673
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38744
Patch Status
Unpatched
Published
Jul 11, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37954
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Simple Responsive Slider
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-5883
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Ultimate Classified Listings
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-6529
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Ultimate Classified Listings
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-5882
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Ultimate Classified Listings
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37117
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Uncanny Automator Pro
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38669
Patch Status
Unpatched
Published
Jul 10, 2024

Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38683
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
WooCommerce Report
Researcher

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-37943
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (6.1)
CVE-ID
CVE-2024-38696
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
Zoho CRM Lead Magnet
Researcher

CVSS Rating
Medium (5.5)
CVE-ID
CVE-2024-37947
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5993
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Cliengo – Chatbot
Researcher

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-5648
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
LearnDash LMS – Reports
Researcher

CVSS Rating
Medium (5.4)
CVE-ID
CVE-2024-4102
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Pricing Table

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38756
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6210
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38748
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6550
Patch Status
Patched
Published
Jul 9, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38747
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38690
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6574
Patch Status
Unpatched
Published
Jul 12, 2024

Affected Software
Laposta
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38742
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
MBE eShip
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38749
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Olive One Click Demo Import
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-0619
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Payflex Payment Gateway
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38743
Patch Status
Unpatched
Published
Jul 11, 2024

Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-4100
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Pricing Table

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38702
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3608
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Product Designer
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38688
Patch Status
Unpatched
Published
Jul 10, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38737
Patch Status
Patched
Published
Jul 11, 2024

Affected Software
ReDi Restaurant Reservation
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38760
Patch Status
Patched
Published
Jul 12, 2024

Affected Software
Send Users Email
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37930
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
SmartMag
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-3228
Patch Status
Patched
Published
Jul 8, 2024

Affected Software
Social Sharing Plugin – Kiwi
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37935
Patch Status
Unpatched
Published
Jul 9, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-37926
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
WP Accessibility Helper (WAH)
Researcher

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-6555
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Medium (5.3)
CVE-ID
CVE-2024-38761
Patch Status
Patched
Published
Jul 12, 2024

Affected Software
Zephyr Project Manager
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38725
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38738
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Change From Email
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37565
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
Gum Elementor Addon
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37950
Patch Status
Unpatched
Published
Jul 10, 2024

Affected Software
Master Popups
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37561
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Plugin Notes Plus
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37946
Patch Status
Unpatched
Published
Jul 10, 2024

Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-38689
Patch Status
Patched
Published
Jul 10, 2024

Affected Software
Simple Popup Plugin
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37562
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Simple Post Notes
Researcher

CVSS Rating
Medium (4.4)
CVE-ID
CVE-2024-37919
Patch Status
Unpatched
Published
Jul 9, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38719
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37925
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
BuddyBoss Theme
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5856
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Comment Images Reloaded
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38753
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38721
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-1375
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Event post
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38762
Patch Status
Patched
Published
Jul 12, 2024

Affected Software
Event Tickets and Registration
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5677
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
Featured Image Generator
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38751
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38706
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38731
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
i-amaze
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38764
Patch Status
Unpatched
Published
Jul 12, 2024

Affected Software
i-transform
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37941
Patch Status
Patched
Published
Jul 9, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6168
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Just Custom Fields
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6167
Patch Status
Unpatched
Published
Jul 8, 2024

Affected Software
Just Custom Fields
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6496
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Light Poll

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38766
Patch Status
Patched
Published
Jul 12, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38729
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
MBE eShip
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-5855
Patch Status
Patched
Published
Jul 8, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38733
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Meks Video Importer
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38691
Patch Status
Patched
Published
Jul 10, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38765
Patch Status
Unpatched
Published
Jul 12, 2024

Affected Software
Oceanic
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38740
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Packlink PRO shipping module
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38732
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Patricia Blog
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37939
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Patricia Lite
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37931
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
Point
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38763
Patch Status
Unpatched
Published
Jul 12, 2024

Affected Software
Popularis Verse
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6410
Patch Status
Patched
Published
Jul 9, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37940
Patch Status
Patched
Published
Jul 9, 2024

Affected Software
Seraphinite Accelerator Pro
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38727
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Seraphinite Post .DOCX Source
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37938
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
SociallyViral
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38754
Patch Status
Unpatched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38777
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
Titan Anti-spam & Security
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-37929
Patch Status
Unpatched
Published
Jul 9, 2024

Affected Software
User Activity Log Pro
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38714
Patch Status
Patched
Published
Jul 11, 2024

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-38695
Patch Status
Unpatched
Published
Jul 11, 2024

Affected Software
WP GoToWebinar
Researcher

CVSS Rating
Medium (4.3)
CVE-ID
CVE-2024-6465
Patch Status
Patched
Published
Jul 12, 2024

Affected Software
WP Links Page
Researcher

CVSS Rating
Low (2.7)
CVE-ID
CVE-2024-38701
Patch Status
Patched
Published
Jul 11, 2024


As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (July 8, 2024 to July 14, 2024) appeared first on Wordfence.

More great articles

Easily Exploitable Critical Vulnerabilities Patched in ProfilePress Plugin

On May 27, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for several vulnerabilities that were discovered…

Read Story

40,000 WordPress Sites affected by Vulnerability That Leads to Privilege Escalation in Login/Signup Popup WordPress Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can…

Read Story

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024)

Did you know we’re running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for…

Read Story

Emergency WordPress Help

One of our techs will get back to you within minutes.