Sitecare

Pulse

Every day our team monitors threats that put your website at risk. We proactively patch vulnerabilities to protect your users, data, and your reputation.

28 vulnerabilities patched in the last 30 days

Page last updated:

Type

Affected Software

Latest Version

Description

Severity

Date

  • Plugin

    Ajax Load More

    <=

    7.1.2

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    6.5

    162 days ago

    Type

    Plugin

    6.5

    Affected Software

    Ajax Load More

    Latest Version

    <=

    7.1.2

    Description

    pulse_description

    162 days ago

  • Plugin

    TinyPNG

    <=

    3.4.3

    Cross Site Request Forgery (CSRF) – This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication.

    5.4

    162 days ago

    Type

    Plugin

    5.4

    Affected Software

    TinyPNG

    Latest Version

    <=

    3.4.3

    Description

    pulse_description

    162 days ago

  • Plugin

    Unlimited Elements For Elementor

    <=

    1.5.121

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    164 days ago

    Type

    Plugin

    7.1

    Affected Software

    Unlimited Elements For Elementor

    Latest Version

    <=

    1.5.121

    Description

    pulse_description

    164 days ago

  • Plugin

    Starter Templates

    <=

    4.4.0

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    5.9

    164 days ago

    Type

    Plugin

    5.9

    Affected Software

    Starter Templates

    Latest Version

    <=

    4.4.0

    Description

    pulse_description

    164 days ago

  • Plugin

    OAuth Single Sign On – SSO (OAuth Client)

    <=

    38.4.9

    Cross Site Request Forgery (CSRF) – This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication.

    4.3

    164 days ago

    Type

    Plugin

    4.3

    Affected Software

    OAuth Single Sign On – SSO (OAuth Client)

    Latest Version

    <=

    38.4.9

    Description

    pulse_description

    164 days ago

  • Plugin

    Simple Membership After Login Redirection

    <=

    1.6

    Open Redirection – This could allow a malicious actor to redirect users from one site to the other due to the redirect URL not being validated. Users could be tricked to visiting a legitimate site to then be redirected to a malicious site and cause a phishing incident.

    4.7

    164 days ago

    Type

    Plugin

    4.7

    Affected Software

    Simple Membership After Login Redirection

    Latest Version

    <=

    1.6

    Description

    pulse_description

    164 days ago

  • Plugin

    LiteSpeed Cache

    <=

    6.5.0.2

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    164 days ago

    Type

    Plugin

    7.1

    Affected Software

    LiteSpeed Cache

    Latest Version

    <=

    6.5.0.2

    Description

    pulse_description

    164 days ago

  • Plugin

    Broken Link Checker

    <=

    2.4.0

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    164 days ago

    Type

    Plugin

    7.1

    Affected Software

    Broken Link Checker

    Latest Version

    <=

    2.4.0

    Description

    pulse_description

    164 days ago

  • Plugin

    GiveWP

    <=

    3.16.1

    This could allow a malicious actor to directly interact with your database, including but not limited to stealing information.

    7.6

    168 days ago

    Type

    Plugin

    7.6

    Affected Software

    GiveWP

    Latest Version

    <=

    3.16.1

    Description

    pulse_description

    168 days ago

  • Plugin

    Essential Addons for Elementor

    <=

    5.4.8

    This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    168 days ago

    Type

    Plugin

    7.1

    Affected Software

    Essential Addons for Elementor

    Latest Version

    <=

    5.4.8

    Description

    pulse_description

    168 days ago

  • Plugin

    BeaverBuilder Page Builder (All Versions)

    <=

    2.8.3.6

    BeaverBuilder Page Builder (All Versions) -This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    6.5

    168 days ago

    Type

    Plugin

    6.5

    Affected Software

    BeaverBuilder Page Builder (All Versions)

    Latest Version

    <=

    2.8.3.6

    Description

    pulse_description

    168 days ago

  • Plugin

    ElementsKit Lite

    <=

    3.2.7

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    6.5

    170 days ago

    Type

    Plugin

    6.5

    Affected Software

    ElementsKit Lite

    Latest Version

    <=

    3.2.7

    Description

    pulse_description

    170 days ago

  • Plugin

    myCred

    <=

    2.7.3

    Broken Access Control – A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action.

    5.3

    170 days ago

    Type

    Plugin

    5.3

    Affected Software

    myCred

    Latest Version

    <=

    2.7.3

    Description

    pulse_description

    170 days ago

  • Plugin

    Ninja Forms

    <=

    3.8.15

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    170 days ago

    Type

    Plugin

    7.1

    Affected Software

    Ninja Forms

    Latest Version

    <=

    3.8.15

    Description

    pulse_description

    170 days ago

  • Plugin

    Simple Calendar

    <=

    3.4.2

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    7.1

    171 days ago

    Type

    Plugin

    7.1

    Affected Software

    Simple Calendar

    Latest Version

    <=

    3.4.2

    Description

    pulse_description

    171 days ago

  • Plugin

    W3 Total Cache

    <=

    2.7.5

    Sensitive Data Exposure – This could allow a malicious actor to view sensitive information that is normally not available to regular users. This can be used to exploit other weaknesses in the system.

    3.7

    171 days ago

    Type

    Plugin

    3.7

    Affected Software

    W3 Total Cache

    Latest Version

    <=

    2.7.5

    Description

    pulse_description

    171 days ago

  • Plugin

    Photo Gallery

    <=

    1.8.27

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    5.9

    172 days ago

    Type

    Plugin

    5.9

    Affected Software

    Photo Gallery

    Latest Version

    <=

    1.8.27

    Description

    pulse_description

    172 days ago

  • Plugin

    Quiz And Survey Master

    <=

    9.1.2

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    6.5

    172 days ago

    Type

    Plugin

    6.5

    Affected Software

    Quiz And Survey Master

    Latest Version

    <=

    9.1.2

    Description

    pulse_description

    172 days ago

  • Plugin

    MC4WP

    <=

    4.9.16

    Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

    5.9

    172 days ago

    Type

    Plugin

    5.9

    Affected Software

    MC4WP

    Latest Version

    <=

    4.9.16

    Description

    pulse_description

    172 days ago

  • Plugin

    NitroPack

    <=

    1.16.7

    Broken Access Control – A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action.

    4.8

    179 days ago

    Type

    Plugin

    4.8

    Affected Software

    NitroPack

    Latest Version

    <=

    1.16.7

    Description

    pulse_description

    179 days ago

Protect Your Website

Explore our comprehensive WordPress support plans designed to proactively patch vulnerabilities and safeguard your online presence.

See Our Plans