Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
Every day our team monitors threats that put your website at risk. We proactively patch vulnerabilities to protect your users, data, and your reputation.
30 vulnerabilities patched in the last 30 days
Page last updated:
Type
Affected Software
Latest Version
Description
Severity
Date
Plugin
<=
3.19.4
Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
5.9
116 days ago
Type
Plugin
5.9
Affected Software
WP Rocket
Latest Version
<=
3.19.4
Description
pulse_description
116 days ago
Plugin
<=
26.8
Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
6.5
116 days ago
Type
Plugin
6.5
Affected Software
Yoast SEO
Latest Version
<=
26.8
Description
pulse_description
116 days ago
Plugin
<=
5.0.11
Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
7.1
116 days ago
Type
Plugin
7.1
Affected Software
WordPress WP RSS Aggregator
Latest Version
<=
5.0.11
Description
pulse_description
116 days ago
Plugin
<=
6.15.17
Arbitrary File Download – This could allow a malicious actor to download any file from your website. This includes but is not limited to files that contain login credentials or backup files.
7.5
116 days ago
Type
Plugin
7.5
Affected Software
The Events Calendar
Latest Version
<=
6.15.17
Description
pulse_description
116 days ago
Plugin
<=
7.1.0-9.0.2
Insecure Direct Object References (IDOR) – An insecure direct object reference vulnerability could allow a malicious actor to bypass authorization, authentication, access sensitive files/folders or interact with the database.
8.8
116 days ago
Type
Plugin
8.8
Affected Software
ExactMetrics
Latest Version
<=
7.1.0-9.0.2
Description
pulse_description
116 days ago
Plugin
<=
2.8.6
SQL Injection – This could allow a malicious actor to directly interact with your database, including but not limited to stealing information.
9.3
116 days ago
Type
Plugin
9.3
Affected Software
My Sticky Bar
Latest Version
<=
2.8.6
Description
pulse_description
116 days ago
Plugin
<=
2.9.29
Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
6.5
116 days ago
Type
Plugin
6.5
Affected Software
Gravity Forms
Latest Version
<=
2.9.29
Description
pulse_description
116 days ago
Plugin
<=
3.33
Broken Access Control – A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action.
4.3
120 days ago
Type
Plugin
4.3
Affected Software
Media Library Assistant
Latest Version
<=
3.33
Description
pulse_description
120 days ago
Plugin
<=
4.0.0
Cross Site Scripting (XSS) – This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
7.1
123 days ago
Type
Plugin
7.1
Affected Software
WP All Import
Latest Version
<=
4.0.0
Description
pulse_description
123 days ago
Plugin
<=
6.3
SQL Injection – This could allow a malicious actor to directly interact with your database, including but not limited to stealing information.
8.5
124 days ago
Type
Plugin
8.5
Affected Software
Page and Post Clone
Latest Version
<=
6.3
Description
pulse_description
124 days ago
Plugin
<=
4.1.7
Broken Access Control – A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action.
5.4
125 days ago
Type
Plugin
5.4
Affected Software
Enable Media Replace
Latest Version
<=
4.1.7
Description
pulse_description
125 days ago
Plugin
<=
2.33.5
Local File Inclusion – This could allow a malicious actor to include local files of the target website and show its output onto the screen. Files which store credentials, such as database credentials, could potentially allow complete database takeover depending on the configuration.
8.8
126 days ago
Type
Plugin
8.8
Affected Software
Page Builder by SiteOrigin
Latest Version
<=
2.33.5
Description
pulse_description
126 days ago
Plugin
<=
7.0.0.3
Arbitrary File Upload – This could allow a malicious actor to upload any type of file to your website. This can include backdoors which are then executed to gain further access to your website.
7.2
126 days ago
Type
Plugin
7.2
Affected Software
Uncanny Automator
Latest Version
<=
7.0.0.3
Description
pulse_description
126 days ago
Plugin
<=
1.15.0
PHP Object Injection – This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more if a proper POP chain is present.
9.8
127 days ago
Type
Plugin
9.8
Affected Software
WP Mail Logging
Latest Version
<=
1.15.0
Description
pulse_description
127 days ago
Plugin
<=
2.3.1
6.5
127 days ago
Type
Plugin
6.5
Affected Software
Latest Version
<=
2.3.1
Description
pulse_description
127 days ago
Plugin
<=
6.15.16
5.4
131 days ago
Type
Plugin
5.4
Affected Software
Latest Version
<=
6.15.16
Description
pulse_description
131 days ago
Plugin
<=
3.0.8
4.3
132 days ago
Type
Plugin
4.3
Affected Software
Latest Version
<=
3.0.8
Description
pulse_description
132 days ago
Plugin
<=
3.7.9
6.5
133 days ago
Type
Plugin
6.5
Affected Software
Latest Version
<=
3.7.9
Description
pulse_description
133 days ago
Plugin
<=
3.7.22
5.4
134 days ago
Type
Plugin
5.4
Affected Software
Latest Version
<=
3.7.22
Description
pulse_description
134 days ago
Plugin
<=
4.0.2
5.3
137 days ago
Type
Plugin
5.3
Affected Software
Latest Version
<=
4.0.2
Description
pulse_description
137 days ago
Explore our comprehensive WordPress support plans designed to proactively patch vulnerabilities and safeguard your online presence.