CVE ID | CVSS | Researchers | Package Name | Version | Title | Severity | Published Date |
---|---|---|---|---|---|---|---|
No CVE | 7.2 | Unknown | Gravity Forms | * - 2.9.1.3 | GravityForms <= 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'alt' parameter | High | 2025-01-16 00:00:00 |
No CVE | 5.3 | Unknown | Multi Step Form | * - 1.7.23 | Multi Step Form <= 1.7.23 - Missing Authorization to Unauthenticated Limited File Upload | Medium | 2025-01-15 21:22:03 |
No CVE | 7.5 | Unknown | Passwords Manager | * - 1.4.8 | Passwords Manager <= 1.4.8 - Unauthenticated SQL Injection | High | 2025-01-15 21:19:19 |
No CVE | 4.3 | Unknown | WP User Profile Avatar | * - 1.0.5 | WP User Profile Avatar <= 1.0.5 - Cross-Site Request Forgery to Settings Update | Medium | 2025-01-15 15:23:04 |
No CVE | 5.4 | Unknown | Motors – Car Dealer, Classifieds & Listing | * - 1.4.43 | Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title | Medium | 2025-01-15 11:56:38 |
No CVE | 6.1 | Unknown | UpdraftPlus: WP Backup & Migration Plugin | * - 1.24.12 | UpdraftPlus - Backup/Restore <= 1.24.12 - Reflected Cross-Site Scripting | Medium | 2025-01-15 09:43:13 |
No CVE | 6.4 | Unknown | Chamber Dashboard Business Directory | * - 3.3.8 | Chamber Dashboard Business Directory <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | Medium | 2025-01-15 00:00:00 |
No CVE | 6.4 | Unknown | WP Responsive Tabs | * - 1.2.9 | WP Responsive Tabs <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | Medium | 2025-01-15 00:00:00 |
No CVE | 6.1 | Unknown | DWT - Directory & Listing WordPress Theme | * - 3.3.3 | DWT - Directory & Listing WordPress Theme <= 3.3.3 - Reflected Cross-Site Scripting | Medium | 2025-01-15 00:00:00 |
No CVE | 5.4 | Unknown | Admin and Customer Messages After Order for WooCommerce: OrderConvo | * - 13.2 | Admin and Customer Messages After Order for WooCommerce <= 13.2 - Authenticated (Subscriber+) Limited File Upload to Cross-Site Scripting | Medium | 2025-01-15 00:00:00 |
No CVE | 7.5 | Unknown | Passwords Manager | * - 1.4.8 | Passwords Manager <= 1.4.8 - Missing Authorization to Authenticated (Subscriber+) Add Password + Update Encryption Key | High | 2025-01-15 00:00:00 |
No CVE | 6.5 | Unknown | Passwords Manager | * - 1.4.8 | Passwords Manager <= 1.4.8 - Authenticated (Subscriber+) SQL Injection | Medium | 2025-01-15 00:00:00 |
No CVE | 6.4 | Unknown | PDF for WPForms + Drag and Drop Template Builder | * - 4.6.0 | PDF for WPForms + Drag and Drop Template Builder <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yeepdf_dotab Shortcode | Medium | 2025-01-14 21:51:16 |
No CVE | 9.8 | Unknown | Post Grid and Gutenberg Blocks – ComboBlocks | 2.2.85 - 2.3.3 | Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation | Critical | 2025-01-14 21:19:54 |
No CVE | 7.2 | Unknown | Social proof testimonials and reviews by Repuso | * - 5.20 | Social proof testimonials and reviews by Repuso <= 5.20 - Authenticated (Contributor+) Stored Cross-Site Scripting | High | 2025-01-14 21:08:00 |
No CVE | 4.3 | Unknown | Piotnet Addons For Elementor | * - 2.4.32 | Piotnet Addons For Elementor <= 2.4.32 - Authenticated (Contributor+) Post Disclosure | Medium | 2025-01-14 21:05:55 |
No CVE | 6.4 | Unknown | Event Registration Calendar By vcita | * - 1.4.0 | Event Registration Calendar By vcita <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | Medium | 2025-01-14 19:01:08 |
No CVE | 6.4 | Unknown | ViewMedica 9 | * - 1.4.15 | ViewMedica 9 <= 1.4.15 - Authenticated (Contributor+) Stored Cross-Site Scripting | Medium | 2025-01-14 16:50:48 |
No CVE | 6.1 | Unknown | Car Demon | * - 1.8.1 | Car Demon <= 1.8.1 - Reflected Cross-Site Scripting | Medium | 2025-01-14 15:11:00 |
No CVE | 6.1 | Unknown | Awesome Responsive Photo Gallery – Image & Video Lightbox Gallery | * - 1.0.5 | Image Gallery – Responsive Photo Gallery <= 1.0.5 - Reflected Cross-Site Scripting | Medium | 2025-01-14 00:00:00 |
No CVE | 6.1 | Unknown | Contact Form 7 Redirect & Thank You Page | * - 1.0.7 | Contact Form 7 Redirect & Thank You Page <= 1.0.7 - Reflected Cross-Site Scripting | Medium | 2025-01-14 00:00:00 |
No CVE | 6.4 | Unknown | WP Smart TV | * - 2.1.8 | WP Smart TV <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | Medium | 2025-01-14 00:00:00 |
No CVE | 4.3 | Unknown | Elementor Addon Elements | * - 1.13.10 | Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup | Medium | 2025-01-14 00:00:00 |
No CVE | 4.3 | Unknown | NitroPack – Caching & Speed Optimization for Core Web Vitals, Defer CSS & JS, Lazy load Images and CDN | * - 1.17.0 | NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Transient Update | Medium | 2025-01-14 00:00:00 |
No CVE | 8.1 | Unknown | NitroPack – Caching & Speed Optimization for Core Web Vitals, Defer CSS & JS, Lazy load Images and CDN | * - 1.17.0 | NitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update | High | 2025-01-14 00:00:00 |
A plugin to fetch and display vulnerabilities from the Wordfence Intelligence Vulnerability Database API with advanced search, filtering, and pagination functionality.
== Description ==
The **Wordfence Intelligence API Plugin** allows you to integrate with the Wordfence Intelligence Vulnerability Database and display a list of vulnerabilities on your WordPress site. The plugin supports AJAX-based search, filtering, and pagination to enhance user experience.
**Key Features:**
– Fetch vulnerabilities from the Wordfence Intelligence API.
– Display vulnerabilities in a customizable table with sorting, filtering, and search.
– Responsive design for mobile and desktop users.
– AJAX-powered updates for seamless interaction without page reloads.
– Pagination with range limits and ellipses for a clean UI.
**Shortcode Example:**
Add the following shortcode to any page or post to display the vulnerabilities:
“`html
wfi_vulnerabilities
Contact us today to request a consultation and discover how our expert solutions can help your business thrive.