| CVE-2023-50885 | WordPress Store Locator WordPress Plugin <= 1.4.14 is vulnerable to Arbitrary File Deletion | AGILELOGIX | Store Locator WordPress | Medium | 6.8 | 2024-04-18 11:00:34 | Deep Dive |
| CVE-2024-2833 | Jobs for WordPress <= 2.7.5 - Reflected Cross-Site Scripting via job-search | blueglassch | Job Postings | Medium | 6.1 | 2024-04-18 09:33:18 | Deep Dive |
| CVE-2024-32585 | WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability | extendWP | Import Content in WordPress & WooCommerce with Excel | Medium | 5.9 | 2024-04-18 09:12:49 | Deep Dive |
| CVE-2024-32597 | WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability | Xylus Themes | WordPress Importer | Medium | 5.9 | 2024-04-18 08:27:38 | Deep Dive |
| CVE-2024-32549 | WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability | Microkid | Related Posts for WordPress | High | 7.1 | 2024-04-17 08:07:19 | Deep Dive |
| CVE-2024-32517 | WordPress Custom Thank You Page Customize For WooCommerce by Binary Carpenter plugin <= 1.4.12 - Broken Access Control vulnerability | WooCommerce & WordPress Tutorials | Custom Thank You Page Customize For WooCommerce by Binary Carpenter | Medium | 4.3 | 2024-04-17 07:38:38 | Deep Dive |
| CVE-2024-2309 | WP Staging < 3.4.0, 5.4.0 (Pro Version) - Admin+ Stored XSS | Unknown | WP STAGING WordPress Backup Plugin | - | - | 2024-04-17 05:00:03 | Deep Dive |
| CVE-2024-0868 | coreActivity < 2.1 - Unauthenticated IP Spoofing | Unknown | coreActivity: Activity Logging plugin for WordPress | - | - | 2024-04-17 05:00:02 | Deep Dive |
| CVE-2024-31922 | WordPress Hosting Benchmark tool plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) vulnerability | Anton Aleksandrov | WordPress Hosting Benchmark tool | Medium | 4.3 | 2024-04-15 09:25:57 | Deep Dive |
| CVE-2024-32097 | WordPress GEO my WordPress plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability | Eyal Fitoussi | GEO my WordPress | Medium | 5.4 | 2024-04-15 08:55:05 | Deep Dive |
| CVE-2024-32149 | WordPress Jobs for WordPress plugin <= 2.7.5 - Cross Site Scripting (XSS) vulnerability | BlueGlass | Jobs for WordPress | High | 7.1 | 2024-04-15 06:31:03 | Deep Dive |
| CVE-2024-31235 | WordPress Comments Import & Export plugin <= 2.3.5 - Cross Site Request Forgery (CSRF) vulnerability | WebToffee | WordPress Comments Import & Export | Medium | 4.3 | 2024-04-12 13:01:54 | Deep Dive |
| CVE-2024-31285 | WordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) vulnerability | Tooltip | WordPress Tooltips | High | 7.1 | 2024-04-11 12:10:38 | Deep Dive |
| CVE-2024-3285 | Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2024-04-11 07:31:36 | Deep Dive |
| CVE-2023-6811 | Language Translate Widget for WordPress – ConveyThis <= 223 - Unauthenticated Stored Cross-Site Scripting via api_key | conveythis | Translate WordPress Websites Globally with ConveyThis Translate | High | 7.2 | 2024-04-11 01:51:37 | Deep Dive |
| CVE-2024-31939 | WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability | Soflyy | Import any XML or CSV File to WordPress | Medium | 4.3 | 2024-04-10 19:17:54 | Deep Dive |
| CVE-2024-31430 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins | realmag777 | WOLF – WordPress Posts Bulk Editor and Manager Professional | Medium | 4.3 | 2024-04-10 19:10:02 | Deep Dive |
| CVE-2024-31342 | WordPress Gallery Exporter plugin <= 1.3 - Arbitrary File Download vulnerability | WPcloudgallery | WordPress Gallery Exporter | Medium | 6.5 | 2024-04-10 16:14:56 | Deep Dive |
| CVE-2024-31247 | WordPress FG Drupal to WordPress plugin <= 3.70.3 - Sensitive Data Exposure via Log File vulnerability | Frédéric GILLES | FG Drupal to WordPress | Medium | 5.3 | 2024-04-10 15:50:59 | Deep Dive |
| CVE-2024-31254 | WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability | WebToffee | WordPress Backup & Migration | Low | 3.7 | 2024-04-10 15:45:12 | Deep Dive |