| CVE-2024-2086 | Integrate Google Drive <= 1.3.8 - Missing Authorization to Unauthenticated Settings Modification and Export | princeahmed | File Manager for Google Drive – Integrate Google Drive | Critical | 10.0 | 2024-03-30 04:31:09 | Deep Dive |
| CVE-2024-30444 | WordPress WordPress Page Builder – Zion Builder plugin <= 3.6.9 - Cross Site Scripting (XSS) vulnerability | zionbuilder.io | WordPress Page Builder – Zion Builder | Medium | 5.9 | 2024-03-29 16:59:08 | Deep Dive |
| CVE-2024-30492 | WordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerability | WebToffee | Import Export WordPress Users | Medium | 4.3 | 2024-03-29 15:35:25 | Deep Dive |
| CVE-2024-30478 | WordPress Announcement & Notification Banner – Bulletin plugin <= 3.8.5 - SQL Injection vulnerability | Bulletin | WordPress Announcement & Notification Banner Plugin – Bulletin | High | 7.6 | 2024-03-29 13:38:08 | Deep Dive |
| CVE-2024-30457 | WordPress MDTF plugin <= 1.3.3.1 - Cross Site Request Forgery (CSRF) vulnerability | realmag777 | WordPress Meta Data and Taxonomies Filter (MDTF) | Medium | 4.3 | 2024-03-29 13:06:21 | Deep Dive |
| CVE-2024-2409 | MasterStudy LMS <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action | stylemix | MasterStudy LMS WordPress Plugin – for Online Courses and Education | Critical | 9.8 | 2024-03-29 08:31:30 | Deep Dive |
| CVE-2024-2411 | MasterStudy LMS <= 3.3.0 - Unauthenticated Local File Inclusion via modal | stylemix | MasterStudy LMS WordPress Plugin – for Online Courses and Education | Critical | 9.8 | 2024-03-29 08:31:30 | Deep Dive |
| CVE-2024-2108 | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Authenticated (Author+) Stored Cross-Site Scripting | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.6 | 2024-03-29 06:44:01 | Deep Dive |
| CVE-2024-2113 | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission Export | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.3 | 2024-03-29 06:43:58 | Deep Dive |
| CVE-2023-34370 | Server Side Request Forgery (SSRF) vulnerability in Starter Templates plugins | Brainstorm Force | Starter Templates — Elementor, WordPress & Beaver Builder Templates | High | 7.1 | 2024-03-28 06:07:32 | Deep Dive |
| CVE-2024-30243 | WordPress Tooltips plugin < 9.4.5 - Auth. SQL Injection vulnerability | Tomas | WordPress Tooltips | High | 8.5 | 2024-03-28 04:33:22 | Deep Dive |
| CVE-2022-45847 | WordPress Countdown Widget plugin <= 3.1.9.1 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) | WPAssist.me | WordPress Countdown Widget | Medium | 6.1 | 2024-03-27 13:48:23 | Deep Dive |
| CVE-2024-29763 | WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability | realmag777 | WordPress Meta Data and Taxonomies Filter (MDTF) | High | 7.1 | 2024-03-27 13:11:31 | Deep Dive |
| CVE-2024-29765 | WordPress Aparat for WordPress plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability | Alireza Sedghi | Aparat for WordPress | Medium | 6.5 | 2024-03-27 13:08:41 | Deep Dive |
| CVE-2024-29777 | WordPress Forminator plugin <= 1.29.0 - Reflected Cross Site Scripting (XSS) vulnerability | WPMU DEV - Your All-in-One WordPress Platform | Forminator | High | 7.1 | 2024-03-27 13:00:52 | Deep Dive |
| CVE-2024-29771 | WordPress Dracula Dark Mode plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability | SoftLab | Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress | Medium | 6.5 | 2024-03-27 12:58:26 | Deep Dive |
| CVE-2024-29804 | WordPress Fancy Comments WordPress plugin <= 1.2.14 - Cross Site Scripting (XSS) vulnerability | Team Heateor | Fancy Comments WordPress | Medium | 6.5 | 2024-03-27 12:16:30 | Deep Dive |
| CVE-2024-29932 | WordPress WordPress Meta Data and Taxonomies Filter (MDTF) plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability | realmag777 | WordPress Meta Data and Taxonomies Filter (MDTF) | Medium | 6.5 | 2024-03-27 10:11:41 | Deep Dive |
| CVE-2024-2962 | Networker - Tech News WordPress Theme with Dark Mode <= 1.1.9 - Missing Authorization | codesupplyco | Networker - Tech News WordPress Theme with Dark Mode | Medium | 5.3 | 2024-03-27 08:31:14 | Deep Dive |
| CVE-2024-29906 | WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability | realmag777 | WordPress Meta Data and Taxonomies Filter (MDTF) | Medium | 5.9 | 2024-03-27 06:53:23 | Deep Dive |