- WordPress Plugin Essential Addons for Elementor is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin Essential Addons for Elementor version 2.9.8 is vulnerable; prior versions may also be affected.
- Disable the plugin until a fix is available
- WordPress Plugin WatuPRO Multiple Vulnerabilities (188.8.131.52)
- WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
- WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Cross-Site Scripting Vulnerabilities (3.4.3)
- WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (184.108.40.206)
- WordPress Plugin VaultPress Cross-Site Scripting (1.7.7)