{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-13362", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-01-13T18:08:47.439Z", "datePublished": "2026-05-01T05:29:54.148Z", "dateUpdated": "2026-05-01T05:29:54.148Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-05-01T05:29:54.148Z"}, "affected": [{"vendor": "sebet", "product": "Go Fetch Jobs (for WP Job Manager)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.4.8.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "5starplugins", "product": "Dynamic Copyright Year", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "peterschulznl", "product": "Code Manager", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.40", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bplugins", "product": "Advanced Scrollbar \u2013 Custom Scrollbar Styling and Behavior", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "yuvalo", "product": "Goal Tracker \u2013 Custom Event Tracking for GA4", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "essekia", "product": "Tablesome Table \u2013 Contact Form DB \u2013 WPForms, CF7, Gravity, Forminator, Fluent", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.13", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "josevega", "product": "WP Page Templates", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.16", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "hkdigitalagency", "product": "Payment Gateway for ACBA BANK", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "princeahmed", "product": "Dracula Dark Mode \u2013 Accessibility, Reading Mode & Dark Mode for WordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "spiderdevs", "product": "Forumax \u2013 AI Powered Advanced Community Forum Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "seezee", "product": "Five-Star Ratings Shortcode", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.56", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "oxilab", "product": "Product Layouts for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.3.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mr2p", "product": "Meta Field Block \u2013 Display custom fields in the Block Editor without coding", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.3.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "themelocation", "product": "Custom WooCommerce Checkout Fields Editor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.3.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "100plugins", "product": "Open User Map", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpdever", "product": "WP Notification Bell", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "themelocation", "product": "Remove Add to Cart WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "princeahmed", "product": "File Manager for Google Drive \u2013 Integrate Google Drive", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.4.9", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "5starplugins", "product": "Marijuana Age Verify", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "infosatech", "product": "RevivePress \u2013 Keep your Old Content Evergreen", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "nicheaddons", "product": "Restaurant & Cafe Addon for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "paretodigital", "product": "Send Users Email \u2013 Email Subscribers, Email Marketing Newsletter", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.10", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "unitecms", "product": "Unlimited Elements For Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.140", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "meowcrew", "product": "Role Based Pricing for Woo by Meow Crew", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "nicheaddons", "product": "Primary Addon for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "5starplugins", "product": "Featured Images in RSS for Mailchimp & More", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpsaad", "product": "Image Alt Text Manager \u2013 Bulk & Dynamic Alt Tags For image SEO Optimization + AI", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "kofimokome", "product": "Message Filter for Contact Form 7", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.3.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "paretodigital", "product": "Embedder for Google Reviews", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "interactivegeomaps", "product": "MapGeo \u2013 Interactive Geo Maps", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.6.22", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpbits", "product": "WPBITS Addons For Elementor Page Builder", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "toddhalfpenny", "product": "Widgets on Pages", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "rebelcode", "product": "Spotlight Social Feeds \u2013 Block, Shortcode, and Widget", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tobias_conrad", "product": "WOW Styler for CF7 \u2013 Visual Styler for Contact Form 7 Forms", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "webfactory", "product": "AI Bud \u2013 AI Content Generator, AI Chatbot, ChatGPT, Gemini, GPT-4o", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "hasanazizul", "product": "Text To Speech TTS Accessibility", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.7.34", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "5starplugins", "product": "Easy Age Verify", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "senols", "product": "AI Puffer \u2013 Chat. Create. Automate. (formerly AI Power)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.99", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "damian-gora", "product": "Justified Gallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mapster", "product": "Mapster WP Maps", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "streamweasels", "product": "StreamWeasels Twitch Integration", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "xplodedthemes", "product": "XT Variation Swatches for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bplugins", "product": "bBlocks \u2013 Essential Gutenberg Blocks & Patterns Collection", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "kaizencoders", "product": "URL Shortify \u2013 Simple and Easy URL Shortener", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.10.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "uriahs-victor", "product": "Kikote \u2013 Location Picker at Checkout & Google Address AutoFill Plugin for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.10.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberhobo", "product": "Geo Mashup", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.13.15", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "josevega", "product": "Disable Payment Methods based on cart conditions for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.16.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "pagup", "product": "Automatic Internal Links for SEO by Pagup", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "enweby", "product": "Full Screen Background", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "litonice13", "product": "Master Addons For Elementor \u2013 Widgets, Extensions, Theme Builder, Popup Builder & Template Kits", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.7.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "princeahmed", "product": "Radio Player \u2013 Live Shoutcast, Icecast and Any Audio Stream Player", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.0.82", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "spicethemes", "product": "Carousel, Recent Post Slider and Banner Slider", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "pagup", "product": "Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "xplodedthemes", "product": "XT Quick View for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "pluginscafe", "product": "Smart phone field for Gravity Forms", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "fooplugins", "product": "Notification Bar, Announcement and Cookie Notice WordPress Plugin \u2013 FooBar", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.34", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bplugins", "product": "PDF Poster \u2013 Display PDF Files with Custom Viewer", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "nicheaddons", "product": "Events Addon for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bplugins", "product": "HTML5 Audio Player \u2013 The Ultimate No-Code Podcast, MP3 & Audio Player", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.27", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mte90", "product": "Glossary", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.38", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tickera", "product": "Restrict \u2013 membership, site, content and user access restrictions for WordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyclonecode", "product": "Custom PHP Settings", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "prasadkirpekar", "product": "WP Meta and Date Remover", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "fullworks", "product": "Anti-Spam Protection \u2013 No API Key, GDPR Friendly", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "premmerce", "product": "Premmerce Permalink Manager for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.3.11", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "smartwpress", "product": "Music Player for Elementor \u2013 Audio Player & Podcast Player", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mhmrajib", "product": "TopNewsWp \u2013 Display Tikcer News, RSS Feed Widget and Many More", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "oceanwp", "product": "Ocean Extra", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "fooplugins", "product": "Gallery by FooGallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.27", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "plugins360", "product": "Automatic YouTube Gallery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.5.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "spiderdevs", "product": "EazyDocs \u2013 AI Powered Knowledge Base, Wiki, Documentation & FAQ Builder", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.5.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "samdani", "product": "Team Members \u2013 A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tonyzeoli", "product": "Radio Station by netmix\u00ae \u2013 Manage and play your Show Schedule in WordPress!", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.5.9", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "kaira", "product": "StoreCustomizer \u2013 A plugin to Customize all WooCommerce Pages", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.5.9", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpjoli", "product": "Joli Table Of Contents", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.6.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "passionatebrains", "product": "GA4WP \u2013 Analytics Dashboard for the Website", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.6.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "nitin247", "product": "Place Order Without Payment for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.6.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wordplus", "product": "Better Messages \u2013 Live Chat, Chat Rooms, Real-Time Messaging & Private Messages", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.6.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mihail-barinov", "product": "Share This Image", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.07", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "inavii", "product": "Inavii Social Feed", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "fooplugins", "product": "Lightbox & Modal Popup WordPress Plugin \u2013 FooBox", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.7.33", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "xplodedthemes", "product": "XT Floating Cart for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.8.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "takanakui", "product": "WP Mobile Menu \u2013 The Mobile-Friendly Responsive Menu", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.8.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "passionatebrains", "product": "AEH Speed Optimization: Browser Cache, Optimized Minify, Lazy Loading & Image Optimization", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.9.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bensibley", "product": "Independent Analytics", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.9.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "codesavory", "product": "Knowledge Base documentation & wiki plugin \u2013 BasePress Docs", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.16.3.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "davidanderson", "product": "Internal Link Juicer: SEO Auto Linker for WordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.24.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "josevega", "product": "Bulk Edit Posts and Products in Spreadsheet", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.25.16", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "saadiqbal", "product": "Post SMTP \u2013 Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tobiasbg", "product": "TablePress \u2013 Tables in WordPress made easy", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "bouncingsprout", "product": "Ultimeter", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.0.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "blackandwhitedigital", "product": "TreePress \u2013 Easy Family Trees & Ancestor Profiles", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.0.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mattpramschufer", "product": "Pay For Post with WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.1.26", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "koen12344", "product": "Post to Google My Business (Google Business Profile)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.1.28", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "imtiazrayhan", "product": "WP Coupons and Deals \u2013 Coupon Plugin For Affiliate Marketers", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "pluginsware", "product": "Advanced Classifieds & Directory Pro", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "gallerycreator", "product": "Mixed Media Gallery Blocks", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.4.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "blockspare", "product": "BlockSpare \u2014 News, Magazine and Blog Addons for (Gutenberg) Block Editor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mhmrajib", "product": "AidWP \u2013 Donation & Payment Forms (Stripe Powered)", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "infornweb", "product": "Logo Showcase \u2013 Responsive Logo Carousel, Logo Slider & Logo Grid", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "pluginandplay", "product": "Post Slider and Post Carousel with Post Vertical Scrolling Widget \u2013 A Responsive Post Slider", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "samdani", "product": "Solid Testimonials \u2013 Testimonial Slider, Video Testimonials & Customer Reviews", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpspeedo", "product": "Team Members Showcase", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.3.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "elespare", "product": "EleSpare \u2013 News, Magazine and Blog Addons for Elementor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.3.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "infornweb", "product": "Post List Designer \u2013 Category Post, Recent Post, Post List", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.3.7", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "infornweb", "product": "Blog Designer Pack \u2013 Blog, Post Grid, Post Slider, Post Carousel, Category Post, News", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.4.9", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "dashlabsltd", "product": "YASR \u2013 Yet Another Star Rating Plugin for WordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.4.12", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "xplodedthemes", "product": "WPIDE \u2013 File Manager & Code Editor", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.5.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "premmerce", "product": "Premmerce Product Filter for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.7.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "afthemes", "product": "WP Post Author \u2013 Author Box, Multiple Authors, Guest Authors & Custom Avatars", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.8.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "wpmagics", "product": "Delete Posts automatically", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.9.6", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "takanakui", "product": "Menu Image, Icons made easy", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.12", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "passionatebrains", "product": "AWCA \u2013 The Great Analytics Insights for Your eStore", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.12.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mikewire_rocksolid", "product": "Announcement & Notification Banner \u2013 Bulletin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.12.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "nitin247", "product": "Thank You Page for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.2.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "webheadllc", "product": "Contact Form 7 Multi-Step Forms", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.4.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "speedify", "product": "Auto-Install Free SSL \u2013 Generate & Install Free SSL Certificates", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.5.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mhmrajib", "product": "WP Books Gallery \u2013 Build Stunning Book Showcases & Libraries in Minutes", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.6.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "webba-agency", "product": "Easy Appointment Booking & Scheduling System \u2013 Webba Booking Calendar", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.0.57", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "invisnet", "product": "WP fail2ban \u2013 Advanced Security", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.3.4", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "vinod-dalvi", "product": "Ivory Search \u2013 WordPress Search Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "peterschulznl", "product": "WP Data Access \u2013 App Builder for Tables, Forms, Charts, Maps & Dashboards", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.5.31", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "elliotvs", "product": "Coupon Affiliates \u2013 Affiliate Plugin for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.17.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cleverplugins", "product": "Security Ninja \u2013 WordPress Security & Firewall", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.222", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "theafricanboss", "product": "Checkout with Cash App on WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "fullworks", "product": "Display Eventbrite Events", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.1.10", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "mohsinoffline", "product": "Secure Gateway for Authorize.net and WooCommerce by Pledged Plugins", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.1.13", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "sjaved", "product": "Easy Social Feed \u2013 Social Photos Gallery and Post Feed for WordPress", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.6.5", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "gn_themes", "product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.3.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "gowebsmarty", "product": "WP Encryption \u2013 One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "tripetto", "product": "WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "8.0.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."}], "title": "Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/tablepress/trunk/libraries/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/widgets-on-pages/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/menu-image/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/simply-gallery-block/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/foobox-image-lightbox/tags/2.7.33/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/featured-images-for-rss-feeds/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/wpide/tags/3.5.0/dist/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/master-addons/trunk/lib/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.27/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/ocean-extra/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/internal-links/trunk/vendor/freemius/wordpress-sdk/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/interactive-geo-maps/tags/1.6.21/vendor/freemius/wordpress-sdk/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/independent-analytics/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/spotlight-social-photo-feeds/trunk/ui/freemius-pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/woo-permalink-manager/tags/2.3.11/assets/admin/js/pricing-page/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/pdf-poster/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-meta-and-date-remover/tags/2.3.4/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/unlimited-elements-for-elementor/trunk/provider/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"url": "https://plugins.trac.wordpress.org/changeset/3235286/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3249130/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3229060/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Asaf Mozes"}], "timeline": [{"time": "2026-04-30T17:32:32.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-04-30T17:17:30.000Z", "lang": "en", "value": "Disclosed"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."}], "id": "CVE-2024-13362", "lastModified": "2026-05-01T06:16:30.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2026-05-01T06:16:30.050", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/add-search-to-menu/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/featured-images-for-rss-feeds/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/foobox-image-lightbox/tags/2.7.33/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/foogallery/tags/2.4.27/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/independent-analytics/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/interactive-geo-maps/tags/1.6.21/vendor/freemius/wordpress-sdk/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/internal-links/trunk/vendor/freemius/wordpress-sdk/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/master-addons/trunk/lib/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/menu-image/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ocean-extra/trunk/includes/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/pdf-poster/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/simply-gallery-block/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/spotlight-social-photo-feeds/trunk/ui/freemius-pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/tablepress/trunk/libraries/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/unlimited-elements-for-elementor/trunk/provider/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/widgets-on-pages/trunk/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/woo-permalink-manager/tags/2.3.11/assets/admin/js/pricing-page/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-meta-and-date-remover/tags/2.3.4/freemius/assets/js/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wpide/tags/3.5.0/dist/pricing/freemius-pricing.js"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3229060/"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3235286/"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3249130/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{}