Watch Out Wednesday – October 30, 2024

Plugin: ID-SK Toolkit

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: ElementsKit Elementor addons

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget
Patched Version: 3.3.0
Recommended Action: Update to version 3.3.0, or a newer patched version

Plugin: Kata Plus – Addons for Elementor – Widgets, Extensions and Templates

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 1.5.0
Recommended Action: Update to version 1.5.0, or a newer patched version

Plugin: StreamWeasels Kick Integration

Vulnerability: Blocks and Shortcodes for Embedding Kick Streams <= 1.1.1
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version

Plugin: Contact Form 7 – Repeatable Fields

Vulnerability: Repeatable Fields <= 2.0.1
Patched Version: 2.0.2
Recommended Action: Update to version 2.0.2, or a newer patched version

Plugin: WP Awesome Login

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP Recipe Maker

Vulnerability: Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via ‘tooltip’
Patched Version: 9.7.0
Recommended Action: Update to version 9.7.0, or a newer patched version

Plugin: Extra Product Options Builder for WooCommerce

Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: 1.2.134
Recommended Action: Update to version 1.2.134, or a newer patched version

Plugin: Masteriyo LMS – eLearning and Online Course Builder for WordPress

Vulnerability: Authenticated (Student+) Missing Authorization to Privilege Escalation
Patched Version: 1.13.4
Recommended Action: Update to version 1.13.4, or a newer patched version

Plugin: App Builder – Create Native Android & iOS Apps On The Flight

Vulnerability: Privilege Escalation and Account Takeover via Weak OTP
Patched Version: 5.3.8
Recommended Action: Update to version 5.3.8, or a newer patched version

Plugin: WPC Smart Messages for WooCommerce

Vulnerability: Authenticated (Subscriber+) Local File Inclusion
Patched Version: 4.2.2
Recommended Action: Update to version 4.2.2, or a newer patched version

Plugin: File Upload Types by WPForms

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 1.5.0
Recommended Action: Update to version 1.5.0, or a newer patched version

Plugin: EventPrime – Events Calendar, Bookings and Tickets

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Transaction Log
Patched Version: 4.0.4.8
Recommended Action: Update to version 4.0.4.8, or a newer patched version

Plugin: WP show more

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via show_more Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Widget or Sidebar Shortcode

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Image Map Pro – Drag-and-drop Builder for Interactive Images

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 6.0.21
Recommended Action: Update to version 6.0.21, or a newer patched version

Plugin: League of Legends Shortcodes

Vulnerability: Authenticated (Contributor+) SQL Injection via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: T(-) Countdown

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Uix Shortcodes – Compatible with Gutenberg

Vulnerability: Unauthenticated Arbitrary Shortcode Execution
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: School Management System – WPSchoolPress

Vulnerability: Insecure Direct Object Reference to Authenticated (Teacher+) Account Takeover/Privilege Escalation
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: StreamWeasels YouTube Integration

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via sw-youtube-embed Shortcode
Patched Version: 1.3.3
Recommended Action: Update to version 1.3.3, or a newer patched version

Plugin: Code Explorer

Vulnerability: Authenticated (Admin+) External File Reading
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: BuddyPress

Vulnerability: Authenticated (Subscriber+) Directory Traversal
Patched Version: 14.2.1
Recommended Action: Update to version 14.2.1, or a newer patched version

Plugin: League of Legends Shortcodes

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Wux Blog Editor

Vulnerability: Authentication Bypass to Administrator
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WPC Smart Messages for WooCommerce

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Message Activation/Deactivation
Patched Version: 4.2.2
Recommended Action: Update to version 4.2.2, or a newer patched version

Plugin: Beek Widget Extention

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Ultimate TinyMCE

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WatchTowerHQ

Vulnerability: Authentication Bypass to Administrator due to Missing Empty Value Check
Patched Version: 3.10.4
Recommended Action: Update to version 3.10.4, or a newer patched version

Plugin: Bamazoo – Button Generator

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via dgs Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Masteriyo LMS – eLearning and Online Course Builder for WordPress

Vulnerability: Authenticated (Student+) Stored Cross-Site Scripting via Ask a Question Functionality
Patched Version: 1.13.4
Recommended Action: Update to version 1.13.4, or a newer patched version

Plugin: MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution

Vulnerability: Missing Authorization to Forged Vendor Profile Deletion Email Sending
Patched Version: 4.2.5
Recommended Action: Update to version 4.2.5, or a newer patched version

Plugin: WP-Members Membership Plugin

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via wpmem_loginout Shortcode
Patched Version: 3.4.9.6
Recommended Action: Update to version 3.4.9.6, or a newer patched version

Plugin: WordPress Post Grid Layouts with Pagination – Sogrid

Vulnerability: Authenticated (Admin+) Local File Inclusion
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: PriPre

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP Adminify – Custom WordPress Dashboard, Login and Admin Customizer

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 4.0.1.7
Recommended Action: Update to version 4.0.1.7, or a newer patched version

Plugin: WooCommerce UPS Shipping – Live Rates and Access Points

Vulnerability: Missing Authorization to Plugin API key reset
Patched Version: 3.0.0
Recommended Action: Update to version 3.0.0, or a newer patched version

Plugin: AMP for WP – Accelerated Mobile Pages

Vulnerability: Cross-Site Request Forgery to Privilege Escalation
Patched Version: 1.0.99.2
Recommended Action: Update to version 1.0.99.2, or a newer patched version

Plugin: Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.3.42
Recommended Action: Update to version 2.3.42, or a newer patched version

Plugin: WP Crowdfunding

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via wpcf_donate Shortcode
Patched Version: 2.1.12
Recommended Action: Update to version 2.1.12, or a newer patched version

Plugin: Simple News

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via news Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce

Vulnerability: Missing Authorization to Authenticated (Contributor+) Arbitrary Post Publication
Patched Version: 2.11.0
Recommended Action: Update to version 2.11.0, or a newer patched version

Plugin: Crypto Tool

Vulnerability: Authentication Bypass via register
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Image Map Pro – Drag-and-drop Builder for Interactive Images

Vulnerability: Missing Authorization to Authenticated (Contributor+) Map Project Add/Update/Delete
Patched Version: 6.0.21
Recommended Action: Update to version 6.0.21, or a newer patched version

Plugin: Beaver Builder – WordPress Page Builder

Vulnerability: Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Button Widget
Patched Version: 2.8.4.3
Recommended Action: Update to version 2.8.4.3, or a newer patched version

Plugin: Shoutcast Icecast HTML5 Radio Player

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: affiliate-toolkit

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via atkp_product Shortcode
Patched Version: 3.6.6
Recommended Action: Update to version 3.6.6, or a newer patched version

Plugin: User Toolkit

Vulnerability: Authenticated (Subscriber+) Authentication Bypass
Patched Version: 1.2.4
Recommended Action: Update to version 1.2.4, or a newer patched version

Plugin: Awesome buttons

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via btn2 Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Forms for Mailchimp by Optin Cat – Grow Your MailChimp List

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WPS Telegram Chat

Vulnerability: Missing Authorization to Information Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Editorial Assistant by Sovrn

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured Image
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Poll Maker – Versus Polls, Anonymous Polls, Image Polls

Vulnerability: Authenticated (Administrator+) SQL Injection via Order_by Parameter
Patched Version: 5.4.7
Recommended Action: Update to version 5.4.7, or a newer patched version

Plugin: SEUR Oficial

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.2.12
Recommended Action: Update to version 2.2.12, or a newer patched version

Plugin: Post Status Notifier

Vulnerability: Reflected Cross-Site Scripting via page
Patched Version: 1.11.7
Recommended Action: Update to version 1.11.7, or a newer patched version

Plugin: Newsletters

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via newsletters_video Shortcode
Patched Version: 4.9.9.5
Recommended Action: Update to version 4.9.9.5, or a newer patched version

Plugin: Arconix Shortcodes

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via box Shortcode
Patched Version: 2.1.14
Recommended Action: Update to version 2.1.14, or a newer patched version

Plugin: Poll Maker – Versus Polls, Anonymous Polls, Image Polls

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via Poll Settings
Patched Version: 5.4.7
Recommended Action: Update to version 5.4.7, or a newer patched version

Plugin: Editor Custom Color Palette

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Wp Social Login and Register Social Counter

Vulnerability: Authentication Bypass
Patched Version: 3.0.8
Recommended Action: Update to version 3.0.8, or a newer patched version

Plugin: Subscribe to Comments

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.3.1
Recommended Action: Update to version 2.3.1, or a newer patched version

Plugin: Comments – wpDiscuz

Vulnerability: Authentication Bypass
Patched Version: 7.6.25
Recommended Action: Update to version 7.6.25, or a newer patched version

Plugin: Mapster WP Maps

Vulnerability: Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update
Patched Version: 1.6.0
Recommended Action: Update to version 1.6.0, or a newer patched version

Plugin: MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution

Vulnerability: Cross-Site Request Forgery to Vendor Updates
Patched Version: 4.2.5
Recommended Action: Update to version 4.2.5, or a newer patched version

Plugin: Compact WP Audio Player

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player Shortcode
Patched Version: 1.9.14
Recommended Action: Update to version 1.9.14, or a newer patched version

Plugin: EventPrime – Events Calendar, Bookings and Tickets

Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: 4.0.4.8
Recommended Action: Update to version 4.0.4.8, or a newer patched version

Plugin: 10Web Social Post Feed

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Forminator Forms – Contact Form, Payment Form & Custom Form Builder

Vulnerability: Missing Authorization to Authenticated (Contributor+) Form Update and Creation
Patched Version: 1.36.0
Recommended Action: Update to version 1.36.0, or a newer patched version

Plugin: Order Notification for Telegram

Vulnerability: Missing Authorization to Unauthenticated Send Telegram Test Message
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Wux Blog Editor

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Monkee-Boy Essentials

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Premium Addons for Elementor

Vulnerability: Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Video Box Widget
Patched Version: 4.10.61
Recommended Action: Update to version 4.10.61, or a newer patched version

Plugin: WPS Telegram Chat

Vulnerability: Authenticated (Subscriber+) Unauthorized Access to Telegram Bot API
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: SMS Alert Order Notifications – WooCommerce

Vulnerability: WooCommerce <= 3.7.5
Patched Version: 3.7.6
Recommended Action: Update to version 3.7.6, or a newer patched version

Plugin: Extensions by HocWP Team

Vulnerability: Authentication Bypass
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP Baidu Map

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Crypto Tool

Vulnerability: Cross-Site Request Forgery to Authentication Bypass
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: All-in-One WP Migration and Backup

Vulnerability: Authenticated (Administrator+) Arbitrary PHP Code Injection
Patched Version: 7.87
Recommended Action: Update to version 7.87, or a newer patched version

Plugin: Exclusive Addons for Elementor

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
Patched Version: 2.7.5
Recommended Action: Update to version 2.7.5, or a newer patched version

Plugin: Clever Addons for Elementor

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Crypto Tool

Vulnerability: Authentication Bypass via log_in
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: FormFacade – WordPress plugin for Google Forms

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Move Addons for Elementor

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
Patched Version: 1.3.6
Recommended Action: Update to version 1.3.6, or a newer patched version

Plugin: Enable Shortcodes inside Widgets,Comments and Experts

Vulnerability: Unauthenticated Arbitrary Shortcode Execution
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Download Monitor

Vulnerability: Missing Authorization to API Key Manipulation
Patched Version: 5.0.13
Recommended Action: Update to version 5.0.13, or a newer patched version

Plugin: Contact Form 7 + Telegram

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Subscription Approve/Pause/Refuse
Patched Version: 0.8.6
Recommended Action: Update to version 0.8.6, or a newer patched version

Plugin: FileOrganizer – Manage WordPress and Website Files

Vulnerability: Authenticated (Subscriber+) Arbitrary File Upload
Patched Version: 1.1.0
Recommended Action: Update to version 1.1.0, or a newer patched version

Plugin: Terms descriptions

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.4.7
Recommended Action: Update to version 3.4.7, or a newer patched version