Watch Out Wednesday – August 23, 2023

Understanding Vulnerabilities in WordPress Plugins

Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.

Plugin: Vertical marquee plugin

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Smart SEO Tool – SEO优化插件

Vulnerability: Cross-Site Request Forgery via ‘wp_ajax_wb_smart_seo_tool’
Patched Version: 4.0.2
Recommended Action: Update to version 4.0.2, or a newer patched version

Plugin: FTP Access

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin

Vulnerability: Tables & Table Charts <= 2.1.65
Patched Version: 2.1.66
Recommended Action: Update to version 2.1.66, or a newer patched version

Plugin: Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Vulnerability: Missing Authorization via AJAX actions
Patched Version: 118
Recommended Action: Update to version 118, or a newer patched version

Plugin: Popup Box – Create Countdown, Coupon, Video, Contact Form Popups

Vulnerability: Authenticated(Administrator+) Stored Cross-Site Scripting
Patched Version: 3.7.1
Recommended Action: Update to version 3.7.1, or a newer patched version

Plugin: gAppointments – Appointment booking addon for Gravity Forms

Vulnerability: Appointment booking addon for Gravity Forms <= 1.9.7
Patched Version: 1.10.0
Recommended Action: Update to version 1.10.0, or a newer patched version

Plugin: Void Elementor Post Grid Addon for Elementor Page builder

Vulnerability: Missing Authorization to Review Notice Dismissal
Patched Version: 2.2
Recommended Action: Update to version 2.2, or a newer patched version

Plugin: PDF Builder for WooCommerce. Create invoices,packing slips and more

Vulnerability: Missing Authorization to Sensitive Information Exposure
Patched Version: 1.2.92
Recommended Action: Update to version 1.2.92, or a newer patched version

Plugin: Push Notification for Post and BuddyPress

Vulnerability: Missing Authorization to Unauthenticated Admin Notice Dismissal
Patched Version: 1.64
Recommended Action: Update to version 1.64, or a newer patched version

Plugin: Portfolio and Projects

Vulnerability: Missing Authorization to Notice Dismissal
Patched Version: 1.3.8
Recommended Action: Update to version 1.3.8, or a newer patched version

Plugin: Event Tickets with Ticket Scanner

Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: 1.5.5
Recommended Action: Update to version 1.5.5, or a newer patched version

Plugin: DX-auto-save-images

Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: tagDiv Composer

Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 4.2
Recommended Action: Update to version 4.2, or a newer patched version

Plugin: CT Commerce

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Cookies by JM

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Kanban Boards for WordPress

Vulnerability: Authenticated (Administrator+) Remote Code Execution
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: PDF Builder for WooCommerce. Create invoices,packing slips and more

Vulnerability: Cross-Site Request Forgery to Custom Field Creation
Patched Version: 1.2.91
Recommended Action: Update to version 1.2.91, or a newer patched version

Plugin: SlimStat Analytics

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via settings
Patched Version: 5.0.9
Recommended Action: Update to version 5.0.9, or a newer patched version

Plugin: Accordion Slider

Vulnerability: Missing Authorization to Notice Dismissal
Patched Version: 1.9.7
Recommended Action: Update to version 1.9.7, or a newer patched version

Plugin: Plausible Analytics

Vulnerability: Reflected Cross-Site Scripting via page-url
Patched Version: 1.3.4
Recommended Action: Update to version 1.3.4, or a newer patched version

Plugin: CLUEVO LMS, E-Learning Platform

Vulnerability: Cross-Site Request Forgery
Patched Version: 1.11.0
Recommended Action: Update to version 1.11.0, or a newer patched version

Plugin: Min Max Control – Min Max Quantity & Step Control for WooCommerce

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 4.6
Recommended Action: Update to version 4.6, or a newer patched version

Plugin: Paid Memberships Pro CCBill Gateway

Vulnerability: Insufficient Authorization
Patched Version: 0.4
Recommended Action: Update to version 0.4, or a newer patched version

Plugin: Royal Elementor Addons and Templates

Vulnerability: Cross-Site Request Forgery
Patched Version: 1.3.76
Recommended Action: Update to version 1.3.76, or a newer patched version

Plugin: Save as PDF Plugin by Pdfcrowd

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
Patched Version: 2.16.1
Recommended Action: Update to version 2.16.1, or a newer patched version

Plugin: Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

Vulnerability: Unauthenticated Privilege Escalation
Patched Version: 1.7.0.13
Recommended Action: Update to version 1.7.0.13, or a newer patched version

Plugin: Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Vulnerability: Reflected Cross-Site Scripting via ‘post_id’
Patched Version: 118
Recommended Action: Update to version 118, or a newer patched version

Plugin: Hide My WP Ghost – Security & Firewall

Vulnerability: CAPTCHA Bypass in brute_math_authenticate
Patched Version: 5.0.26
Recommended Action: Update to version 5.0.26, or a newer patched version

Plugin: Sticky Social Media Icons

Vulnerability: Missing Authorization via ajax_request_handle
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Social Proof Popups & Real-Time Notifications – Herd Effects

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 5.2.3
Recommended Action: Update to version 5.2.3, or a newer patched version

Plugin: BigBlueButton

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations

Vulnerability: Missing Authorization
Patched Version: 2.0.5.4.1
Recommended Action: Update to version 2.0.5.4.1, or a newer patched version

Plugin: Schedule Posts Calendar

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
Patched Version: 5.3
Recommended Action: Update to version 5.3, or a newer patched version

Plugin: Comments Like Dislike

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Plugin Setting Reset
Patched Version: 1.2.1
Recommended Action: Update to version 1.2.1, or a newer patched version

Plugin: tagDiv Composer

Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: 4.2
Recommended Action: Update to version 4.2, or a newer patched version

Plugin: PDF Builder for WooCommerce. Create invoices,packing slips and more

Vulnerability: Authenticated (Administrator+) Cross-Site Scripting
Patched Version: 1.2.91
Recommended Action: Update to version 1.2.91, or a newer patched version

Plugin: WP Adminify – Custom WordPress Dashboard, Login and Admin Customizer

Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 3.1.6
Recommended Action: Update to version 3.1.6, or a newer patched version

Plugin: WP-PostRatings

Vulnerability: IP Spoofing
Patched Version: 1.91.1
Recommended Action: Update to version 1.91.1, or a newer patched version

Plugin: Cleverwise Daily Quotes

Vulnerability: Reflected Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: DOOFINDER Search and Discovery for WP & WooCommerce

Vulnerability: Unauthenticated Open Redirect
Patched Version: 2.0.0
Recommended Action: Update to version 2.0.0, or a newer patched version

Plugin: Save as Image Plugin by Pdfcrowd

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via settings
Patched Version: 2.16.1
Recommended Action: Update to version 2.16.1, or a newer patched version

Plugin: Carrrot

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Donations Made Easy – Smart Donations

Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Cookies and Content Security Policy

Vulnerability: Sensitive Information Exposure
Patched Version: 2.16
Recommended Action: Update to version 2.16, or a newer patched version

Plugin: URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Referrer Header
Patched Version: 1.7.6
Recommended Action: Update to version 1.7.6, or a newer patched version

Plugin: GD Security Headers

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 1.7
Recommended Action: Update to version 1.7, or a newer patched version

Plugin: Schedule Posts Calendar

Vulnerability: Cross-Site Request Forgery
Patched Version: 5.3
Recommended Action: Update to version 5.3, or a newer patched version

Plugin: Newsletter – Send awesome emails from WordPress

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 7.9.0
Recommended Action: Update to version 7.9.0, or a newer patched version

Plugin: Posts Like Dislike

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Plugin Setting Reset
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version

Plugin: Simple Org Chart

Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Custom Admin Login Page | WPZest

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Cost Calculator Builder

Vulnerability: Improper Authorization
Patched Version: 3.1.43
Recommended Action: Update to version 3.1.43, or a newer patched version

Plugin: Portfolio Gallery – Responsive Image Gallery

Vulnerability: Missing Authorization via Multiple AJAX actions
Patched Version: 1.4.7
Recommended Action: Update to version 1.4.7, or a newer patched version

Plugin: Jupiter X Core

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: 3.3.8
Recommended Action: Update to version 3.3.8, or a newer patched version

Plugin: ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More

Vulnerability: Missing Authorization in rx_coupon_from_submit
Patched Version: 1.6.18
Recommended Action: Update to version 1.6.18, or a newer patched version

Plugin: Cartpauj Register Captcha

Vulnerability: CAPTCHA Bypass
Patched Version: 2.0.0
Recommended Action: Update to version 2.0.0, or a newer patched version

Plugin: Social Proof Popups & Real-Time Notifications – Herd Effects

Vulnerability: Cross-Site Request Forgery to Effect Deletion
Patched Version: 5.2.4
Recommended Action: Update to version 5.2.4, or a newer patched version

Plugin: Enhanced Ecommerce Google Analytics for WooCommerce

Vulnerability: Cross-Site Request Forgery
Patched Version: 3.7.2
Recommended Action: Update to version 3.7.2, or a newer patched version

Plugin: Collapse-O-Matic

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: RSVPMaker

Vulnerability: Unauthenticated Stored Cross-Site Scripting via ’email’
Patched Version: 10.6.6
Recommended Action: Update to version 10.6.6, or a newer patched version

Plugin: fitness calculators

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
Patched Version: 2.0.9
Recommended Action: Update to version 2.0.9, or a newer patched version

Plugin: Jupiter X Core

Vulnerability: Unauthenticated Privilege Escalation
Patched Version: 3.4.3
Recommended Action: Update to version 3.4.3, or a newer patched version

Plugin: Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Vulnerability: Cross-Site Request Forgery via submitDefaultEditor
Patched Version: 1.24.2
Recommended Action: Update to version 1.24.2, or a newer patched version

Plugin: Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 1.5.1.3
Recommended Action: Update to version 1.5.1.3, or a newer patched version

Plugin: Serial Codes Generator and Validator with WooCommerce Support

Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: 2.4.15
Recommended Action: Update to version 2.4.15, or a newer patched version

Plugin: Simple Org Chart

Vulnerability: Missing Authorization
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Estatik Mortgage Calculator

Vulnerability: Reflected Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: SlimStat Analytics

Vulnerability: Missing Authorization via delete_pageview
Patched Version: 5.0.6
Recommended Action: Update to version 5.0.6, or a newer patched version

Plugin: RSVPMaker

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
Patched Version: 10.6.7
Recommended Action: Update to version 10.6.7, or a newer patched version

Plugin: Lock User Account

Vulnerability: Cross-Site Request Forgery to Account Lock/Unlock
Patched Version: 1.0.4
Recommended Action: Update to version 1.0.4, or a newer patched version

Plugin: Dynamic Pricing and Discount Rules for WooCommerce

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.4.1
Recommended Action: Update to version 2.4.1, or a newer patched version

Plugin: Typing Effect

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Patched Version: 1.3.7
Recommended Action: Update to version 1.3.7, or a newer patched version

Plugin: Contact form 7 Custom validation

Vulnerability: Unauthenticated SQL Injection via ‘post’
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: DoLogin Security

Vulnerability: IP Address Spoofing
Patched Version: 3.7
Recommended Action: Update to version 3.7, or a newer patched version

Plugin: MasterStudy LMS WordPress Plugin – for Online Courses and Education

Vulnerability: Privilege Escalation
Patched Version: 3.0.18
Recommended Action: Update to version 3.0.18, or a newer patched version

Plugin: YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress

Vulnerability: Cross-Site Request Forgery
Patched Version: 3.3.6
Recommended Action: Update to version 3.3.6, or a newer patched version

Plugin: Tabs & Accordion

Vulnerability: Authenticated (Contributor+) Content Injection
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Stripe Payment Plugin for WooCommerce

Vulnerability: Missing Authorization to Arbitrary Order Status Modification
Patched Version: 3.8.0
Recommended Action: Update to version 3.8.0, or a newer patched version

Plugin: Simple Staff List

Vulnerability: Authenticated (Editor+) Stored Cross-Site Scripting
Patched Version: 2.2.4
Recommended Action: Update to version 2.2.4, or a newer patched version

Plugin: Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 119
Recommended Action: Update to version 119, or a newer patched version

Plugin: JS Help Desk – The Ultimate Help Desk & Support Plugin

Vulnerability: Authenticated (Administrator+) Arbitrary File Upload
Patched Version: 2.7.8
Recommended Action: Update to version 2.7.8, or a newer patched version

Plugin: WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 8.3.5
Recommended Action: Update to version 8.3.5, or a newer patched version

***

Check out the Watch Out Wednesday Archive for past Watch Out Wednesday posts.