Watch Out Wednesday – January 3, 2024

Understanding Vulnerabilities in WordPress Plugins

Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.

Plugin: Complianz – GDPR/CCPA Cookie Consent

Vulnerability: Authenticated(Administrator+) Stored Cross-site Scripting via settings
Patched Version: 6.5.6
Recommended Action: Update to version 6.5.6, or a newer patched version

Plugin: WooCommerce Easy Duplicate Product

Vulnerability: Missing Authorization via wedp_duplicate_product_action
Patched Version: 0.3.0.8
Recommended Action: Update to version 0.3.0.8, or a newer patched version

Plugin: WooCommerce Warranty Requests

Vulnerability: Missing Authorization
Patched Version: 2.3.0
Recommended Action: Update to version 2.3.0, or a newer patched version

Plugin: WP Mail Log

Vulnerability: Authenticated(Contributor+) Arbitrary File Upload
Patched Version: 1.1.3
Recommended Action: Update to version 1.1.3, or a newer patched version

Plugin: WP 2FA – Two-factor authentication for WordPress

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.6.0
Recommended Action: Update to version 2.6.0, or a newer patched version

Plugin: Stylish Price List – Price Table Builder & QR Code Restaurant Menu

Vulnerability: Missing Authorization
Patched Version: 7.0.18
Recommended Action: Update to version 7.0.18, or a newer patched version

Plugin: BERTHA AI. Your AI co-pilot for WordPress and Chrome

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: 1.11.10.8
Recommended Action: Update to version 1.11.10.8, or a newer patched version

Plugin: LearnPress – WordPress LMS Plugin

Vulnerability: Command Injection
Patched Version: 4.2.5.8
Recommended Action: Update to version 4.2.5.8, or a newer patched version

Plugin: LearnPress – WordPress LMS Plugin

Vulnerability: Insecure Direct Object Reference to Information Disclosure
Patched Version: 4.2.5.8
Recommended Action: Update to version 4.2.5.8, or a newer patched version

Plugin: MapPress Maps for WordPress

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 2.88.14
Recommended Action: Update to version 2.88.14, or a newer patched version

Plugin: Rate my Post – WP Rating System

Vulnerability: IP Address Spoofing
Patched Version: 3.4.3
Recommended Action: Update to version 3.4.3, or a newer patched version

Plugin: Customer Reviews for WooCommerce

Vulnerability: Missing Authorization via CR_Manual
Patched Version: 5.38.2
Recommended Action: Update to version 5.38.2, or a newer patched version

Plugin: Piotnet Forms

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Easy Social Feed – Social Photos Gallery – Post Feed – Like Box

Vulnerability: Missing Authorization to Settings Modification
Patched Version: 6.5.3
Recommended Action: Update to version 6.5.3, or a newer patched version

Plugin: Simple Staff List

Vulnerability: Missing Authorization via ajax_flush_rewrite_rules and staff_member_export
Patched Version: 2.2.5
Recommended Action: Update to version 2.2.5, or a newer patched version

Plugin: WP-Members Membership Plugin

Vulnerability: Missing Authorization to Sensitive Information Exposure
Patched Version: 3.4.9
Recommended Action: Update to version 3.4.9, or a newer patched version

Plugin: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

Vulnerability: IP Spoofing
Patched Version: 5.2.5.1
Recommended Action: Update to version 5.2.5.1, or a newer patched version

Plugin: OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.

Vulnerability: Missing Authorization to Unauthenticated Directory Deletion and Cross-Site Scripting
Patched Version: 5.7.10
Recommended Action: Update to version 5.7.10, or a newer patched version

Plugin: MC4WP: Mailchimp for WordPress

Vulnerability: Missing Authorization via listen
Patched Version: 4.9.10
Recommended Action: Update to version 4.9.10, or a newer patched version

Plugin: 3D FlipBook – PDF Flipbook WordPress

Vulnerability: Authenticated (Contributor+) Cross-Site Scripting via Ready Function
Patched Version: 1.15.3
Recommended Action: Update to version 1.15.3, or a newer patched version

Plugin: Woocommerce Shipping Canada Post

Vulnerability: Missing Authorization
Patched Version: 2.8.4
Recommended Action: Update to version 2.8.4, or a newer patched version

Plugin: Branda – White Label WordPress, Custom Login Page Customizer

Vulnerability: IP Address Spoofing
Patched Version: 3.4.15
Recommended Action: Update to version 3.4.15, or a newer patched version

Plugin: WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels

Vulnerability: Missing Authorization to Order Export
Patched Version: 4.3.1
Recommended Action: Update to version 4.3.1, or a newer patched version

Plugin: WooCommerce Ship to Multiple Addresses

Vulnerability: Missing Authorization
Patched Version: 3.8.10
Recommended Action: Update to version 3.8.10, or a newer patched version

Plugin: LearnPress – WordPress LMS Plugin

Vulnerability: Unauthenticated SQL Injection via order_by
Patched Version: 4.2.5.8
Recommended Action: Update to version 4.2.5.8, or a newer patched version

Plugin: Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder

Vulnerability: Unauthenticated Stored Cross-Site Scripting via arf_http_referrer_url
Patched Version: 1.5.9
Recommended Action: Update to version 1.5.9, or a newer patched version

Plugin: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 5.9.3
Recommended Action: Update to version 5.9.3, or a newer patched version

Plugin: FunnelKit Checkout

Vulnerability: Authenticated(Subscriber+) Missing Authorization to Arbitrary Plugin Activation
Patched Version: 3.11.0
Recommended Action: Update to version 3.11.0, or a newer patched version

Plugin: Verge3D Publishing and E-Commerce

Vulnerability: Authenticated(Subscriber+) Arbitrary File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: ProfileGrid – User Profiles, Memberships, Groups and Communities

Vulnerability: Missing Authorization
Patched Version: 5.6.7
Recommended Action: Update to version 5.6.7, or a newer patched version

Plugin: POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Vulnerability: Reflected Cross-Site Scripting via msg
Patched Version: 2.8.7
Recommended Action: Update to version 2.8.7, or a newer patched version

Plugin: Frontend Admin by DynamiApps

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications

Vulnerability: Unauthenticated Stored Cross-Site Scripting via device
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version

Plugin: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login

Vulnerability: Form Submission Limit Bypass
Patched Version: 5.2.5.1
Recommended Action: Update to version 5.2.5.1, or a newer patched version

Plugin: WooCommerce Per Product Shipping

Vulnerability: Missing Authorization
Patched Version: 2.5.5
Recommended Action: Update to version 2.5.5, or a newer patched version

Plugin: BulkGate SMS Plugin for WooCommerce

Vulnerability: Missing Authorization via Multiple AJAX Actions
Patched Version: 3.0.3
Recommended Action: Update to version 3.0.3, or a newer patched version

Plugin: WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc

Vulnerability: Cross-Site Request Forgery to Subscriber Deletion
Patched Version: 6.5.1
Recommended Action: Update to version 6.5.1, or a newer patched version

Plugin: FunnelKit Checkout

Vulnerability: Authenticated(Subscriber+) Missing Authorization to Settings Change
Patched Version: 3.11.0
Recommended Action: Update to version 3.11.0, or a newer patched version

Plugin: Booster Elite for WooCommerce

Vulnerability: Authenticated(Subscriber+) Content Injection
Patched Version: 7.1.3
Recommended Action: Update to version 7.1.3, or a newer patched version

Plugin: JVM Gutenberg Rich Text Icons

Vulnerability: Directory Traversal to Authenticated(Subscriber+) Arbitrary File Deletion
Patched Version: 1.2.7
Recommended Action: Update to version 1.2.7, or a newer patched version

Plugin: Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site

Vulnerability: Missing Authorization via save_settings
Patched Version: 1.3.4
Recommended Action: Update to version 1.3.4, or a newer patched version

Plugin: Doofinder WP & WooCommerce Search

Vulnerability: Missing Authorization via multiple AJAX actions
Patched Version: 2.1.1
Recommended Action: Update to version 2.1.1, or a newer patched version

Plugin: WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc

Vulnerability: Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting
Patched Version: 6.5.1
Recommended Action: Update to version 6.5.1, or a newer patched version

Plugin: Product Expiry for WooCommerce

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update
Patched Version: 2.6
Recommended Action: Update to version 2.6, or a newer patched version

Plugin: WooCommerce Warranty Requests

Vulnerability: Missing Authorization
Patched Version: 2.3.0
Recommended Action: Update to version 2.3.0, or a newer patched version

Plugin: FunnelKit Checkout

Vulnerability: Unauthenticated Arbitrary Content Deletion
Patched Version: 3.11.0
Recommended Action: Update to version 3.11.0, or a newer patched version

Plugin: JVM Gutenberg Rich Text Icons

Vulnerability: Authenticated(Subscriber+) Arbitrary File Upload
Patched Version: 1.2.4
Recommended Action: Update to version 1.2.4, or a newer patched version

Plugin: WP 2FA – Two-factor authentication for WordPress

Vulnerability: Insecure Direct Object Reference to Arbitrary Email Sending
Patched Version: 2.6.0
Recommended Action: Update to version 2.6.0, or a newer patched version

Plugin: EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 3.9.6
Recommended Action: Update to version 3.9.6, or a newer patched version

Plugin: Page Builder: Pagelayer – Drag and Drop website builder

Vulnerability: Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields
Patched Version: 1.7.9
Recommended Action: Update to version 1.7.9, or a newer patched version

Plugin: Slider by Soliloquy – Responsive Image Slider for WordPress

Vulnerability: Missing Authorization
Patched Version: 2.7.3
Recommended Action: Update to version 2.7.3, or a newer patched version

Plugin: FooGallery Premium

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 2.4.6
Recommended Action: Update to version 2.4.6, or a newer patched version

Plugin: WP Compress – Image Optimizer [All-In-One]

Vulnerability: Unauthenticated Directory Traversal via css
Patched Version: 6.10.34
Recommended Action: Update to version 6.10.34, or a newer patched version

Plugin: Product Vendors

Vulnerability: Missing Authorization
Patched Version: 2.2.3
Recommended Action: Update to version 2.2.3, or a newer patched version

Plugin: Business Directory Plugin – Easy Listing Directories for WordPress

Vulnerability: Missing Authorization via dispatch
Patched Version: 6.3.10
Recommended Action: Update to version 6.3.10, or a newer patched version

Plugin: Piotnet Forms

Vulnerability: Missing Authorization via multiple AJAX actions
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: weForms – Easy Drag & Drop Contact Form Builder For WordPress

Vulnerability: Missing Authorization via export_form_entries
Patched Version: 1.6.19
Recommended Action: Update to version 1.6.19, or a newer patched version

Plugin: Malware Scanner

Vulnerability: IP Spoofing
Patched Version: 4.7.2
Recommended Action: Update to version 4.7.2, or a newer patched version

Plugin: Product Vendors

Vulnerability: Missing Authorization
Patched Version: 2.2.2
Recommended Action: Update to version 2.2.2, or a newer patched version

Plugin: PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.7.14
Recommended Action: Update to version 2.7.14, or a newer patched version