Watch Out Wednesday – June 26, 2024

Plugin: User Profile Picture

Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture Update
Patched Version: 2.6.2
Recommended Action: Update to version 2.6.2, or a newer patched version

Plugin: ContentLock

Vulnerability: Cross-Site Request Forgery to Group/Email Deletion
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Booking for Appointments and Events Calendar – Amelia

Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 1.1.6
Recommended Action: Update to one of the following versions, or a newer patched version: 1.1.6, 7.6

Plugin: Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer

Vulnerability: Missing Authorization
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Wheel of Life: Coaching and Assessment Tool for Life Coach

Vulnerability: Missing Authorization on Several AJAX Endpoints
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress

Vulnerability: Authenticated (Contributor+) SQL Injection
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: The Plus Addons for Elementor Page Builder

Vulnerability: Reflected Cross-Site Scripting via WP Login and Register Widget
Patched Version: 5.6.0
Recommended Action: Update to version 5.6.0, or a newer patched version

Plugin: Orbit Fox by ThemeIsle

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Services and Post Type Grid Widgets
Patched Version: 2.10.35
Recommended Action: Update to version 2.10.35, or a newer patched version

Plugin: Lifeline Donation

Vulnerability: Authentication Bypass
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Bible Text

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Branda – White Label WordPress, Custom Login Page Customizer

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload
Patched Version: 3.4.18
Recommended Action: Update to version 3.4.18, or a newer patched version

Plugin: ContentLock

Vulnerability: Cross-Site Request Forgery to Email Adding
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP SVG Images

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG
Patched Version: 4.3
Recommended Action: Update to version 4.3, or a newer patched version

Plugin: Media Library Assistant

Vulnerability: Authenticated (Contributor+) SQL Injection via order Parameter
Patched Version: 3.17
Recommended Action: Update to version 3.17, or a newer patched version

Plugin: ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup

Vulnerability: Cross-Site Request Forgery via multiple functions
Patched Version: 6.7.1
Recommended Action: Update to version 6.7.1, or a newer patched version

Plugin: JetWidgets For Elementor

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via layout_type and id Parameters
Patched Version: 1.0.18
Recommended Action: Update to version 1.0.18, or a newer patched version

Plugin: Themify – WooCommerce Product Filter

Vulnerability: WooCommerce Product Filter <= 1.4.9
Patched Version: 1.5.0
Recommended Action: Update to version 1.5.0, or a newer patched version

Plugin: SiteGuard WP Plugin

Vulnerability: Login Page Disclosure
Patched Version: 1.7.7
Recommended Action: Update to version 1.7.7, or a newer patched version

Plugin: Cookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy)

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Client-IP header
Patched Version: 3.3.0
Recommended Action: Update to version 3.3.0, or a newer patched version

Plugin: WP Blog Post Layouts

Vulnerability: Authenticated (Contributor+) Local File Inlcusion
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Social Sharing Plugin – Social Warfare

Vulnerability: Injected Backdoor
Patched Version: 4.4.7.3
Recommended Action: Update to version 4.4.7.3, or a newer patched version

Plugin: WP Child Theme Generator

Vulnerability: Missing Authorization to Unauthenticated Child Theme Creation/Activation
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version

Plugin: WP Hotel Booking

Vulnerability: Unauthenticated SQL Injection
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Export WP Page to Static HTML/CSS

Vulnerability: Open Redirect
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WPCafe – Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce

Vulnerability: Authenticated (Contributor+) File inclusion via Shortcode
Patched Version: 2.2.26
Recommended Action: Update to version 2.2.26, or a newer patched version

Plugin: ContentLock

Vulnerability: Cross-Site Request Forgery to Settings Update
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: UberMenu

Vulnerability: Cross-Site Request Forgery to Settings Reset
Patched Version: 3.8.4
Recommended Action: Update to version 3.8.4, or a newer patched version

Plugin: Zita Elementor Site Library

Vulnerability: Missing Authorization to Page Creation and Options Modification
Patched Version: 1.6.3
Recommended Action: Update to version 1.6.3, or a newer patched version

Plugin: Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)

Vulnerability: Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Patched Version: 3.5.5
Recommended Action: Update to version 3.5.5, or a newer patched version

Plugin: Bricks Builder

Vulnerability: Insecure Direct Object Reference
Patched Version: 1.9.9
Recommended Action: Update to version 1.9.9, or a newer patched version

Plugin: ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages

Vulnerability: Missing Authorization
Patched Version: 2.4.9.1
Recommended Action: Update to version 2.4.9.1, or a newer patched version

Plugin: The Plus Addons for Elementor Page Builder

Vulnerability: Authenticated (Contributor+) Local File Inclusion
Patched Version: 5.6.0
Recommended Action: Update to version 5.6.0, or a newer patched version

Plugin: HT Mega – Absolute Addons For Elementor

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Patched Version: 2.5.6
Recommended Action: Update to version 2.5.6, or a newer patched version

Plugin: Custom Field Suite

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via cfs[post_title]
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Sparkle Demo Importer

Vulnerability: Missing Authorization to Authorized(Subscriber+) Post/Pages/Attachements Deletion and Demo Data Import
Patched Version: 1.4.8
Recommended Action: Update to version 1.4.8, or a newer patched version

Plugin: WP Secure Maintenance

Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 1.7
Recommended Action: Update to version 1.7, or a newer patched version

Plugin: License Manager for WooCommerce

Vulnerability: Improper Authorization to Authenticated(Contributor+) Sensitive Information Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Exclusive Addons for Elementor

Vulnerability: Authenticated (Contibutor+) Stored Cross-Site Scripting via Card Widget
Patched Version: 2.6.9.9
Recommended Action: Update to version 2.6.9.9, or a newer patched version

Plugin: Online Booking & Scheduling Calendar for WordPress by vcita

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 4.4.3
Recommended Action: Update to version 4.4.3, or a newer patched version

Plugin: HT Mega – Absolute Addons For Elementor

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings
Patched Version: 2.5.6
Recommended Action: Update to version 2.5.6, or a newer patched version

Plugin: Quiz Maker

Vulnerability: Unauthenticated SQL Injection via ‘ays_questions’ Parameter
Patched Version: 6.5.8.4
Recommended Action: Update to version 6.5.8.4, or a newer patched version

Plugin: Custom Field Suite

Vulnerability: Authenticated (Contributor+) SQL Injection via Term Custom Field
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Online Booking & Scheduling Calendar for WordPress by vcita

Vulnerability: Missing Authorization to Unauthenticated Stored Cross-Site Scripting
Patched Version: 4.4.3
Recommended Action: Update to version 4.4.3, or a newer patched version

Plugin: SEOPress – On-site SEO

Vulnerability: Authenticated(Contributor+) Stored Cross-Site Scripting via Social Image URL
Patched Version: 7.9.1
Recommended Action: Update to version 7.9.1, or a newer patched version

Plugin: Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce

Vulnerability: Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.23
Patched Version: 5.7.24
Recommended Action: Update to version 5.7.24, or a newer patched version

Plugin: Page Builder: Live Composer

Vulnerability: Authenticated (Contributor+) PHP Object Injection
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Hide Dashboard Notifications

Vulnerability: Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification
Patched Version: 1.3.1
Recommended Action: Update to version 1.3.1, or a newer patched version

Plugin: Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel

Vulnerability: Authenticated (Contributor+) Arbitrary Nonce Generation
Patched Version: 3.1.0
Recommended Action: Update to version 3.1.0, or a newer patched version

Plugin: Table Addons for Elementor

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter
Patched Version: 2.1.3
Recommended Action: Update to version 2.1.3, or a newer patched version

Plugin: Smush Image Optimization – Optimize Images | Compress & Lazy Load Images | Convert WebP | Image CDN

Vulnerability: Missing Authorization to Resmush List Deletion
Patched Version: 3.16.5
Recommended Action: Update to version 3.16.5, or a newer patched version

Plugin: Custom Field Suite

Vulnerability: Authenticated (Contributor+) PHP Code Injection via Loop Custom Field
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Shariff Wrapper

Vulnerability: Unauthenticated Local File Inclusion
Patched Version: 4.6.14
Recommended Action: Update to version 4.6.14, or a newer patched version

Plugin: WPZOOM Addons for Elementor (Templates, Widgets)

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Team Members Widget
Patched Version: 1.1.39
Recommended Action: Update to version 1.1.39, or a newer patched version