Watch Out Wednesday – November 13, 2024

Understanding Vulnerabilities in WordPress Plugins

Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.

Plugin: Envo Extra

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.9.4
Recommended Action: Update to version 1.9.4, or a newer patched version

Plugin: Algori PDF Viewer

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting
Patched Version: 1.0.8
Recommended Action: Update to version 1.0.8, or a newer patched version

Plugin: SysBasics Customize My Account for WooCommerce

Vulnerability: Reflected Cross-Site Scripting via tab Parameter
Patched Version: 2.7.30
Recommended Action: Update to version 2.7.30, or a newer patched version

Plugin: Code Embed

Vulnerability: Authenticated (Contributor+) Server-Side Request Forgery
Patched Version: 2.5.1
Recommended Action: Update to version 2.5.1, or a newer patched version

Plugin: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

Vulnerability: Reflected Cross-Site Scripting via add_query_arg Parameter
Patched Version: 1.15.31
Recommended Action: Update to version 1.15.31, or a newer patched version

Plugin: WooCommerce Support Ticket System

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: 17.8
Recommended Action: Update to version 17.8, or a newer patched version

Plugin: Debug Tool

Vulnerability: Missing Authorization to Information Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_link Shortcode
Patched Version: 2.7.5
Recommended Action: Update to version 2.7.5, or a newer patched version

Plugin: Countdown Timer block – Display the event’s date into a timer.

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.2.5
Recommended Action: Update to version 1.2.5, or a newer patched version

Plugin: Lenxel Core for Lenxel(LNX) LMS

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Simple Shortcode for Google Maps

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 1.6
Recommended Action: Update to version 1.6, or a newer patched version

Plugin: Category Ajax Filter

Vulnerability: Unauthenticated Local File Inclusion
Patched Version: 2.8.3
Recommended Action: Update to version 2.8.3, or a newer patched version

Plugin: CE21 Suite

Vulnerability: Authentication Bypass
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Contact Form 7 – PayPal & Stripe Add-on

Vulnerability: PayPal & Stripe Add-on <= 2.3.1
Patched Version: 2.3.2
Recommended Action: Update to version 2.3.2, or a newer patched version

Plugin: User Meta – User Profile Builder and User management plugin

Vulnerability: Insecure Direct Object Reference to Sensitive Information Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP Photo Album Plus

Vulnerability: Unauthenticated Arbitrary Shortcode Execution via getshortcodedrenderedfenodelay
Patched Version: 8.9.01.001
Recommended Action: Update to version 8.9.01.001, or a newer patched version

Plugin: Poll Maker – Versus Polls, Anonymous Polls, Image Polls

Vulnerability: Authenticated (Administrator+) Time-Based SQL Injection
Patched Version: 5.4.7
Recommended Action: Update to version 5.4.7, or a newer patched version

Plugin: Debug Tool

Vulnerability: Unauthenticated Arbitrary File Creation
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Easy SVG Support

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 3.8
Recommended Action: Update to version 3.8, or a newer patched version

Plugin: CE21 Suite

Vulnerability: JWT Token Disclosure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WP Membership

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: 1.6.3
Recommended Action: Update to version 1.6.3, or a newer patched version

Plugin: Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 1.8.3.1
Recommended Action: Update to version 1.8.3.1, or a newer patched version

Plugin: WordPress User Extra Fields

Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: 16.6
Recommended Action: Update to version 16.6, or a newer patched version

Plugin: Elementor Header & Footer Builder

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 1.6.46
Recommended Action: Update to version 1.6.46, or a newer patched version

Plugin: Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template
Patched Version: 1.2.5
Recommended Action: Update to version 1.2.5, or a newer patched version

Plugin: SKT Addons for Elementor

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 3.4
Recommended Action: Update to version 3.4, or a newer patched version

Plugin: Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 1.7.7
Recommended Action: Update to version 1.7.7, or a newer patched version

Plugin: Attesa Extra

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.4.3
Recommended Action: Update to version 1.4.3, or a newer patched version

Plugin: Quform – WordPress Form Builder

Vulnerability: WordPress Form Builder <= 2.20.0
Patched Version: 2.21.0
Recommended Action: Update to version 2.21.0, or a newer patched version

Plugin: Leopard – WordPress Offload Media

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
Patched Version: 3.1.2
Recommended Action: Update to version 3.1.2, or a newer patched version

Plugin: Content Slider Block

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 3.1.6
Recommended Action: Update to version 3.1.6, or a newer patched version

Plugin: RegistrationMagic – User Registration Plugin with Custom Registration Forms

Vulnerability: Unauthenticated Privilege Escalation via Password Recovery
Patched Version: 6.0.2.7
Recommended Action: Update to version 6.0.2.7, or a newer patched version

Plugin: CE21 Suite

Vulnerability: Missing Authorization to Unauthenticated Plugin Settings Change
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: FOX – Currency Switcher Professional for WooCommerce

Vulnerability: Unauthenticated Arbitrary Shortcode Execution
Patched Version: 1.4.2.3
Recommended Action: Update to version 1.4.2.3, or a newer patched version

Plugin: WooCommerce Support Ticket System

Vulnerability: Unauthenticated Arbitrary File Deletion
Patched Version: 17.8
Recommended Action: Update to version 17.8, or a newer patched version

Plugin: Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction

Vulnerability: Unauthenticated Arbitrary Shortcode Execution
Patched Version: 2.13.1
Recommended Action: Update to version 2.13.1, or a newer patched version

Plugin: Cowidgets – Elementor Addons

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WooCommerce Support Ticket System

Vulnerability: Authenticated (Subscriber+) Arbitrary File Deletion
Patched Version: 17.8
Recommended Action: Update to version 17.8, or a newer patched version

Plugin: Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)

Vulnerability: Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider <= 3.15.18
Patched Version: 3.15.19
Recommended Action: Update to version 3.15.19, or a newer patched version

Plugin: Cowidgets – Elementor Addons

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.