Watch Out Wednesday – November 27, 2024

Understanding Vulnerabilities in WordPress Plugins

Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.

Plugin: Community by PeepSo – Download from PeepSo.com

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Announcement & Notification Banner – Bulletin

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: LSX Tour Operator

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Stratum – Elementor Widgets

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates
Patched Version: 1.4.5
Recommended Action: Update to version 1.4.5, or a newer patched version

Plugin: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update
Patched Version: 2.9.0
Recommended Action: Update to version 2.9.0, or a newer patched version

Plugin: Premium Packages – Sell Digital Products Securely

Vulnerability: Sell Digital Products Securely <= 5.9.3
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: RecipePress Reloaded

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Bard Extra

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Demo Import
Patched Version: 1.2.8
Recommended Action: Update to version 1.2.8, or a newer patched version

Plugin: Control horas

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Run Contests, Raffles, and Giveaways with ContestsWP

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.0.4
Recommended Action: Update to version 2.0.4, or a newer patched version

Plugin: StreamWeasels Online Status Bar

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 2.1.10
Recommended Action: Update to version 2.1.10, or a newer patched version

Plugin: Include Mastodon Feed

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Product Designer

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery)

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update
Patched Version: 2.6.3
Recommended Action: Update to version 2.6.3, or a newer patched version

Plugin: Subaccounts for WooCommerce

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Friendly Functions for Welcart

Vulnerability: Cross-Site Request Forgery to Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Ultimate YouTube Video & Shorts Player With Vimeo

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary Playlist/Video Deletion
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery)

Vulnerability: Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template
Patched Version: 2.6.2
Recommended Action: Update to version 2.6.2, or a newer patched version

Plugin: Lazy load videos and sticky control

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: SuevaFree Essential Kit

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: salavat counter Plugin

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Gutenberg Blocks with AI by Kadence WP – Page Builder Features

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 3.3.4
Recommended Action: Update to version 3.3.4, or a newer patched version

Plugin: Ultimate YouTube Video & Shorts Player With Vimeo

Vulnerability: Missing Authorization to Authenticated (Subscriber+) Setting Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Shine PDF Embeder

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WPAdverts – Classifieds Plugin

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.1.8
Recommended Action: Update to version 2.1.8, or a newer patched version

Plugin: Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blog, Video Gallery)

Vulnerability: Cross-Site Request Forgery to Limited Arbitrary Options Update
Patched Version: 2.6.2
Recommended Action: Update to version 2.6.2, or a newer patched version

Plugin: Lock User Account

Vulnerability: User Lock Bypass
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Theater for WordPress

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 0.18.7
Recommended Action: Update to version 0.18.7, or a newer patched version

Plugin: If-So Dynamic Content Personalization

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.9.2.2
Recommended Action: Update to version 1.9.2.2, or a newer patched version

Plugin: Co-marquage service-public.fr

Vulnerability: Reflected Cross-Site Scripting via add_query_arg Parameter
Patched Version: 0.5.77
Recommended Action: Update to version 0.5.77, or a newer patched version

Plugin: UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode)

Vulnerability: Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Page Parts

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Theme Builder For Elementor

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.2.3
Recommended Action: Update to version 1.2.3, or a newer patched version

Plugin: Activity Log – Monitor & Record User Changes

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Event Context
Patched Version: 2.11.2
Recommended Action: Update to version 2.11.2, or a newer patched version

Plugin: My Contador lesr

Vulnerability: Missing Authorization to Unauthenticated User Registration CSV Export
Patched Version: 2.1
Recommended Action: Update to version 2.1, or a newer patched version

Plugin: Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery

Vulnerability: Authenticated (Editor+) Stored Cross-Site Scripting
Patched Version: 3.2.4.3
Recommended Action: Update to version 3.2.4.3, or a newer patched version

Plugin: Anonymous Restricted Content

Vulnerability: Unauthenticated Content Restriction Bypass to Sensitive Information Exposure
Patched Version: 1.6.6
Recommended Action: Update to version 1.6.6, or a newer patched version

Plugin: Easiest Funnel Builder For WordPress & WooCommerce by WPFunnels

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.5.6
Recommended Action: Update to version 3.5.6, or a newer patched version

Plugin: Button Block – Get fully customizable & multi-functional buttons

Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: 1.1.5
Recommended Action: Update to version 1.1.5, or a newer patched version

Plugin: Slick Sitemap

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Premium Packages – Sell Digital Products Securely

Vulnerability: Reflected Cross-Site Scripting via add_query_arg
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Grid View Gallery

Vulnerability: Authenticated (Editor+) PHP Object Injection
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Dino Game – Embed Google Chrome Dinosaur Game in WordPress

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: MailMunch – Grow your Email List

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.2.0
Recommended Action: Update to version 3.2.0, or a newer patched version

Plugin: F4 Improvements

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Tutor LMS – eLearning and online course solution

Vulnerability: Unauthenticated SQL Injection via rating_filter
Patched Version: 2.7.7
Recommended Action: Update to version 2.7.7, or a newer patched version

Plugin: Tutor LMS – eLearning and online course solution

Vulnerability: User Registration Setting Bypass to Unauthorized User Registration
Patched Version: 2.7.7
Recommended Action: Update to version 2.7.7, or a newer patched version

Plugin: Pure CSS Circle Progress bar

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Simple Membership

Vulnerability: Exposure of Private Personal Information to an Unauthorized Actor
Patched Version: 4.5.6
Recommended Action: Update to version 4.5.6, or a newer patched version

Plugin: WPBakery Visual Composer WHMCS Elements

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via void_wbwhmcse_laouts_search Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Contact Form 7 Email Add on

Vulnerability: Authenticated (Contributor+) Local File Inclusion
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Easy Twitter Feed – Twitter feeds plugin for WP

Vulnerability: Authenticated (Contributor+) Post Exposure
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: WIP Incoming Lite

Vulnerability: Cross-Site Request Forgery to Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes

Vulnerability: Reflected Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Beds24 Online Booking

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via beds24-link Shortcode
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Branda – Branda – White Label & Branding, Custom Login Page Customizer

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.4.22
Recommended Action: Update to version 3.4.22, or a newer patched version

Plugin: affiliate-toolkit – WP Affiliate Plugin with Amazon

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.6.8
Recommended Action: Update to version 3.6.8, or a newer patched version

Plugin: Grey Owl Lightbox

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: n/a
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.