Understanding Vulnerabilities in WordPress Plugins
Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.
Plugin: Alma – Pay in installments or later for WooCommerce
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 5.2.1
Recommended Action: Update to version 5.2.1, or a newer patched version
Plugin: Manage Notification E-mails
Vulnerability: Missing Authorization
Patched Version: 1.8.6
Recommended Action: Update to version 1.8.6, or a newer patched version
Plugin: Rocket Maintenance Mode & Coming Soon Page
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 4.4
Recommended Action: Update to version 4.4, or a newer patched version
Plugin: PayHere Payment Gateway Plugin for WooCommerce
Vulnerability: Information Disclosure via Log Files
Patched Version: 2.2.12
Recommended Action: Update to version 2.2.12, or a newer patched version
Plugin: Ibtana – WordPress Website Builder
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 1.2.2.1
Recommended Action: Update to version 1.2.2.1, or a newer patched version
Plugin: HTML5 Video Player – mp4 Video Player Plugin and Block
Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: 2.5.19
Recommended Action: Update to version 2.5.19, or a newer patched version
Plugin: System Dashboard
Vulnerability: Missing Authorization to Information Disclosure (sd_php_info)
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version
Plugin: Annual Archive
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WordPress Flipbook by Supsystic
Vulnerability: Cross-Site Request Forgery via AJAX action
Patched Version: 1.7.7
Recommended Action: Update to version 1.7.7, or a newer patched version
Plugin: Welcart e-Commerce
Vulnerability: Authenticated (Administrator+) Directory Traversal
Patched Version: 2.9.7
Recommended Action: Update to version 2.9.7, or a newer patched version
Plugin: Burst Statistics – Privacy-Friendly Analytics for WordPress
Vulnerability: Unauthenticated SQL Injection
Patched Version: 1.5.0
Recommended Action: Update to version 1.5.0, or a newer patched version
Plugin: Square Thumbnails
Vulnerability: Missing Authorization
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version
Plugin: Backup Migration
Vulnerability: Unauthenticated Remote Code Execution
Patched Version: 1.3.8
Recommended Action: Update to version 1.3.8, or a newer patched version
Plugin: Optin Forms – Simple List Building Plugin for WordPress
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Smart Forms – when you need more than just a contact form
Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
Patched Version: 2.6.85
Recommended Action: Update to version 2.6.85, or a newer patched version
Plugin: Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Royal Elementor Addons and Templates
Vulnerability: Missing Authorization to Private/Password Protected Post Read
Patched Version: 1.3.81
Recommended Action: Update to version 1.3.81, or a newer patched version
Plugin: WPPerformanceTester
Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Social Media Feather | social media sharing
Vulnerability: Missing Authorization
Patched Version: 2.1.4
Recommended Action: Update to version 2.1.4, or a newer patched version
Plugin: Import and export users and customers
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Patched Version: 1.24.4
Recommended Action: Update to version 1.24.4, or a newer patched version
Plugin: CommentTweets
Vulnerability: Cross-Site Request Forgery to Settings Update
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Cosmetsy Core
Vulnerability: Reflected Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: System Dashboard
Vulnerability: Missing Authorization to Information Disclosure (sd_db_specs)
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version
Plugin: Export and Import Users and Customers
Vulnerability: Authenticated (Shop Manager+) Arbitrary File Upload
Patched Version: 2.4.9
Recommended Action: Update to version 2.4.9, or a newer patched version
Plugin: PayTR Taksit Tablosu – WooCommerce
Vulnerability: Improper Authorization
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Elementor Website Builder – More than Just a Page Builder
Vulnerability: Authenticated(Contributor+) Arbitrary File Upload to Remote Code Execution via Template Import
Patched Version: 3.18.2
Recommended Action: Update to version 3.18.2, or a newer patched version
Plugin: CAOS | Host Google Analytics Locally
Vulnerability: Missing Authorization to Unauthenticated Plugin Settings Update
Patched Version: 4.7.15
Recommended Action: Update to version 4.7.15, or a newer patched version
Plugin: WPBakery Page Builder Addons by Livemesh
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 3.6
Recommended Action: Update to version 3.6, or a newer patched version
Plugin: Asgaros Forum
Vulnerability: Insufficient Authorization to Authenticated (Admin+) Arbitrary File Upload
Patched Version: 2.7.1
Recommended Action: Update to version 2.7.1, or a newer patched version
Plugin: Multi Currency For WooCommerce
Vulnerability: Cross-Site Request Forgery
Patched Version: 1.5.6
Recommended Action: Update to version 1.5.6, or a newer patched version
Plugin: System Dashboard
Vulnerability: Missing Authorization to Information Disclosure (sd_global_value)
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version
Plugin: Greenshift – animation and page builder blocks
Vulnerability: Authenticated (Administrator+) Arbitrary File Upload
Patched Version: 7.6.3
Recommended Action: Update to version 7.6.3, or a newer patched version
Plugin: Custom Post Type Page Template
Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Redirects
Vulnerability: Missing Authorization
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Shortcodes and extra features for Phlox theme
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Patched Version: 2.15.5
Recommended Action: Update to version 2.15.5, or a newer patched version
Plugin: Shortcoder — Create Shortcodes for Anything
Vulnerability: Missing Authorization
Patched Version: 6.3.1
Recommended Action: Update to version 6.3.1, or a newer patched version
Plugin: EmbedPress – Embed PDF, PDF 3D FlipBook, Instagram Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Maps & Upload PDF Documents
Vulnerability: Missing Authorization
Patched Version: 3.9.5
Recommended Action: Update to version 3.9.5, or a newer patched version
Plugin: Alt Manager
Vulnerability: Missing Authorization
Patched Version: 1.6.2
Recommended Action: Update to version 1.6.2, or a newer patched version
Plugin: Simple Social Media Share Buttons – Social Sharing for Everyone
Vulnerability: Unauthenticated Password Protected Post Disclosure
Patched Version: 5.1.1
Recommended Action: Update to version 5.1.1, or a newer patched version
Plugin: Import and export users and customers
Vulnerability: Authenticated(Administrator+) Directory Traversal via Recurring Import Functionality
Patched Version: 1.24.3
Recommended Action: Update to version 1.24.3, or a newer patched version
Core: WordPress
Vulnerability: 6.4.1
Patched Version: 6.4.2
Recommended Action: Update to version 6.4.2, or a newer patched version
Plugin: Custom Login
Vulnerability: Missing Authorization
Patched Version: 4.1.1
Recommended Action: Update to version 4.1.1, or a newer patched version
Plugin: Caddy – Smart Side Cart for WooCommerce
Vulnerability: Cross-Site Request Forgery
Patched Version: 1.9.8
Recommended Action: Update to version 1.9.8, or a newer patched version
Plugin: WP STAGING WordPress Backup Plugin – Migration Backup Restore
Vulnerability: Sensitive Information Exposure
Patched Version: 3.1.3
Recommended Action: Update to version 3.1.3, or a newer patched version
Plugin: affiliate-toolkit – WP Affiliate Plugin with Amazon
Vulnerability: Unauthenticated Server-Side Request Forgery
Patched Version: 3.4.3
Recommended Action: Update to version 3.4.3, or a newer patched version
Plugin: First Order Discount Woocommerce
Vulnerability: Cross-Site Request Forgery
Patched Version: 1.22
Recommended Action: Update to version 1.22, or a newer patched version
Plugin: WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts
Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: 2.6.9
Recommended Action: Update to version 2.6.9, or a newer patched version
Plugin: WP TripAdvisor Review Slider
Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 11.9
Recommended Action: Update to version 11.9, or a newer patched version
Plugin: ArtPlacer Widget
Vulnerability: Authenticated (Editor+) SQL Injection
Patched Version: 2.20.7
Recommended Action: Update to version 2.20.7, or a newer patched version
Plugin: Responsive Slick Slider WordPress
Vulnerability: Authenticated (Contributor+) Content Injection
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Author Avatars List/Block
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 2.1.18
Recommended Action: Update to version 2.1.18, or a newer patched version
Plugin: SlickNav Mobile Menu
Vulnerability: Authenticated (Admin+) Stored Cross-Site Scripting
Patched Version: 1.9.3
Recommended Action: Update to version 1.9.3, or a newer patched version
Plugin: Popup Builder – Create highly converting, mobile friendly marketing popups.
Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: 4.2.3
Recommended Action: Update to version 4.2.3, or a newer patched version
Plugin: System Dashboard
Vulnerability: Missing Authorization to Information Disclosure (sd_option_value)
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version
Plugin: Translate WordPress – Google Language Translator
Vulnerability: Missing Authorization to Notice Dismissal
Patched Version: 6.0.20
Recommended Action: Update to version 6.0.20, or a newer patched version
Plugin: WordPress Simple HTML Sitemap
Vulnerability: Missing Authorization
Patched Version: 2.8
Recommended Action: Update to version 2.8, or a newer patched version
Plugin: Login With Ajax – Fast Logins, 2FA, Redirects
Vulnerability: Missing Authorization
Patched Version: 4.2
Recommended Action: Update to version 4.2, or a newer patched version
Plugin: System Dashboard
Vulnerability: Missing Authorization to Information Disclosure (sd_constants)
Patched Version: 2.8.8
Recommended Action: Update to version 2.8.8, or a newer patched version
Plugin: Backup Migration
Vulnerability: Unauthenticated Sensitive Information Exposure
Patched Version: 1.3.6
Recommended Action: Update to version 1.3.6, or a newer patched version
Plugin: WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts
Vulnerability: Missing Authorization
Patched Version: 2.6.8
Recommended Action: Update to version 2.6.8, or a newer patched version
Plugin: SharkDropship and Affiliate for AliExpress, Temu, eBay, Amazon and Etsy to woocommerce
Vulnerability: Missing Authorization
Patched Version: 2.1.2
Recommended Action: Update to version 2.1.2, or a newer patched version
Plugin: Menu Bar Cart Icon For WooCommerce By Binary Carpenter
Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
***
Check out the Watch Out Wednesday Archive for past Watch Out Wednesday posts.
