Understanding Vulnerabilities in WordPress Plugins
Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.
Plugin: WP All Import Pro
Vulnerability: Authenticated (Administrator+) PHP Object Injection via Import File
Patched Version: 4.9.8
Recommended Action: Update to version 4.9.8, or a newer patched version
Plugin: Export All Posts, Products, Orders, Refunds & Users
Vulnerability: Information Disclosure Through Unprotected Directory
Patched Version: 2.10
Recommended Action: Update to version 2.10, or a newer patched version
Plugin: WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto
Vulnerability: Unauthenticated Sensitive Information Exposure
Patched Version: 8.0.9
Recommended Action: Update to version 8.0.9, or a newer patched version
Plugin: Customer Email Verification for WooCommerce
Vulnerability: Authentication Bypass via Shortcode
Patched Version: 2.9.6
Recommended Action: Update to version 2.9.6, or a newer patched version
Plugin: Post and Page Builder by BoldGrid – Visual Drag and Drop Editor
Vulnerability: Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function
Patched Version: 1.27.7
Recommended Action: Update to version 1.27.7, or a newer patched version
Plugin: WP Table Manager
Vulnerability: Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure
Patched Version: 4.1.4
Recommended Action: Update to version 4.1.4, or a newer patched version
Plugin: HT Mega – Absolute Addons For Elementor
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget
Patched Version: 2.8.2
Recommended Action: Update to version 2.8.2, or a newer patched version
Plugin: WP Directorybox Manager
Vulnerability: Authentication Bypass
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WP All Export Pro
Vulnerability: Unauthenticated Remote Code Execution via Custom Export Fields
Patched Version: 1.9.2
Recommended Action: Update to version 1.9.2, or a newer patched version
Plugin: All-Images.ai – IA Image Bank and Custom Image creation
Vulnerability: Authenticated (Subscriber+) Arbitrary File Upload
Patched Version: 1.0.5
Recommended Action: Update to version 1.0.5, or a newer patched version
Plugin: Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 1.3.3
Recommended Action: Update to version 1.3.3, or a newer patched version
Plugin: Zox News – Professional WordPress News & Magazine Theme
Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification
Patched Version: 3.17.1
Recommended Action: Update to version 3.17.1, or a newer patched version
Plugin: Global Gallery – WordPress Responsive Gallery
Vulnerability: WordPress Responsive Gallery <= 9.1.5
Patched Version: 9.1.6
Recommended Action: Update to version 9.1.6, or a newer patched version
Plugin: WooCommerce Cart Count Shortcode
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 1.1.0
Recommended Action: Update to version 1.1.0, or a newer patched version
Plugin: ConvertPlus
Vulnerability: ConvertPlus <= 3.5.30
Patched Version: 3.5.31
Recommended Action: Update to version 3.5.31, or a newer patched version
Plugin: AForms Eats
Vulnerability: Unauthenticated Full Path Disclosure
Patched Version: 1.3.2
Recommended Action: Update to version 1.3.2, or a newer patched version
Plugin: Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time
Vulnerability: Authenticated (Contributor+) Post Disclosure
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Nextend Social Login Pro
Vulnerability: Authentication Bypass via Apple OAuth provider
Patched Version: 3.1.17
Recommended Action: Update to version 3.1.17, or a newer patched version
Plugin: Simple add pages or posts
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Houzez Property Feed
Vulnerability: Cross-Site Request Forgery to Property Feed Export Deletion
Patched Version: 2.4.22
Recommended Action: Update to version 2.4.22, or a newer patched version
Plugin: Easy Quiz Maker
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WP Job Board Pro
Vulnerability: Unauthenticated Privilege Escalation via process_register
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WPSyncSheets Lite For WPForms – WPForms Google Spreadsheet Addon
Vulnerability: Missing Authorization to Authenticated (Subscriber+) Settings Reset
Patched Version: 1.6.1
Recommended Action: Update to version 1.6.1, or a newer patched version
Plugin: WP Foodbakery
Vulnerability: Unauthenticated Arbitrary File Upload
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: SuperSaaS – online appointment scheduling
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via after Parameter
Patched Version: 2.1.13
Recommended Action: Update to version 2.1.13, or a newer patched version
Plugin: WP Booking Calendar
Vulnerability: Unauthenticated Post-Confirmation Booking Manipulation
Patched Version: 10.10.1
Recommended Action: Update to version 10.10.1, or a newer patched version
Plugin: LTL Freight Quotes – XPO Edition
Vulnerability: Unauthenticated SQL Injection
Patched Version: 4.3.8
Recommended Action: Update to version 4.3.8, or a newer patched version
Plugin: WP Ghost (Hide My WP Ghost) – Security & Firewall
Vulnerability: Unauthenticated Login Page Disclosure
Patched Version: 5.4.01
Recommended Action: Update to version 5.4.01, or a newer patched version
Plugin: LTL Freight Quotes – For Customers of FedEx Freight
Vulnerability: Unauthenticated SQL Injection
Patched Version: 3.4.2
Recommended Action: Update to version 3.4.2, or a newer patched version
Plugin: WP All Import Pro
Vulnerability: Cross-Site Request Forgery to Imported Content Deletion
Patched Version: 4.9.8
Recommended Action: Update to version 4.9.8, or a newer patched version
Plugin: Contact Manager
Vulnerability: Unauthenticated Arbitrary Double File Extension Upload
Patched Version: 8.6.5
Recommended Action: Update to version 8.6.5, or a newer patched version
Plugin: StaffList
Vulnerability: Cross-Site Request Forgery to Reflected Cross-Site Scripting
Patched Version: 3.2.4
Recommended Action: Update to version 3.2.4, or a newer patched version
Plugin: Admire Extra
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 1.7
Recommended Action: Update to version 1.7, or a newer patched version
Plugin: Liveticker (by stklcode)
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 1.2.3
Recommended Action: Update to version 1.2.3, or a newer patched version
Plugin: Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin
Vulnerability: Unauthenticated Sensitive Information Exposure Through Unprotected Directory
Patched Version: 1.0.6
Recommended Action: Update to version 1.0.6, or a newer patched version
Plugin: Small Package Quotes – UPS Edition
Vulnerability: Unauthenticated SQL Injection
Patched Version: 4.5.17
Recommended Action: Update to version 4.5.17, or a newer patched version
Plugin: WP All Export Pro
Vulnerability: Authenticated (ShopManager+) Arbtirary Options Update
Patched Version: 1.9.2
Recommended Action: Update to version 1.9.2, or a newer patched version
Plugin: aDirectory – WordPress Directory Listing Plugin
Vulnerability: Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion
Patched Version: 2.3.5
Recommended Action: Update to version 2.3.5, or a newer patched version
Plugin: Super Store Finder
Vulnerability: Unauthenticated SQL Injection to Stored Cross-Site Scripting
Patched Version: 7.1
Recommended Action: Update to version 7.1, or a newer patched version
Plugin: GeoDirectory – WP Business Directory Plugin and Classified Listings Directory
Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting via Display_name Parameter
Patched Version: 2.8.98
Recommended Action: Update to version 2.8.98, or a newer patched version
Plugin: CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x
Vulnerability: Unauthenticated Arbitrary Shortcode Execution via get_products_price Function
Patched Version: 2.2.6
Recommended Action: Update to version 2.2.6, or a newer patched version
Plugin: WP Foodbakery
Vulnerability: Unauthenticated Privilege Escalation in foodbakery_registration_validation
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WP Foodbakery
Vulnerability: Authentication Bypass in foodbakery_parse_request
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: NGG Smart Image Search
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 3.3.2
Recommended Action: Update to version 3.3.2, or a newer patched version
Plugin: WP All Import Pro
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting via SVG File Upload
Patched Version: 4.9.8
Recommended Action: Update to version 4.9.8, or a newer patched version
Plugin: Apus Framework
Vulnerability: Authenticated (Subscriber+) Arbitrary Options Update in import_page_options
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin
Vulnerability: Authenticated (Subscriber+) Insecure Direct Object Reference
Patched Version: 1.0.6
Recommended Action: Update to version 1.0.6, or a newer patched version
Plugin: WP Foodbakery
Vulnerability: Reflected Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
***
Check out the Watch Out Wednesday Archive for past Watch Out Wednesday posts.
