Watch Out Wednesday – June 28, 2023

Home » Watch Out Wednesday – June 28, 2023

Understanding Vulnerabilities in WordPress Plugins

Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.

Plugin: Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress

Vulnerability: Reflected Cross-Site Scripting via error message
Patched Version: 4.11.0
Recommended Action: Update to version 4.11.0, or a newer patched version

Plugin: Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty

Vulnerability: Chaty <= 3.1.1
Patched Version: 3.1.2
Recommended Action: Update to version 3.1.2, or a newer patched version

Plugin: Popup by Supsystic

Vulnerability: Prototype Pollution
Patched Version: 1.10.19
Recommended Action: Update to version 1.10.19, or a newer patched version

Plugin: NOO Timetable

Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Waitlist Woocommerce ( Back in stock notifier )

Vulnerability: Cross-Site Request Forgery to Settings Reset
Patched Version: 2.5.3
Recommended Action: Update to version 2.5.3, or a newer patched version

Plugin: LearnDash LMS

Vulnerability: Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password Change
Patched Version: 4.6.0.1
Recommended Action: Update to version 4.6.0.1, or a newer patched version

Plugin: Gravity Forms

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.7.5
Recommended Action: Update to version 2.7.5, or a newer patched version

Plugin: Email download link

Vulnerability: Unauthenticated Sensitive Information Exposure
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: MStore API – Create Native Android & iOS Apps On The Cloud

Vulnerability: Unauthenticated SQL Injection
Patched Version: 4.0.2
Recommended Action: Update to version 4.0.2, or a newer patched version

Plugin: Quiz Expert – Easy Quiz Maker, Exam and Test Manager

Plugin: MyCurator Content Curation

Vulnerability: Cross-Site Request Forgery
Patched Version: 3.75
Recommended Action: Update to version 3.75, or a newer patched version

Plugin: Quick Post Duplicator

Vulnerability: Authenticated (Contributor+) SQL Injection via post_id
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Lana Shortcodes

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 1.2.0
Recommended Action: Update to version 1.2.0, or a newer patched version

Plugin: Login/Signup Popup ( Inline Form + Woocommerce )

Vulnerability: Cross-Site Request Forgery to Settings Reset
Patched Version: 2.4
Recommended Action: Update to version 2.4, or a newer patched version

Plugin: Post Hit Counter

Vulnerability: Missing Authorization
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Duplicate Post Page Menu & Custom Post Type

Vulnerability: Missing Authorization
Patched Version: 2.4.0
Recommended Action: Update to version 2.4.0, or a newer patched version

Plugin: Complianz Premium – GDPR/CCPA Cookie Consent

Vulnerability: Cross-Site Request Forgery to Stored Cross-Site Scripting
Patched Version: 6.4.7
Recommended Action: Update to version 6.4.7, or a newer patched version

Plugin: OOPSpam Anti-Spam

Vulnerability: Cross-Site Request Forgery via empty_ham_entries and empty_spam_entries
Patched Version: 1.1.45
Recommended Action: Update to version 1.1.45, or a newer patched version

Plugin: Houzez CRM

Vulnerability: Authenticated (Subscriber+) SQL Injection
Patched Version: 1.3.5
Recommended Action: Update to version 1.3.5, or a newer patched version

Plugin: Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor

Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: 3.8.5
Recommended Action: Update to version 3.8.5, or a newer patched version

Plugin: NOO Timetable

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: AN_GradeBook

Vulnerability: Authenticated (Subscriber+) SQL Injection via ‘id’
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite

Vulnerability: Cross-Site Request Forgery to Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Post SMTP – WordPress SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more

Vulnerability: Cross-Site Request Forgery to Account Compromise
Patched Version: 2.5.7
Recommended Action: Update to version 2.5.7, or a newer patched version

Plugin: Five Star Restaurant Reservations – WordPress Booking Plugin

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.6.8
Recommended Action: Update to version 2.6.8, or a newer patched version

Plugin: Enable SVG, WebP, and ICO Upload

Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting via SVG
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version

Plugin: Booked – Appointment Booking for WordPress

Plugin: google-analytics-premium

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 8.15
Recommended Action: Update to version 8.15, or a newer patched version

Plugin: Membership Plugin – Restrict Content

Vulnerability: Missing Authorization to Notice Dismissal
Patched Version: 3.2.3
Recommended Action: Update to version 3.2.3, or a newer patched version

Plugin: BBS e-Popup

Plugin: Editorial Calendar

Vulnerability: Authenticated (Contributor+) Insecure Direct Object Reference
Patched Version: 3.8.0
Recommended Action: Update to version 3.8.0, or a newer patched version

Plugin: WooCommerce Pre-Orders

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.0.2
Recommended Action: Update to version 2.0.2, or a newer patched version

Plugin: InventoryPress

Vulnerability: Authenticated(Author+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Catalyst Connect Zoho CRM Client Portal

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 2.1.0
Recommended Action: Update to version 2.1.0, or a newer patched version

Plugin: Spam protection, Anti-Spam, FireWall by CleanTalk

Vulnerability: Missing Authorization
Patched Version: 6.11
Recommended Action: Update to version 6.11, or a newer patched version

Plugin: Lana Text to Image

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 1.1.0
Recommended Action: Update to version 1.1.0, or a newer patched version

Plugin: WP Job Board

Vulnerability: Unauthenticated SQL Injection
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Subscribe2 – Form, Email Subscribers & Newsletters

Vulnerability: Cross-Site Request Forgery
Patched Version: 10.41
Recommended Action: Update to version 10.41, or a newer patched version

Plugin: Salon Booking System

Vulnerability: Cross-Site Request Forgery to Admin Role Change to Customer, User Meta Update via save_customer
Patched Version: 8.4.8
Recommended Action: Update to version 8.4.8, or a newer patched version

Plugin: Gallery Metabox

Vulnerability: Missing Authorization via refresh_metabox
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Booking Calendar Contact Form

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 1.2.41
Recommended Action: Update to version 1.2.41, or a newer patched version

Plugin: MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites

Vulnerability: Information Disclosure via Back-Up Files
Patched Version: 4.4.1.2
Recommended Action: Update to version 4.4.1.2, or a newer patched version

Plugin: NEX-Forms – Ultimate Form Builder – Contact forms and much more

Vulnerability: Ultimate Form Builder <= 8.4.3
Patched Version: 8.4.4
Recommended Action: Update to version 8.4.4, or a newer patched version

Plugin: AutomateWoo

Vulnerability: Cross-Site Request Forgery
Patched Version: 5.7.6
Recommended Action: Update to version 5.7.6, or a newer patched version

Plugin: teachPress

Vulnerability: Reflected Cross-Site Scripting via meta_field_id and cite_id
Patched Version: 9.0.3
Recommended Action: Update to version 9.0.3, or a newer patched version

Plugin: ApplyOnline – Application Form Builder and Manager

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 2.5.1
Recommended Action: Update to version 2.5.1, or a newer patched version

Plugin: WordPress Button Plugin MaxButtons

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 9.6
Recommended Action: Update to version 9.6, or a newer patched version

Plugin: SW Product Bundles

Plugin: Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress

Vulnerability: Authenticated (Administrator+) SQL Injection via ‘s’
Patched Version: 1.7.2
Recommended Action: Update to version 1.7.2, or a newer patched version

Plugin: Post SMTP – WordPress SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more

Vulnerability: Cross-Site Request Forgery to Arbitrary Log Deletion
Patched Version: 2.5.7
Recommended Action: Update to version 2.5.7, or a newer patched version

Plugin: Customer Service Software & Support Ticket System

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 5.13
Recommended Action: Update to version 5.13, or a newer patched version

Plugin: Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite

Vulnerability: Missing Authorization to Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: Caldera Forms Google Sheets Connector

Plugin: WP Abstracts

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 2.6.3
Recommended Action: Update to version 2.6.3, or a newer patched version

Plugin: WooCommerce Ship to Multiple Addresses

Vulnerability: Cross-Site Request Forgery
Patched Version: 3.8.6
Recommended Action: Update to version 3.8.6, or a newer patched version

Plugin: About Me 3000 widget

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: EmbedPress – Embed PDF, PDF 3D FlipBook, Instagram Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Maps & Upload PDF Documents

Vulnerability: Sensitive Information Exposure
Patched Version: 3.8.0
Recommended Action: Update to version 3.8.0, or a newer patched version

Plugin: Subscribe2 – Form, Email Subscribers & Newsletters

Vulnerability: Missing Authorization
Patched Version: 10.41
Recommended Action: Update to version 10.41, or a newer patched version

Plugin: WP Abstracts

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.6.3
Recommended Action: Update to version 2.6.3, or a newer patched version

Plugin: Colibri Page Builder

Vulnerability: Authenticated (Administrator+) SQL Injection via post_id
Patched Version: 1.0.229
Recommended Action: Update to version 1.0.229, or a newer patched version

Plugin: MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor

Vulnerability: Cross-Site Request Forgery via permalink_setup
Patched Version: 3.3.3
Recommended Action: Update to version 3.3.3, or a newer patched version

Plugin: Login Configurator

Vulnerability: Reflected Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: AutomateWoo

Vulnerability: Missing Authorization
Patched Version: 5.7.6
Recommended Action: Update to version 5.7.6, or a newer patched version

Plugin: Woocommerce Order Barcodes

Vulnerability: Cross-Site Request Forgery
Patched Version: 1.6.5
Recommended Action: Update to version 1.6.5, or a newer patched version

Plugin: Membership Plugin – Restrict Content

Vulnerability: Reflected Cross-Site Scripting
Patched Version: 3.2.3
Recommended Action: Update to version 3.2.3, or a newer patched version

Plugin: Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

Vulnerability: Unauthenticated Cross-Site Scripting
Patched Version: 2.9.10
Recommended Action: Update to version 2.9.10, or a newer patched version

Plugin: Mail Queue

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Email Subject
Patched Version: 1.2
Recommended Action: Update to version 1.2, or a newer patched version

Plugin: WP-Members Membership Plugin

Vulnerability: Cross-Site Request Forgery to Settings Update
Patched Version: 3.4.8
Recommended Action: Update to version 3.4.8, or a newer patched version

Plugin: WP Mail Logging

Vulnerability: Missing Authorization to Notice Dismissal
Patched Version: 1.12.0
Recommended Action: Update to version 1.12.0, or a newer patched version

Plugin: WooCommerce Google Sheet Connector

Plugin: Poll Maker – Versus Polls, Anonymous Polls, Image Polls

Vulnerability: Authenticated (Admin+) Server-Side Request Forgery
Patched Version: 4.6.3
Recommended Action: Update to version 4.6.3, or a newer patched version

Plugin: ReDi Restaurant Reservation

Vulnerability: Missing Authorization
Patched Version: 23.0212
Recommended Action: Update to version 23.0212, or a newer patched version

Plugin: Ninja Forms – The Contact Form Builder That Grows With You

Vulnerability: Authenticated (Admin+) Arbitrary File Deletion
Patched Version: 3.6.25
Recommended Action: Update to version 3.6.25, or a newer patched version

Plugin: Autochat Automatic Conversation

Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

Plugin: ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 4.0.5
Recommended Action: Update to version 4.0.5, or a newer patched version

Plugin: Gallery Metabox

Vulnerability: Missing Authorization via gallery_remove
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

***

Check out the Watch Out Wednesday Archive for past Watch Out Wednesday posts.

About the Author

Odell Duppins Jr

Well qualified professional with plenty of hands on experience with various technologies. Excellent analytical and troubleshooting skills with a keen ability of developing and/or simplifying processes by finding and developing new innovative solutions.