Understanding Vulnerabilities in WordPress Plugins
Every week, we highlight known vulnerabilities in WordPress plugins. This information helps you stay informed about potential risks and take appropriate action to protect your website. By addressing these vulnerabilities, you ensure the safety and integrity of your WordPress site and its data.
Plugin: Export Users Data Distinct
Vulnerability: Authenticated (Subscriber+) CSV Injection
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Maps Widget for Google Maps
Vulnerability: Cross-Site Request Forgery via dismiss_notice
Patched Version: 4.24
Recommended Action: Update to version 4.24, or a newer patched version
Plugin: Solid Security – Password, Two Factor Authentication, and Brute Force Protection
Vulnerability: Open Redirection via redirect_to_https
Patched Version: 8.1.5
Recommended Action: Update to version 8.1.5, or a newer patched version
Plugin: Advanced Local Pickup for WooCommerce
Vulnerability: Missing Authorization
Patched Version: 1.5.3
Recommended Action: Update to version 1.5.3, or a newer patched version
Plugin: SupportCandy – Helpdesk & Customer Support Ticket System
Vulnerability: Sensitive Data Exposure
Patched Version: 3.1.4
Recommended Action: Update to version 3.1.4, or a newer patched version
Plugin: Continuous Image Carousel With Lightbox
Vulnerability: Reflected Cross-Site Scripting via search_term, order_by and order_pos
Patched Version: 1.0.16
Recommended Action: Update to version 1.0.16, or a newer patched version
Plugin: WP Image Carousel
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Popup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions
Vulnerability: Cross Site Request Forgery
Patched Version: 2.2.2
Recommended Action: Update to version 2.2.2, or a newer patched version
Plugin: Waiting: One-click countdowns
Vulnerability: Authenticated (Subscriber+) SQL Injection via ‘pbc_down[meta][id]’
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WooCommerce Cart & Floating Cart
Vulnerability: Cross-Site Request Forgery
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version
Plugin: Quick Paypal Payments
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 5.7.26.4
Recommended Action: Update to version 5.7.26.4, or a newer patched version
Plugin: Review Stream
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 1.6.6
Recommended Action: Update to version 1.6.6, or a newer patched version
Plugin: Easy Forms for Mailchimp
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 6.8.7
Recommended Action: Update to version 6.8.7, or a newer patched version
Plugin: WooCommerce Cart & Floating Cart
Vulnerability: Missing Authorization
Patched Version: 1.1.2
Recommended Action: Update to version 1.1.2, or a newer patched version
Plugin: Wbcom Designs – BuddyPress Activity Social Share
Vulnerability: Cross-Site Request Forgery
Patched Version: 3.5.1
Recommended Action: Update to version 3.5.1, or a newer patched version
Plugin: WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout
Vulnerability: Stored (Contributor+) Cross-Site Scripting via Shortcode
Patched Version: 1.6.2
Recommended Action: Update to version 1.6.2, or a newer patched version
Plugin: Custom Post Type and Taxonomy GUI Manager
Vulnerability: Cross-Site Request Forgery to Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Pricing Tables For WPBakery Page Builder (formerly Visual Composer)
Vulnerability: Authenticated (Subscriber+) Local File Inclusion via Shortcode
Patched Version: 3.0
Recommended Action: Update to version 3.0, or a newer patched version
Plugin: Owl Carousel
Vulnerability: Missing Authorization via save_paramter.php
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Continuous Image Carousel With Lightbox
Vulnerability: Reflected Cross-Site Scripting via search_term, order_by and order_pos
Patched Version: 1.0.16
Recommended Action: Update to version 1.0.16, or a newer patched version
Plugin: Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 4.7.0
Recommended Action: Update to version 4.7.0, or a newer patched version
Plugin: If Menu – Visibility control for Menus
Vulnerability: Missing Authorization to Admin Settings Modification
Patched Version: 0.17
Recommended Action: Update to version 0.17, or a newer patched version
Plugin: WooPayments: Integrated WooCommerce Payments
Vulnerability: 5.6.1 Authentication Bypass and Privilege Escalation
Patched Version: 5.6.2
Recommended Action: Update to version 5.6.2, or a newer patched version
Plugin: LionScripts: IP Blocker Lite
Vulnerability: Cross-Site Request Forgery
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Elementor Website Builder Pro
Vulnerability: Authenticated(Subscriber+) Privilege Escalation via update_page_option
Patched Version: 3.11.7
Recommended Action: Update to version 3.11.7, or a newer patched version
Plugin: W4 Post List
Vulnerability: Information Disclosure via post_excerpt
Patched Version: 2.4.6
Recommended Action: Update to version 2.4.6, or a newer patched version
Plugin: WC Fields Factory
Vulnerability: Authenticated(Subscriber+) SQL Injection
Patched Version: 4.1.6
Recommended Action: Update to version 4.1.6, or a newer patched version
Plugin: eRoom – Zoom Meetings & Webinars
Vulnerability: Missing Authorization via stm_wpcfto_get_settings_callback
Patched Version: 1.4.7
Recommended Action: Update to version 1.4.7, or a newer patched version
Plugin: GiveWP – Donation Plugin and Fundraising Platform
Vulnerability: Cross-Site Request Forgery
Patched Version: 2.25.3
Recommended Action: Update to version 2.25.3, or a newer patched version
Plugin: W4 Post List
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Options
Patched Version: 2.4.6
Recommended Action: Update to version 2.4.6, or a newer patched version
Plugin: MS-Reviews
Vulnerability: Authenticated (Subscriber+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Variation Swatches for WooCommerce
Vulnerability: Cross-Site Request Forgery via delete_settings
Patched Version: 1.2.8
Recommended Action: Update to version 1.2.8, or a newer patched version
Plugin: WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress
Vulnerability: Reflected Cross-Site Scripting
Patched Version: 8.2.6
Recommended Action: Update to version 8.2.6, or a newer patched version
Plugin: WC Fields Factory
Vulnerability: Authenticated (Administrator+) SQL Injection
Patched Version: 4.1.6
Recommended Action: Update to version 4.1.6, or a newer patched version
Plugin: CBX Currency Converter
Vulnerability: Cross-Site Request Forgery leading to Plugin Settings Leakage/Changes
Patched Version: 3.0.4
Recommended Action: Update to version 3.0.4, or a newer patched version
Plugin: Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons
Vulnerability: Reflected Cross-Site Scripting
Patched Version: 21.1.2.1
Recommended Action: Update to version 21.1.2.1, or a newer patched version
Plugin: ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup
Vulnerability: Unauthenticated SQL Injection
Patched Version: 4.0
Recommended Action: Update to version 4.0, or a newer patched version
Plugin: Product Compare for WooCommerce
Vulnerability: Missing Authorization via settings_init
Patched Version: 1.2.6
Recommended Action: Update to version 1.2.6, or a newer patched version
Plugin: Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress
Vulnerability: Authenticated (Contributor+) SQL Injection
Patched Version: 6.4.2.1
Recommended Action: Update to version 6.4.2.1, or a newer patched version
Plugin: amr users
Vulnerability: Authenticated (Subscriber+) CSV Injection
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Video Central for WordPress
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Product Specifications for Woocommerce
Vulnerability: Reflected Cross-Site Scripting via Arbitrary Query String Parameter
Patched Version: 0.7.0
Recommended Action: Update to version 0.7.0, or a newer patched version
Plugin: Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress
Vulnerability: Authenticated (Author+) Stored Cross-Site Scripting
Patched Version: 4.7.0
Recommended Action: Update to version 4.7.0, or a newer patched version
Plugin: W4 Post List
Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.4.6
Recommended Action: Update to version 2.4.6, or a newer patched version
Plugin: Woocommerce Custom Checkout Fields Editor With Drag & Drop
Vulnerability: Reflected Cross-Site Scripting via ‘tab’
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: WP Meta SEO
Vulnerability: Authenticated (Author+) PHAR Deserialization
Patched Version: 4.5.5
Recommended Action: Update to version 4.5.5, or a newer patched version
Plugin: I Recommend This
Vulnerability: Cross-Site Request Forgery
Patched Version: 3.9.1
Recommended Action: Update to version 3.9.1, or a newer patched version
Plugin: GiveWP – Donation Plugin and Fundraising Platform
Vulnerability: Cross-Site Request Forgery via give_ajax_delete_payment_note
Patched Version: 2.25.3
Recommended Action: Update to version 2.25.3, or a newer patched version
Plugin: Pagination by BestWebSoft – Customizable WordPress Content Splitter and Navigation Plugin
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 1.2.3
Recommended Action: Update to version 1.2.3, or a newer patched version
Plugin: Easy Media Replace
Vulnerability: Authenticated (Author+) Arbitrary File Deletion
Patched Version: 0.2.0
Recommended Action: Update to version 0.2.0, or a newer patched version
Plugin: Albo Pretorio On line
Vulnerability: Reflected Cross-Site Scripting via ‘Errore’
Patched Version: 4.6.1
Recommended Action: Update to version 4.6.1, or a newer patched version
Plugin: WordPress Contact Forms by Cimatti
Vulnerability: Unauthenticated Stored Cross-Site Scripting
Patched Version: 1.5.5
Recommended Action: Update to version 1.5.5, or a newer patched version
Plugin: WordPress Contact Forms by Cimatti
Vulnerability: Reflected Cross-Site Scripting via ‘form-field-id’, ‘edit-fid’, ‘id’, ‘name’, ‘type’, ‘description’ Parameters
Patched Version: 1.5.5
Recommended Action: Update to version 1.5.5, or a newer patched version
Plugin: Advanced Shipment Tracking for WooCommerce
Vulnerability: Cross-Site Request Forgery via paginate_shipping_provider_list and filter_shipping_provider_list
Patched Version: 3.5.3
Recommended Action: Update to version 3.5.3, or a newer patched version
Plugin: Stock Sync for WooCommerce
Vulnerability: Missing Authorization
Patched Version: 2.4.0
Recommended Action: Update to version 2.4.0, or a newer patched version
Plugin: Pricing Tables For WPBakery Page Builder (formerly Visual Composer)
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Patched Version: 3.0
Recommended Action: Update to version 3.0, or a newer patched version
Plugin: Product Feed PRO for WooCommerce by AdTribes – WooCommerce Product Feeds
Vulnerability: Cross-Site Request Forgery via update_project
Patched Version: 12.4.1
Recommended Action: Update to version 12.4.1, or a newer patched version
Plugin: Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
Vulnerability: Unauthenticated Cross-Site Scripting
Patched Version: 4.5.4
Recommended Action: Update to version 4.5.4, or a newer patched version
Plugin: Safe SVG
Vulnerability: Cross-Site Scripting Bypass
Patched Version: 2.1.0
Recommended Action: Update to version 2.1.0, or a newer patched version
Plugin: Full Width Banner Slider Wp
Vulnerability: Reflected Cross-Site Scripting via search_term
Patched Version: 1.1.8
Recommended Action: Update to version 1.1.8, or a newer patched version
Plugin: Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress
Vulnerability: Authenticated (Author+) SQL Injection
Patched Version: 4.7.0
Recommended Action: Update to version 4.7.0, or a newer patched version
Plugin: Stock Sync for WooCommerce
Vulnerability: Cross-Site Request Forgery
Patched Version: 2.4.0
Recommended Action: Update to version 2.4.0, or a newer patched version
Plugin: GiveWP – Donation Plugin and Fundraising Platform
Vulnerability: Cross-Site Request Forgery via give_ajax_store_payment_note
Patched Version: 2.25.3
Recommended Action: Update to version 2.25.3, or a newer patched version
Plugin: FileBird – WordPress Media Library Folders & File Manager
Vulnerability: Missing Authorization via resAdminPermissionsCheck
Patched Version: 5.1.5
Recommended Action: Update to version 5.1.5, or a newer patched version
Plugin: Themeflection Numbers – Number Counter and Animated Numbers
Vulnerability: Authenticated(Subscriber+) Privilege Escalation via tf_numb_save_licenses
Patched Version: 2.0.1
Recommended Action: Update to version 2.0.1, or a newer patched version
Plugin: LiteSpeed Cache
Vulnerability: Missing Authorization to Toggle Crawler State
Patched Version: 5.3.1
Recommended Action: Update to version 5.3.1, or a newer patched version
Plugin: WooCommerce JazzCash Gateway Plugin
Vulnerability: Unauthenticated Cross-Site Scripting
Patched Version: No patched version available
Recommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Plugin: Thank You Page Customizer for WooCommerce – Increase Your Sales
Vulnerability: Cross-Site Request Forgery via send_email
Patched Version: 1.0.14
Recommended Action: Update to version 1.0.14, or a newer patched version
Plugin: Custom Post Type UI
Vulnerability: Cross-Site Request Forgery to Sensitive Information Exposure
Patched Version: 1.13.5
Recommended Action: Update to version 1.13.5, or a newer patched version
Plugin: Simple Author Box
Vulnerability: Cross-Site Request Forgery via save_user_profile
Patched Version: 2.51
Recommended Action: Update to version 2.51, or a newer patched version
Plugin: Newsletter – Send awesome emails from WordPress
Vulnerability: Reflected Cross-Site Scripting
Patched Version: 7.6.9
Recommended Action: Update to version 7.6.9, or a newer patched version
Plugin: Bulk Price Update for Woocommerce
Vulnerability: Reflected Cross-Site Scripting
Patched Version: 2.2.2
Recommended Action: Update to version 2.2.2, or a newer patched version
Plugin: Pagination by BestWebSoft – Customizable WordPress Content Splitter and Navigation Plugin
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting
Patched Version: 1.2.3
Recommended Action: Update to version 1.2.3, or a newer patched version
***
Check out the Watch Out Wednesday Archive for past Watch Out Wednesday posts.
