Last week, there were 77 vulnerabilities disclosed in 68 WordPress plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.
There were more unpatched vulnerabilities than patched vulnerabilities last week, so it’s more important than ever to review the vulnerability report to ensure your site isn’t affected by any of the vulnerabilities that have been disclosed, and take corrective action if your site is.
At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.
The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status | Number of Vulnerabilities |
Unpatched | 40 |
Patched | 37 |
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name | Software Slug |
AJAX Thumbnail Rebuild | ajax-thumbnail-rebuild |
Advanced Category Template | advanced-category-template |
Advanced Youtube Channel Pagination | advanced-youtube-channel-pagination |
Arconix Shortcodes | arconix-shortcodes |
Autoptimize | autoptimize |
BSK Forms Blacklist | bsk-gravityforms-blacklist |
Bit File Manager – 100% free file manager for WordPress | file-manager |
Booking Manager | booking-manager |
CM On Demand Search And Replace | cm-on-demand-search-and-replace |
CRM Memberships | crm-memberships |
Chronosly Events Calendar | chronosly-events-calendar |
ClickFunnels | clickfunnels |
Custom 404 Pro | custom-404-pro |
Customizer Export/Import | customizer-export-import |
Decon WP SMS | decon-wp-sms |
Depicter Slider – Responsive Image Slider, Video Slider & Post Slider | depicter |
Display custom fields in the frontend – Post and User Profile Fields | shortcode-to-display-post-and-user-data |
Dynamically Register Sidebars | dynamically-register-sidebars |
Easy Bet | easy-bet |
Elementor Website Builder | elementor |
Emails & Newsletters with Jackmail | jackmail-newsletters |
Extensions for Leaflet Map | extensions-leaflet-map |
Forms Ada – Form Builder | forms-ada-form-builder |
HTTP Headers | http-headers |
Image Optimizer by 10web – Image Optimizer and Compression plugin | image-optimizer-wd |
Inactive User Deleter | inactive-user-deleter |
Integration for Contact Form 7 HubSpot | cf7-hubspot |
Ko-fi Button | ko-fi-button |
Logo Scheduler – Great for holidays, events, and more | logo-scheduler-great-for-holidays-events-and-more |
Maintenance Switch | maintenance-switch |
Mass Email To users | mass-email-to-users |
NS Coupon To Become Customer | ns-coupon-to-become-customer |
Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | ninja-forms |
Orbit Fox by ThemeIsle | themeisle-companion |
Photo Gallery Slideshow & Masonry Tiled Gallery | wp-responsive-photo-gallery |
Plugins List | plugins-list |
Progress Bar | progress-bar |
Push Notifications for WordPress by PushAssist | push-notification-for-wp-by-pushassist |
REST API TO MiniProgram | rest-api-to-miniprogram |
Rating-Widget: Star Review System | rating-widget |
Recipe Maker For Your Food Blog from Zip Recipes | zip-recipes |
SEO ALert | seo-alert |
Shield Security – Smart Bot Blocking & Intrusion Prevention | wp-simple-firewall |
Simple Giveaways – Grow your business, email lists and traffic with contests | giveasap |
Stock Sync for WooCommerce | stock-sync-for-woocommerce |
Stream | stream |
Thumbnail Slider With Lightbox | wp-responsive-slider-with-lightbox |
Thumbs Rating | thumbs-rating |
Tiempo.com | tiempocom |
Tippy | tippy |
URL Params | url-params |
Ultimate Addons for Contact Form 7 | ultimate-addons-for-contact-form-7 |
Updraft | updraft |
User IP and Location | user-ip-and-location |
Video XML Sitemap Generator | video-xml-sitemap-generator |
WP BrowserUpdate | wp-browser-update |
WP Directory Kit | wpdirectorykit |
WP Inventory Manager | wp-inventory-manager |
WP Page Numbers | wp-page-numbers |
WP Search Analytics | search-analytics |
WP Visitor Statistics (Real Time Traffic) | wp-stats-manager |
WP-CORS | wp-cors |
WooCommerce Multivendor Marketplace – REST API | wcfm-marketplace-rest-api |
Woocommerce Tip/Donation | woo-tipdonation |
XML for Google Merchant Center | xml-for-google-merchant-center |
YARPP – Yet Another Related Posts Plugin | yet-another-related-posts-plugin |
Zephyr Project Manager | zephyr-project-manager |
wordpress vertical image slider plugin | wp-vertical-image-slider |
WordPress Themes with Reported Vulnerabilities Last Week
Software Name | Software Slug |
Arya Multipurpose | arya-multipurpose |
Mocho Blog | mocho-blog |
Viable Blog | viable-blog |