Last week, there were 58 vulnerabilities disclosed in 43 WordPress plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.
The team also deployed 1 new firewall rule that provide Wordfence Premium, Care and Response customers with enhanced vulnerability protection. Wordfence free users will receive this protection after a 30 day delay.
P.S. If you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.
At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.
The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
| Unpatched | 14 |
| Patched | 44 |
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Add to Feedly | add-to-feedly |
| Advanced Custom Fields (ACF) | advanced-custom-fields |
| Advanced Custom Fields Pro | advanced-custom-fields-pro |
| Advanced Woo Search | advanced-woo-search |
| Albo Pretorio On line | albo-pretorio-on-line |
| AnyWhere Elementor | anywhere-elementor |
| CM Pop-Up banners for WordPress | cm-pop-up-banners |
| Community by PeepSo – Social Network, Membership, Registration, User Profiles | peepso-core |
| Contact Form 7 extension for Google Map fields | cf7-google-map |
| Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free | cryptocurrency-donation-box |
| Custom 404 Pro | custom-404-pro |
| DX Delete Attached Media | dx-delete-attached-media |
| Easy Appointments | easy-appointments |
| Easy Digital Downloads – Simple eCommerce for Selling Digital Files | easy-digital-downloads |
| FV Flowplayer Video Player | fv-wordpress-flowplayer |
| Fast & Effective Popups & Lead-Generation for WordPress – HollerBox | holler-box |
| Hostel | hostel |
| Image Optimizer by 10web – Image Optimizer and Compression plugin | image-optimizer-wd |
| Library Viewer | library-viewer |
| Login rebuilder | login-rebuilder |
| Loginizer | loginizer |
| Manager for Icomoon | manager-for-icomoon |
| Metform Elementor Contact Form Builder – Flexible and Design-Friendly Contact Form builder plugin for WordPress | metform |
| Multi Rating | multi-rating |
| Newsletter Popup | newsletter-popup |
| OSM – OpenStreetMap | osm |
| Otter – Gutenberg Blocks – Page Builder for Gutenberg Editor & FSE | otter-blocks |
| Participants Database | participants-database |
| Photo Gallery by Ays – Responsive Image Gallery | gallery-photo-gallery |
| Product Addons & Fields for WooCommerce | woocommerce-product-addon |
| Spiffy Calendar | spiffy-calendar |
| TK Google Fonts GDPR Compliant | tk-google-fonts |
| TP Education | tp-education |
| UserAgent-Spy | useragent-spy |
| WOLF – WordPress Posts Bulk Editor and Manager Professional | bulk-editor |
| WP Directory Kit | wpdirectorykit |
| WP Docs | wp-docs |
| WP EasyPay – Square for WordPress | wp-easy-pay |
| WP Fastest Cache | wp-fastest-cache |
| WP Job Portal – A Complete Job Board | wp-job-portal |
| WP-FormAssembly | formassembly-web-forms |
| WPO365 | Mail Integration for Office 365 / Outlook | mail-integration-365 |
| WPPizza – A Restaurant Plugin | wppizza |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Editorialmag | editorialmag |
| JupiterX | jupiterx |
| TheGem | thegem |
