Wordfence Intelligence Weekly WordPress Vulnerability Report (May 1, 2023 to May 7, 2023)

Last week, there were 58 vulnerabilities disclosed in 43 WordPress plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.

The team also deployed 1 new firewall rule that provide Wordfence Premium, Care and Response customers with enhanced vulnerability protection. Wordfence free users will receive this protection after a 30 day delay.

P.S. If you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.


At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.

The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Unpatched 14
Patched 44

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
Add to Feedly add-to-feedly
Advanced Custom Fields (ACF) advanced-custom-fields
Advanced Custom Fields Pro advanced-custom-fields-pro
Advanced Woo Search advanced-woo-search
Albo Pretorio On line albo-pretorio-on-line
AnyWhere Elementor anywhere-elementor
CM Pop-Up banners for WordPress cm-pop-up-banners
Community by PeepSo – Social Network, Membership, Registration, User Profiles peepso-core
Contact Form 7 extension for Google Map fields cf7-google-map
Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free cryptocurrency-donation-box
Custom 404 Pro custom-404-pro
DX Delete Attached Media dx-delete-attached-media
Easy Appointments easy-appointments
Easy Digital Downloads – Simple eCommerce for Selling Digital Files easy-digital-downloads
FV Flowplayer Video Player fv-wordpress-flowplayer
Fast & Effective Popups & Lead-Generation for WordPress – HollerBox holler-box
Hostel hostel
Image Optimizer by 10web – Image Optimizer and Compression plugin image-optimizer-wd
Library Viewer library-viewer
Login rebuilder login-rebuilder
Loginizer loginizer
Manager for Icomoon manager-for-icomoon
Metform Elementor Contact Form Builder – Flexible and Design-Friendly Contact Form builder plugin for WordPress metform
Multi Rating multi-rating
Newsletter Popup newsletter-popup
OSM – OpenStreetMap osm
Otter – Gutenberg Blocks – Page Builder for Gutenberg Editor & FSE otter-blocks
Participants Database participants-database
Photo Gallery by Ays – Responsive Image Gallery gallery-photo-gallery
Product Addons & Fields for WooCommerce woocommerce-product-addon
Spiffy Calendar spiffy-calendar
TK Google Fonts GDPR Compliant tk-google-fonts
TP Education tp-education
UserAgent-Spy useragent-spy
WOLF – WordPress Posts Bulk Editor and Manager Professional bulk-editor
WP Directory Kit wpdirectorykit
WP Docs wp-docs
WP EasyPay – Square for WordPress wp-easy-pay
WP Fastest Cache wp-fastest-cache
WP Job Portal – A Complete Job Board wp-job-portal
WP-FormAssembly formassembly-web-forms
WPO365 | Mail Integration for Office 365 / Outlook mail-integration-365
WPPizza – A Restaurant Plugin wppizza

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Editorialmag editorialmag
JupiterX jupiterx
TheGem thegem

Source : https://www.wordfence.com/blog/2023/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-may-1-2023-to-may-7-2023/


More news