Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)

82 vulnerabilities were disclosed in WordPress software last week. Find all the details in this email.

Last week, there were 82 vulnerabilities disclosed in 59 WordPress plugins and 11 WordPress themes, along with 6 in WordPress Core, that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.

πŸŽ‰ We’d like to say a special thank you to the 26 Vulnerability Researchers that contributed to WordPress Security by responsibly disclosing those vulnerabilities!

The team also deployed 7 new firewall rule that provide Wordfence Premium, Care and Response customers with enhanced vulnerability protection for a vulnerability that has already started seeing active exploitation. Wordfence free users will receive this protection after a 30 day delay.


At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.

The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Unpatched 15
Patched 67

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable ai-engine
AutomateWoo automatewoo
BP Social Connect bp-social-connect
Baidu Tongji generator baidu-tongji-generator
Contact Form by Supsystic contact-form-by-supsystic
ConvertKit – Email Marketing, Newsletter, Subscribers and Landing Pages convertkit
Cookie Monster cookiemonster
Custom 404 Pro custom-404-pro
Customize WordPress Emails and Alerts – Better Notifications for WP bnfw
Drop Shadow Boxes drop-shadow-boxes
Easing Slider easing-slider
Easy Forms for Mailchimp yikes-inc-easy-mailchimp-extender
Essential Addons for Elementor Pro essential-addons-elementor
File Away file-away
Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty chaty
Jazz Popups jazz-popups
MStore API mstore-api
Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas
OTP Login Woocommerce & Gravity Forms mobile-login-woocommerce
Performance Lab performance-lab
Photo Gallery by Ays – Responsive Image Gallery gallery-photo-gallery
PixelYourSite Pro – Your smart PIXEL (TAG) Manager pixelyoursite-pro
PixelYourSite – Your smart PIXEL (TAG) Manager pixelyoursite
Predictive Search predictive-search
Predictive Search for WooCommerce woocommerce-predictive-search
Quiz Maker quiz-maker
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login custom-registration-form-builder-with-submission-manager
Ricerca – advanced search ricerca-smart-search
SEO Change Monitor – Track Website Changes seo-change-monitor
Scripts n Styles scripts-n-styles
Simple Page Ordering simple-page-ordering
Smart App Banner smart-app-banner
Stop Referrer Spam stop-referrer-spam
Stop Spammers Security | Block Spam Users, Comments, Forms stop-spammer-registrations-plugin
Survey Maker – Best WordPress Survey Plugin survey-maker
Ultimate Dashboard – Custom WordPress Dashboard ultimate-dashboard
UpdraftPlus WordPress Backup Plugin updraftplus
Video Gallery video-slider-with-thumbnails
WP Activity Log wp-security-audit-log
WP Activity Log Premium wp-security-audit-log-premium
WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc wp-sms
WP htaccess Control wp-htaccess-control
Waiting: One-click countdowns waiting
WeSecur Security – Antivirus, Malware Scanner and Protection for your WordPress wesecur-security
WishSuite – Wishlist for WooCommerce wishsuite
WooCommerce Bookings woocommerce-bookings
WooCommerce Brands woocommerce-brands
WooCommerce Composite Products woocommerce-composite-products
WooCommerce Pre-Orders woocommerce-pre-orders
WooCommerce Product Add-ons woocommerce-product-addons
WooCommerce Ship to Multiple Addresses woocommerce-shipping-multiple-addresses
WooDiscuz – WooCommerce Comments woodiscuz-woocommerce-comments
WordPress wordpress
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner β€” Groundhogg groundhogg
Zotpress zotpress
nuajik nuajik-cdn
reCAPTCHA and Cloudflare Turnstile For All Pages, to Block Spam and Hackers Attack, Block Visitors from China recaptcha-for-all
video carousel slider with lightbox wp-responsive-video-gallery-with-lightbox
woocommerce-product-recommendations woocommerce-product-recommendations

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Appzend appzend
BuzzStore buzzstore
Craft Blog craft-blog
Fitness Park fitness-park
Kathmag kathmag
Kingcabs kingcabs
Medical Heed medical-heed
MetroStore metrostore
Online eStore online-estore
SparkleStore sparklestore
SpiderMag spidermag

Source :Β  https://www.wordfence.com/blog/2023/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-may-15-2023-to-may-21-2023/


More news