82 vulnerabilities were disclosed in WordPress software last week. Find all the details in this email.
Last week, there were 82 vulnerabilities disclosed in 59 WordPress plugins and 11 WordPress themes, along with 6 in WordPress Core, that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.
π We’d like to say a special thank you to the 26 Vulnerability Researchers that contributed to WordPress Security by responsibly disclosing those vulnerabilities!
The team also deployed 7 new firewall rule that provide Wordfence Premium, Care and Response customers with enhanced vulnerability protection for a vulnerability that has already started seeing active exploitation. Wordfence free users will receive this protection after a 30 day delay.
At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.
The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
| Unpatched | 15 |
| Patched | 67 |
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable | ai-engine |
| AutomateWoo | automatewoo |
| BP Social Connect | bp-social-connect |
| Baidu Tongji generator | baidu-tongji-generator |
| Contact Form by Supsystic | contact-form-by-supsystic |
| ConvertKit β Email Marketing, Newsletter, Subscribers and Landing Pages | convertkit |
| Cookie Monster | cookiemonster |
| Custom 404 Pro | custom-404-pro |
| Customize WordPress Emails and Alerts β Better Notifications for WP | bnfw |
| Drop Shadow Boxes | drop-shadow-boxes |
| Easing Slider | easing-slider |
| Easy Forms for Mailchimp | yikes-inc-easy-mailchimp-extender |
| Essential Addons for Elementor Pro | essential-addons-elementor |
| File Away | file-away |
| Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button β Chaty | chaty |
| Jazz Popups | jazz-popups |
| MStore API | mstore-api |
| Multiple Page Generator Plugin β MPG | multiple-pages-generator-by-porthas |
| OTP Login Woocommerce & Gravity Forms | mobile-login-woocommerce |
| Performance Lab | performance-lab |
| Photo Gallery by Ays β Responsive Image Gallery | gallery-photo-gallery |
| PixelYourSite Pro β Your smart PIXEL (TAG) Manager | pixelyoursite-pro |
| PixelYourSite β Your smart PIXEL (TAG) Manager | pixelyoursite |
| Predictive Search | predictive-search |
| Predictive Search for WooCommerce | woocommerce-predictive-search |
| Quiz Maker | quiz-maker |
| RegistrationMagic β Custom Registration Forms, User Registration, Payment, and User Login | custom-registration-form-builder-with-submission-manager |
| Ricerca β advanced search | ricerca-smart-search |
| SEO Change Monitor β Track Website Changes | seo-change-monitor |
| Scripts n Styles | scripts-n-styles |
| Simple Page Ordering | simple-page-ordering |
| Smart App Banner | smart-app-banner |
| Stop Referrer Spam | stop-referrer-spam |
| Stop Spammers Security | Block Spam Users, Comments, Forms | stop-spammer-registrations-plugin |
| Survey Maker β Best WordPress Survey Plugin | survey-maker |
| Ultimate Dashboard β Custom WordPress Dashboard | ultimate-dashboard |
| UpdraftPlus WordPress Backup Plugin | updraftplus |
| Video Gallery | video-slider-with-thumbnails |
| WP Activity Log | wp-security-audit-log |
| WP Activity Log Premium | wp-security-audit-log-premium |
| WP SMS β Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc | wp-sms |
| WP htaccess Control | wp-htaccess-control |
| Waiting: One-click countdowns | waiting |
| WeSecur Security β Antivirus, Malware Scanner and Protection for your WordPress | wesecur-security |
| WishSuite β Wishlist for WooCommerce | wishsuite |
| WooCommerce Bookings | woocommerce-bookings |
| WooCommerce Brands | woocommerce-brands |
| WooCommerce Composite Products | woocommerce-composite-products |
| WooCommerce Pre-Orders | woocommerce-pre-orders |
| WooCommerce Product Add-ons | woocommerce-product-addons |
| WooCommerce Ship to Multiple Addresses | woocommerce-shipping-multiple-addresses |
| WooDiscuz β WooCommerce Comments | woodiscuz-woocommerce-comments |
| WordPress | wordpress |
| WordPress CRM, Email & Marketing Automation for WordPress | Award Winner β Groundhogg | groundhogg |
| Zotpress | zotpress |
| nuajik | nuajik-cdn |
| reCAPTCHA and Cloudflare Turnstile For All Pages, to Block Spam and Hackers Attack, Block Visitors from China | recaptcha-for-all |
| video carousel slider with lightbox | wp-responsive-video-gallery-with-lightbox |
| woocommerce-product-recommendations | woocommerce-product-recommendations |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Appzend | appzend |
| BuzzStore | buzzstore |
| Craft Blog | craft-blog |
| Fitness Park | fitness-park |
| Kathmag | kathmag |
| Kingcabs | kingcabs |
| Medical Heed | medical-heed |
| MetroStore | metrostore |
| Online eStore | online-estore |
| SparkleStore | sparklestore |
| SpiderMag | spidermag |
