Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)

90 vulnerabilities were disclosed in WordPress software last week. Find all the details in this email.

Last week, there were 90 vulnerabilities disclosed in 77 WordPress plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database by the Wordfence Threat Intelligence Team.

πŸŽ‰ We’d like to say a special thank you to the 29 Vulnerability Researchers that contributed to WordPress Security by responsibly disclosing those vulnerabilities!

The team also deployed 3 new firewall rules that provide Wordfence Premium, Care and Response customers with enhanced vulnerability protection for a vulnerability that has already started seeing active exploitation. Wordfence free users will receive this protection after a 30 day delay.


At Farweb, we have well updated the affected plugins and themes so that they are no longer a risk to your website.

The mission of the Wordfence Intelligence security plugin is to make information about vulnerabilities easily accessible to everyone. This article was translated directly from their newsletter.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Unpatched 26
Patched 64

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
AI ChatBot chatbot
Abandoned Cart Lite for WooCommerce woocommerce-abandoned-cart
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net woo-bulk-editor
Bubble Menu – circle floating menu bubble-menu
Button Generator – easily Button Builder button-generation
Calculator Builder calculator-builder
Conditional Menus conditional-menus
Contact Form Entries – Contact Form 7, WPforms and more contact-form-entries
Counter Box – WordPress plugin for countdown, timer, counter counter-box
Custom Post Type Generator custom-post-type-generator
Custom Twitter Feeds (Tweets Widget) custom-twitter-feeds
Download Theme download-theme
Duplicator Pro duplicator-pro
Easy Admin Menu easy-admin-menu
Easy Captcha easy-captcha
Easy Google Maps google-maps-easy
Elementor Website Builder – More than Just a Page Builder elementor
EventPrime – Modern Events Calendar, Bookings and Tickets eventprime-event-calendar-management
File Renaming on Upload file-renaming-on-upload
Flickr Justified Gallery flickr-justified-gallery
Float menu – awesome floating side menu float-menu
Floating button profit-button
Front End Users front-end-only-users
Go Pricing – WordPress Responsive Pricing Tables go_pricing
Google Map Shortcode google-map-shortcode
Herd Effects – fake notifications and social proof plugin mwp-herd-effect
IP Metaboxes ip-metaboxes
Integration for Contact Form 7 and Zoho CRM, Bigin cf7-zoho
JetFormBuilder β€” Dynamic Blocks Form Builder jetformbuilder
LearnDash WordPress Plugin sfwd-lms
Leyka leyka
MStore API mstore-api
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder mailchimp-subscribe-sm
Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas
Novelist novelist
OAuth Single Sign On – SSO (OAuth Client) miniorange-login-with-eve-online-google-facebook
Popup Box – new WordPress popup plugin popup-box
Product Gallery Slider for WooCommerce woo-product-gallery-slider
Product Vendors woocommerce-product-vendors
QuBot – Chatbot Builder with Templates qubotchat
QueryWall: Plug’n Play Firewall querywall
Recently Viewed Products recently-viewed-products
Responsive Tabs For WPBakery Page Builder (formerly Visual Composer) responsive-tabs-for-wpbakery
SIS Handball sis-handball
SKU Label Changer For WooCommerce woo-sku-label-changer
Shopping Cart & eCommerce Store wp-easycart
Side Menu Lite – add sticky fixed buttons side-menu-lite
SlideOnline slideonline
Slider Revolution revslider
Sticky Buttons – floating buttons builder sticky-buttons
SupportCandy – Helpdesk & Support Ticket System supportcandy
This Day In History this-day-in-history
Tutor LMS – eLearning and online course solution tutor
UTM Tracker utm-tracker
Uncanny Automator – Automate everything with the #1 no-code Automation tool for WordPress uncanny-automator
Unite Gallery Lite unite-gallery-lite
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor
Upload Resume resume-upload-form
User Activity Log user-activity-log
Video Contest WordPress Plugin video-contest
WIP Custom Login wip-custom-login
WP Coder – add custom html, css and js code wp-coder
WP Tiles wp-tiles
WP-Hijri wp-hijri
WP-Matomo Integration (WP-Piwik) wp-piwik
WS Form LITE – Drag & Drop Contact Form Builder for WordPress ws-form
WooCommerce Product Categories Selection Widget woocommerce-product-category-selection-widget
WooCommerce Shipping & Tax woocommerce-services
WordPress Backup & Migration wp-migration-duplicator
WordPress File Upload wp-file-upload
WordPress File Upload Pro wordpress-file-upload-pro
Wow Skype Buttons mwp-skype
Yoast SEO: Local wpseo-local
YouTube Playlist Player youtube-playlist-player
seo-by-rank-math-pro seo-by-rank-math-pro
woocommerce-follow-up-emails woocommerce-follow-up-emails
woocommerce-warranty woocommerce-warranty

Source :Β  https://www.wordfence.com/blog/2023/06/wordfence-intelligence-weekly-wordpress-vulnerability-report-may-22-2023-to-may-28-2023/Β 


More news