Rapport hebdomadaire de Wordfence sur les vulnérabilités de WordPress (du 24 avril au 30 avril 2023)

La semaine dernière, 77 vulnérabilités ont été divulguées dans 68 plugins WordPress et 3 thèmes WordPress qui ont été ajoutés à la base de données des vulnérabilités de Wordfence Intelligence par l’équipe de renseignement sur les menaces de Wordfence.

Il y avait davantage de vulnérabilités non corrigées que de vulnérabilités corrigées la semaine dernière, il est donc plus important que jamais d’examiner le rapport de vulnérabilité pour s’assurer que votre site n’est pas affecté par l’une des vulnérabilités qui ont été divulguées, et de prendre des mesures correctives si votre site l’est.

Au Farweb, nous avons bien mis à jour les plugins et les thèmes concernés afin que ceux-ci ne soient plus un risque pour votre site Internet.

La mission du plugin de sécurité Wordfence Intelligence est de rendre des informations sur les vulnérabilités facilement accessibles à tous. Cette article a été traduit directement depuis leur newsletter.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Unpatched 40
Patched 37

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
AJAX Thumbnail Rebuild ajax-thumbnail-rebuild
Advanced Category Template advanced-category-template
Advanced Youtube Channel Pagination advanced-youtube-channel-pagination
Arconix Shortcodes arconix-shortcodes
Autoptimize autoptimize
BSK Forms Blacklist bsk-gravityforms-blacklist
Bit File Manager – 100% free file manager for WordPress file-manager
Booking Manager booking-manager
CM On Demand Search And Replace cm-on-demand-search-and-replace
CRM Memberships crm-memberships
Chronosly Events Calendar chronosly-events-calendar
ClickFunnels clickfunnels
Custom 404 Pro custom-404-pro
Customizer Export/Import customizer-export-import
Decon WP SMS decon-wp-sms
Depicter Slider – Responsive Image Slider, Video Slider & Post Slider depicter
Display custom fields in the frontend – Post and User Profile Fields shortcode-to-display-post-and-user-data
Dynamically Register Sidebars dynamically-register-sidebars
Easy Bet easy-bet
Elementor Website Builder elementor
Emails & Newsletters with Jackmail jackmail-newsletters
Extensions for Leaflet Map extensions-leaflet-map
Forms Ada – Form Builder forms-ada-form-builder
HTTP Headers http-headers
Image Optimizer by 10web – Image Optimizer and Compression plugin image-optimizer-wd
Inactive User Deleter inactive-user-deleter
Integration for Contact Form 7 HubSpot cf7-hubspot
Ko-fi Button ko-fi-button
Logo Scheduler – Great for holidays, events, and more logo-scheduler-great-for-holidays-events-and-more
Maintenance Switch maintenance-switch
Mass Email To users mass-email-to-users
NS Coupon To Become Customer ns-coupon-to-become-customer
Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress ninja-forms
Orbit Fox by ThemeIsle themeisle-companion
Photo Gallery Slideshow & Masonry Tiled Gallery wp-responsive-photo-gallery
Plugins List plugins-list
Progress Bar progress-bar
Push Notifications for WordPress by PushAssist push-notification-for-wp-by-pushassist
REST API TO MiniProgram rest-api-to-miniprogram
Rating-Widget: Star Review System rating-widget
Recipe Maker For Your Food Blog from Zip Recipes zip-recipes
SEO ALert seo-alert
Shield Security – Smart Bot Blocking & Intrusion Prevention wp-simple-firewall
Simple Giveaways – Grow your business, email lists and traffic with contests giveasap
Stock Sync for WooCommerce stock-sync-for-woocommerce
Stream stream
Thumbnail Slider With Lightbox wp-responsive-slider-with-lightbox
Thumbs Rating thumbs-rating
Tiempo.com tiempocom
Tippy tippy
URL Params url-params
Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7
Updraft updraft
User IP and Location user-ip-and-location
Video XML Sitemap Generator video-xml-sitemap-generator
WP BrowserUpdate wp-browser-update
WP Directory Kit wpdirectorykit
WP Inventory Manager wp-inventory-manager
WP Page Numbers wp-page-numbers
WP Search Analytics search-analytics
WP Visitor Statistics (Real Time Traffic) wp-stats-manager
WP-CORS wp-cors
WooCommerce Multivendor Marketplace – REST API wcfm-marketplace-rest-api
Woocommerce Tip/Donation woo-tipdonation
XML for Google Merchant Center xml-for-google-merchant-center
YARPP – Yet Another Related Posts Plugin yet-another-related-posts-plugin
Zephyr Project Manager zephyr-project-manager
wordpress vertical image slider plugin wp-vertical-image-slider

WordPress Themes with Reported Vulnerabilities Last Week

Software Name Software Slug
Arya Multipurpose arya-multipurpose
Mocho Blog mocho-blog
Viable Blog viable-blog

Source : https://www.wordfence.com/blog/2023/05/wordfence-intelligence-weekly-wordpress-vulnerability-report-apr-24-2023-to-apr-30-2023/

Facebook
Twitter
LinkedIn

Votre commentaire

Votre adresse de messagerie ne sera pas publiée.

Plus d'articles