Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
Last week, there were 42 vulnerabilities disclosed in 37 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 10 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API and webhook integration are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Individuals and Enterprises can use the vulnerability Database API to receive a complete dump of our database of over 11,800 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status | Number of Vulnerabilities |
Unpatched | 5 |
Patched | 37 |
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating | Number of Vulnerabilities |
Low Severity | 0 |
Medium Severity | 37 |
High Severity | 5 |
Critical Severity | 0 |
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE | Number of Vulnerabilities |
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | 21 |
Cross-Site Request Forgery (CSRF) | 8 |
Missing Authorization | 6 |
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) | 2 |
Improper Neutralization of Formula Elements in a CSV File | 1 |
Information Exposure | 1 |
Deserialization of Untrusted Data | 1 |
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) | 1 |
Authorization Bypass Through User-Controlled Key | 1 |
Researchers That Contributed to WordPress Security Last Week
Researcher Name | Number of Vulnerabilities |
Lana Codes (Wordfence Vulnerability Researcher) |
11 |
Marco Wotschka (Wordfence Vulnerability Researcher) |
3 |
Ivan Kuzymchak (Wordfence Vulnerability Researcher) |
3 |
Do Xuan Trung | 1 |
Skalucy | 1 |
Zeyad Alshahrani | 1 |
Etharus | 1 |
JackYu | 1 |
Malek Althubiany | 1 |
Nguyen Xuan Chien | 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name | Software Slug |
Ad Inserter – Ad Manager & AdSense Ads | ad-inserter |
Anchor Episodes Index (Spotify for Podcasters) | anchor-episodes-index |
Astra Bulk Edit | astra-bulk-edit |
Brands for WooCommerce | brands-for-woocommerce |
Chat Button: WhatsApp, Facebook Messenger Chat, Telegram Chat, WeChat, Line Chat, Discord Chat for Customer Support Chat with floating Chat Widget | bit-assist |
Checkfront Online Booking System | checkfront-wp-booking |
Comment Blacklist Updater | comment-blacklist-updater |
Comments – wpDiscuz | wpdiscuz |
Connect Matomo (WP-Matomo, WP-Piwik) | wp-piwik |
Contact Form by FormGet – Best Form Builder Plugin for WordPress | formget-contact-form |
Copy Anything to Clipboard | copy-the-code |
DoFollow Case by Case | dofollow-case-by-case |
Drag and Drop Multiple File Upload for WooCommerce | drag-and-drop-multiple-file-upload-for-woocommerce |
Easy Registration Forms | easy-registration-forms |
Inactive Logout | inactive-logout |
Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | funnelforms-free |
Leaflet Map | leaflet-map |
Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator | legal-pages |
Media Library Assistant | media-library-assistant |
Memberlite Shortcodes | memberlite-shortcodes |
Migration, Backup, Staging – WPvivid | wpvivid-backuprestore |
Payment gateway per Product for WooCommerce | woocommerce-product-payments |
Pop ups, WordPress Exit Intent Popup, Email Pop Up, Lightbox Pop Up, Spin the Wheel, Contact Form Builder – Poptin | poptin |
Pre-Publish Checklist | pre-publish-checklist |
School Management System – WPSchoolPress | wpschoolpress |
Simple Cloudflare Turnstile – CAPTCHA Alternative | simple-cloudflare-turnstile |
Statify – Extended Evaluation | extended-evaluation-for-statify |
Super Store Finder | superstorefinder-wp |
Table of Contents Plus | table-of-contents-plus |
WP Discord Invite | wp-discord-invite |
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce | wp-event-manager |
WP Mailto Links – Protect Email Addresses | wp-mailto-links |
Weaver Xtreme Theme Support | weaverx-theme-support |
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode | coming-soon |
Widget Responsive for Youtube | youtube-widget-responsive |
WordPress Charts | wp-charts |
iPanorama 360 – WordPress Virtual Tour Builder | ipanorama-360-virtual-tour-builder-lite |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
wpDiscuz <= 7.6.5 – Unauthenticated SQL Injection
CVE ID: CVE Unknown
CVSS Score: 8.8 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9dd1e52c-83b7-4b3e-a791-a2c0ccd856bc
Migration, Backup, Staging – WPvivid <= 0.9.89 – Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal
CVE ID: CVE-2023-4274
CVSS Score: 8.7 (High)
Researcher/s: Ivan Kuzymchak
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5d94f38f-4b52-4b0d-800c-a6fca40bda3c
iPanorama 360 – WordPress Virtual Tour Builder <= 1.7.3 – Authenticated (Admin+) SQL injection
CVE ID: CVE Unknown
CVSS Score: 7.2 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/00687370-8374-44cc-8fd1-53b462acd061
Weaver Xtreme Theme Support <= 6.3.0 – Authenticated (Administrator+) PHP Object Injection via Imported File
CVE ID: CVE-2023-4971
CVSS Score: 7.2 (High)
Researcher/s: Do Xuan Trung
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/572689c6-d7d6-46c3-9e96-b9185337e8ce
Drag and Drop Multiple File Upload for WooCommerce <= 1.1.0 – Unauthenticated Stored Cross-Site Scripting
CVE ID: CVE-2023-4821
CVSS Score: 7.2 (High)
Researcher/s: Zeyad Alshahrani
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/abc8ee11-c149-4a2b-a388-7bd234c2cc64
Funnelforms Free <= 3.3.9 – Unauthenticated Stored Cross-Site Scripting
CVE ID: CVE-2023-4950
CVSS Score: 6.5 (Medium)
Researcher/s: Malek Althubiany
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ebcbf872-1420-4a57-a4b4-8a52ba74e0a1
WordPress Charts <= 0.7.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5062
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2de2d2c5-1373-45b6-93a0-575713226669
Leaflet Map <= 3.3.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5050
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3084c9ab-00aa-4b8e-aa46-bd70b335ec77
Widget Responsive for Youtube <= 1.6.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5063
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/72daa533-8b17-420c-9b51-b5f72da2726c
Poptin <= 1.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-4961
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/778af777-4c98-45cd-9704-1bdc96054aa7
Simple Cloudflare Turnstile <= 1.23.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5135
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/91f6c9d3-641d-42f7-bf11-e3c3a44eeb76
Memberlite Shortcodes <= 1.3.8 – Authenticated (Contributor+) Stored Cross-Site Scripting
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/935054c3-8541-4ff3-a035-7ee8afe53f72
Anchor Episodes Index (Spotify for Podcasters) <= 2.1.7 – Authenticated (Contributor+) Stored Cross-Site Scripting
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/96defcb7-6af1-4fb8-9fa0-231c6776bbc1
Media Library Assistant <= 3.10 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-4716
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c5f6ae5d-7854-44c7-9fb8-efaa6e850d59
Copy Anything to Clipboard <= 2.6.4 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5086
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/e834a211-ccc8-4a30-a15d-879ba34184e9
WP Mailto Links – Protect Email Addresses <= 3.1.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5109
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ec882062-0059-47ca-a007-3347e7adb70b
WP-Matomo Integration (WP-Piwik) <= 1.0.28 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-4774
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/faa4f041-4740-4ebb-afb3-10019ce571be
Contact Form by FormGet <= 5.5.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID: CVE-2023-5125
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/fdd73289-f292-4903-951e-6a89049d39a7
WPSchoolPress <= 2.2.4 – Cross-Site Request Forgery
CVE ID: CVE Unknown
CVSS Score: 6.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/1a2fb050-1a7c-45cc-86c7-02331d47f780
Payment gateway per Product for WooCommerce <= 3.2.7 – Reflected Cross-Site Scripting
CVE ID: CVE Unknown
CVSS Score: 6.1 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/597786ce-58eb-4e96-a80e-bad3e75787fa
WP Discord Invite <= 2.4.1 – Reflected Cross-Site Scripting via webhook
CVE ID: CVE Unknown
CVSS Score: 6.1 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a961d30e-f2cb-458d-8f1a-18f6e769efbc
Super Store Finder <= 6.9.2 – Unauthenticated Email Creation/Sending
CVE ID: CVE-2023-5054
CVSS Score: 5.8 (Medium)
Researcher/s: Etharus
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d31d0553-9378-4c7e-a258-12562aa6b388
Statify – Extended Evaluation <= 2.6.3 – Authenticated (Admin+) CSV Injection
CVE ID: CVE Unknown
CVSS Score: 5.5 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/35027df9-ae55-453f-bb42-4b2664d66293
Comment Blacklist Updater <= 1.1.0 – Cross-Site Request Forgery via update_blacklist_manual
CVE ID: CVE Unknown
CVSS Score: 5.4 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/fc7bab78-4ebb-4be9-8891-1ac0e3ed0af3
Ad Inserter <= 2.7.30 – Unauthenticated Sensitive Information Exposure via ai_ajax
CVE ID: CVE-2023-4645
CVSS Score: 5.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/57b3eef3-e165-45ac-89d7-2a2a6529b310
Pre-Publish Checklist <= 1.1.1 – Insecure Direct Object Reference to Arbitrary Post ‘_ppc_meta_key’ Update
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/8e00a06c-9623-48e0-b212-20a2f1e7e640
Inactive Logout <= 3.2.2 – Missing Authorization
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c583ef34-ddec-4d6c-9685-ef4bce5e785e
Ad Inserter <= 2.7.30 – Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe
CVE ID: CVE-2023-4668
CVSS Score: 5.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ce457c98-c55b-4b71-a80b-393eceb9effd
Table of Contents Plus <= 2302 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE Unknown
CVSS Score: 4.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/05206a31-033e-49b9-9b66-5a6165782643
Migration, Backup, Staging – WPvivid <= 0.9.89 – Authenticated Stored Cross-Site Scripting
CVE ID: CVE-2023-5120
CVSS Score: 4.4 (Medium)
Researcher/s: Ivan Kuzymchak
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/320f4260-20c2-4f27-91ba-d2488b417f62
Bit Assist <= 1.1.9 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE Unknown
CVSS Score: 4.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/77a923d5-b73e-45cf-9617-09b4d5c8bb5a
Migration, Backup, Staging – WPvivid <= 0.9.89 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE-2023-5121
CVSS Score: 4.4 (Medium)
Researcher/s: Ivan Kuzymchak
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/cdcac5f9-a744-4853-8a80-ed38fec81dbb
WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.37.1 – Authenticated (Admin+) Stored Cross-Site Scripting
CVE ID: CVE-2023-4423
CVSS Score: 4.4 (Medium)
Researcher/s: JackYu
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/dd9d22b0-a84a-4bf2-b8b4-89bae2970f29
Astra Bulk Edit <= 1.2.7 – Missing Authorization
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2548d5b0-1f1a-4847-a5ea-e3bb6f7a5013
Website Builder by SeedProd <= 6.15.13.1 – Cross-Site Request Forgery to Settings Update
CVE ID: CVE-2023-4975
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2cb5370f-14aa-445d-bda3-62a0dd068fc5
Easy Registration Forms <= 2.1.1 – Authenticated (Subscriber+) Information Disclosure via Shortcode
CVE ID: CVE-2023-5134
CVSS Score: 4.3 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/562fe11f-36a0-4f23-9eed-50ada7ab2961
DoFollow Case by Case <= 3.4.1 Cross-Site Request Forgery via getEmail and getUrl
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Skalucy
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/60c63be2-dd17-4224-ba96-ba30ed0b25ce
Brands for WooCommerce <= 3.8.2.2 – Cross-Site Request Forgery
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/996dc1d7-12f8-467d-bf48-a7a82f1c0a41
Legal Pages <= 1.3.7 – Missing Authorization on ‘deleteLegalTemplate’
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/b3f87bd6-b432-4bf8-9046-8d66b45f6a85
Inactive Logout <= 3.2.2 – Cross-Site Request Forgery
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d9189eb3-be7f-42e1-92cc-b48af5615eb9
Brands for WooCommerce <= 3.8.2.2 – Missing Authorization to Unauthenticated Order Manipulation and Information Retrieval
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f7afbe2b-72a8-40da-bc94-ff2a1b9569b4
Checkfront Online Booking System <= 3.6 – Cross-Site Request Forgery
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/fc5a8506-b191-4ab3-9c59-4f1150be6a38
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments