Wordfence Intelligence CE Weekly Vulnerability Report (Feb 13, 2023 to Feb 19, 2023)

Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Our mission with Wordfence Intelligence Community Edition is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence Community Edition user interface and vulnerability API are completely free to access and utilize both personally and commercially.

Last week, there were 104 vulnerabilities disclosed in WordPress based software that have been added to the Wordfence Intelligence Community Edition Vulnerability Database. You can find those vulnerabilities below.

GamiPress <= 2.5.7 – Unauthenticated SQL Injection

WatchTowerHQ <= 3.6.16 – Type Juggling to Authentication Bypass in check_ota

WooCommerce Checkout Field Manager <= 17.3 – Unauthenticated Arbitrary File Upload

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.5.14 – Cross-Site Request Forgery

Get URL Cron <= 1.4.7 – Missing Authorization via geturlcron_action_handle

Quick Paypal Payments <= 5.7.25 – Missing Authorization

RSVPMaker <= 9.9.3 – Authenticated (Admin+) SQL Injection via ‘delete’ parameter

RSVPMaker <= 9.9.3 – Authenticated (Admin+) SQL Injection via $email value

Quiz And Survey Master <= 8.0.8 – Unauthenticated Arbitrary Media Deletion

Multi Rating <= 5.0.5 – Unauthenticated Stored Cross-Site Scripting

WP Coder – add custom html, css and js code <= 2.5.3 – Authenticated (Admin+) SQL Injection

Media Library Assistant <= 3.05 – Authenticated (Administrator+) SQL Injection

Archivist – Custom Archive Templates <= 1.7.4 – Cross-Site Request Forgery

Ocean Extra <= 2.1.2 – Authenticated (Subscriber+) Arbitrary Post Access

Protected Posts Logout Button <= 1.4.5 – Missing Authorization on pplb_options_save

Profile Builder – User Profile & User Registration Forms <= 3.9.0 – Sensitive Information Disclosure via Shortcode

Google Maps v3 Shortcode <= 1.2.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

WordPress Fancy Comments <= 1.2.10 – Authenticated (Contributor+) Stored Cross Site Scripting via Shortcode

Portfolio Slideshow <= 1.13.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Resume Builder <= 3.1.1 – Authenticated (Subscriber+) Stored Cross-Site Scripting

Ocean Extra <= 2.1.2 – Authenticated (Contributor+) Stored Cross-Site Scripting

Olevmedia Shortcodes <= 1.1.9 – Authenticated (Contributor+) Stored Cross-Site Scripting

vSlider Multi Image Slider <= 4.1.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Portfolio – WordPress Portfolio Plugin <= 2.8.10 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Campaign URL Builder <= 1.8.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Quick Paypal Payments <= 5.7.25 – Authenticated (Contributor+) Cross Site Scripting

Ultimate WP Query Search Filter <= 1.0.10 – Authenticated (Contributor+) Stored Cross Site Scripting

vSlider Multi Image Slider <= 4.1.2 – Cross-Site Request Forgery

Shoppable Images Lite <= 1.2.3 – Missing Authorization

ALD Dropping and Fulfillment for AliExpress and WooCommerce <= 1.0.21 – Missing Authorization to Order Information Disclosure

vSlider Multi Image Slider <= 4.1.2 – Missing Authorization

Twitch Player <= 2.1.0 – Authenticated (Admin+) Stored Cross-Site Scripting

WPGlobus Translate Options <= 2.1.0 – Reflected Cross-Site Scripting via page

Interactive SVG Image Map Builder <= 1.0 – Authenticated(Admin+) Stored Cross-Site Scripting

Zeno Font Resizer <= 1.7.9 – Authenticated (Administrator+) Stored Cross-Site Scripting

Quick Event Manager <= 9.6.4 – Authenticated(Admin+) Stored Cross-Site Scripting

Archivist – Custom Archive Templates <= 1.7.4 – Authenticated(Admin+) Stored Cross-Site Scripting

Click to Call or Chat Buttons <= 1.4.0 – Authenticated(Admin+) Stored Cross-Site Scripting

WP Prayer <= 1.9.6 – Authenticated(Admin+) Stored Cross-Site Scripting

Robots.txt optimization <= 1.4.5 – Cross Site Request Forgery

Cart All In One For WooCommerce <= 1.1.10 – Cross-Site Request Forgery to Cart Changes

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Cross-Site Request Forgery via handleSubmitAction function

Shoppable Images <= 1.2.3 – Cross Site Request Forgery

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in saveconfig function

ALD Dropping and Fulfillment for AliExpress and WooCommerce <= 1.0.21 – Cross-Site Request Forgery to Order Information Disclosure

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in savetmplfile function

Simple PDF Viewer <= 1.9 – Authenticated (Contributor+) Stored Cross-Site Scripting via googlepdf Shortcode

Podlove Subscribe button <= 1.3.7 – Cross-Site Request Forgery via process_form function

Protected Posts Logout Button <= 1.4.4 – Cross-Site Request Forgery to Settings Update

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in savetranslation function

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in savetranslationstay function

Conditional Payments for WooCommerce <= 2.3.1 – Cross-Site Request Forgery

Podlove Subscribe button <= 1.3.7 – Cross-Site Request Forgery via save function

Meta Slider and Carousel with Lightbox <= 1.6.2 – Cross-Site Request Forgery

RegistrationMagic <= 5.1.9.2 – Cross-Site Request Forgery leading to Form Metadata Deletion

WordPress Social Login and Register <= 7.6.0 – Missing Authorization to Unauthenticated Arbitrary Content Deletion

WP Post Rating <= 2.4.6 – Missing Authorization to Vote Manipulation

Woodmart <= 7.0.4 – Unauthenticated Arbitrary Content Injection

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in save_admin_widgets function

All-In-One Security (AIOS) <= 5.1.4 – Authenticated(Admin+) Directory Traversal

Campaign URL Builder <= 1.8.1 – Authenticated (Admin+) Stored Cross-Site Scripting via Create Link

WP BaiDu Submit <= 1.2.1 – Authenticated (Admin+) Stored Cross-Site Scripting

Announce from the Dashboard <= 1.5.1 – Authenticated (Administrator+) Stored Cross-Site Scripting

Sticky Ad Bar <= 1.3.1 – Authenticated (Admin+) Stored Cross-Site Scripting

Easy Panorama <= 1.1.4 – Authenticated (Administrator+) Stored Cross-Site Scripting

Eyes Only: User Access Shortcode <= 1.8.2 – Authenticated (Administrator+) Stored Cross-Site Scripting

Podlove Subscribe button <= 1.3.7 – Authenticated (Administrator+) Stored Cross-Site Scripting

Quick Contact Form <= 8.0.3.1 – Authenticated (Admin+) Stored Cross Site Scripting

Feed Changer <= 0.2 – Authenticated (Admin+) Stored Cross-Site Scripting

Inline Tweet Sharer <= 2.5.3 – Authenticated (Admin+) Stored Cross-Site Scripting

Peadig’s Like & Share Button <= 1.1.5 – Authenticated (Administrator+) Stored Cross-Site Scripting

JSON Content Importer <= 1.3.15 – Authenticated (Admin+) Cross Site Scripting

Tapfiliate <= 3.0.12 – Authenticated (Administrator+) Stored Cross-Site Scripting

Google Analytics Opt-Out <= 2.3.4 – Authenticated (Admin+) Stored Cross-Site Scripting

WP资源下载管理 <= 1.3.9 – Authenticatministrator+) Stored Cross-Site Scripting

WP Open Social <= 5.0 – Authenticated (Administrator+) Stored Cross-Site Scripting

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.5.14 – Authenticated (Contributor+) Stored Cross-Site Scripting

Service Area Postcode Checker <= 2.0.8 – Authenticated (Administrator+) Stored Cross-Site Scripting

Nooz <= 1.6.0 – Authenticated (Admin+) Stored Cross-Site Scripting

Simple Yearly Archive <= 2.1.8 – Authenticated (Administrator+) Stored Cross-Site Scripting

Upload File Type Settings Plugin <= 1.1 – Authenticated (Administrator+) Stored Cross-Site Scripting

Wp-Insert <= 2.5.0 Authenticated (Admin+) Stored Cross Site Scripting

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in admin_widgets_welcome function

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Cross-Site Request Forgery via migrateCommonToProductOnly function

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Missing Authorization in ajaxCalculatePrice function

WP VR <= 8.2.7 – Cross-Site Request Forgery

Schema – All In One Schema Rich Snippets <= 1.6.5 – Cross-Site Request Forgery in rich_snippet_dashboard

GamiPress <= 2.5.6 – Missing Authorization to User Points Updates

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Cross-Site Request Forgery via migrateProductOnlyToCommon function

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Missing Authorization in migrateProductOnlyToCommon function

AutomatorWP <= 2.5.8 – Cross Site Request Forgery via bulk_delete

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in exec_multitask_widgets function

Locatoraid Store Locator <= 3.9.11 – Cross Site Request Forgery in grab

WordPress Email Marketing Plugin – WP Email Capture <= 3.9.3 – Cross Site Request Forgery

Get URL Cron <= 1.4.7 – Cross-Site Request Forgery via geturlcron_action_handle

OAuth Single Sign On – SSO (OAuth Client) <= 6.24.1- Cross-Site Request Forgery

NextGEN Gallery <= 3.28 – Cross-Site Request Forgery leading to Post Thumbnail Change

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in widgets_watch_data function

VikBooking Hotel Booking Engine & PMS <= 1.5.12 – Cross-Site Request Forgery in exec_admin_widget function

Tickera <= 3.5.1.0 – Cross-Site Request Forgery to Ticket Post Status Change

TeraWallet – For WooCommerce <= 1.3.24 – Cross-Site Request Forgery via admin_options

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Missing Authorization in migrateCommonToProductOnly function

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 – Missing Authorization in ajaxCalculateSeveralProducts function

GamiPress <= 2.5.6 – Cross-Site Request Forgery to User Earnings Deletion

If you’d like to receive this weekly vulnerability report by email, along with Wordfence Intelligence CE product updates, sign up to the Wordfence Intelligence Community Edition Newsletter by filling out this form below.

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence Community Edition leaderboard along with being mentioned in our weekly vulnerability report.

The post Wordfence Intelligence CE Weekly Vulnerability Report (Feb 13, 2023 to Feb 19, 2023) appeared first on Wordfence.