Wordfence Intelligence Weekly WordPress Vulnerability Report (September 25, 2023 to October 1, 2023)

Last week, there were 90 vulnerabilities disclosed in 68 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 31 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API and webhook integration are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Individuals and Enterprises can use the vulnerability Database API to receive a complete dump of our database of over 11,800 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:

Simple Membership <= 4.3.4 – Account Takeover via Password Reset
Allow PHP in Posts and Pages <= 3.0.4 – Authenticated (Subscriber+) Remote Code Execution via Shortcode
WAF-RULE-635 – data redacted while we work with the developer on a patch.

Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status	Number of Vulnerabilities
Unpatched	38
Patched	52

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating	Number of Vulnerabilities
Low Severity	3
Medium Severity	76
High Severity	9
Critical Severity	2

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE	Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)	35
Cross-Site Request Forgery (CSRF)	30
Missing Authorization	6
Missing Authentication for Critical Function	3
Information Exposure	3
Improper Input Validation	3
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)	3
Authorization Bypass Through User-Controlled Key	2
Improper Control of Generation of Code (‘Code Injection’)	1
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)	1
Guessable CAPTCHA	1
Files or Directories Accessible to External Parties	1
Unrestricted Upload of File with Dangerous Type	1

Researchers That Contributed to WordPress Security Last Week

Researcher Name	Number of Vulnerabilities
Marco Wotschka (Wordfence Vulnerability Researcher)	13
Lana Codes (Wordfence Vulnerability Researcher)	11
Nguyen Xuan Chien	8
Rio Darmawan	7
Dmitrii Ignatyev	4
Skalucy	4
Pedro José Navas Pérez	3
NGÔ THIÊN AN	3
Abdi Pranata	3
yuyudhn	3
SeungYongLee	2
DoYeon Park	2
Ben Bidner	2
Vladislav Pokrovsky	2
Rafie Muhammad	2
qilin_99	2
Bartłomiej Marek	2
Tomasz Swiadek	2
Erwan LR	2
Alex Thomas (Wordfence Vulnerability Researcher)	1
Mika	1
Muhammad Daffa	1
Jonatas Souza Villa Flor	1
thiennv	1
Rafshanzani Suhada	1
Linwz	1
Pablo Sanchez	1
Akihiro Hashimoto	1
Dao Xuan Hieu	1
Karolis Narvilas	1
emad	1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name	Software Slug
Active Directory Integration / LDAP Integration	ldap-login-for-intranet-sites
ActivityPub	activitypub
Add Shortcodes Actions And Filters	add-actions-and-filters
Advanced Custom Fields: Extended	acf-extended
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net	woo-bulk-editor
Backend Localization	kau-boys-backend-localization
Best WordPress Gallery Plugin – FooGallery	foogallery
Block Plugin Update	block-specific-plugin-updates
Blocks	blocks
Booking Calendar	booking
BuddyMeet	buddymeet
Comments by Startbit	facebook-comment-by-vivacity
Contact Form	contact-form-ready
Contractor Contact Form Website to Workflow Tool	contractor-contact-form-website-to-workflow-tool
Cooked – Recipe Plugin	cooked
CopyRightPro	copyrightpro
Events Rich Snippets for Google	rich-snippets-vevents
Font Awesome Integration	font-awesome-integration
Font Awesome More Icons	font-awesome-more-icons
Instant CSS	instant-css
Keap Landing Pages	infusionsoft-landing-pages
Kv TinyMCE Editor Add Fonts	kv-tinymce-editor-fonts
Magic Action Box	magic-action-box
Mang Board WP	mangboard
Mediavine Control Panel	mediavine-control-panel
Modal Window – create popup modal window	modal-window
Modern Events Calendar Lite	modern-events-calendar-lite
Onclick show popup	onclick-show-popup
OpenHook	thesis-openhook
Options for Twenty Seventeen	options-for-twenty-seventeen
Popup contact form	popup-contact-form
Pretty Google Calendar	pretty-google-calendar
Remove slug from custom post type	remove-slug-from-custom-post-type
Schema App Structured Data	schema-app-structured-data-for-schemaorg
School Management System – WPSchoolPress	wpschoolpress
Shockingly Simple Favicon	shockingly-simple-favicon
Simple File List	simple-file-list
Simple Membership	simple-membership
Simple Posts Ticker – Easy, Lightweight & Flexible	simple-posts-ticker
Slideshow, Image Slider by 2J	2j-slideshow
Staff / Employee Business Directory for Active Directory	ldap-ad-staff-employee-directory-search
TM WooCommerce Compare & Wishlist	tm-woocommerce-compare-wishlist
Table of Contents Plus	table-of-contents-plus
The Awesome Feed – Custom Feed	wp-facebook-feed
Tiger Forms – Drag and Drop Form Builder	tiger-form
Timthumb Vulnerability Scanner	timthumb-vulnerability-scanner
Tiny Carousel Horizontal Slider	tiny-carousel-horizontal-slider
Track The Click	track-the-click
Unyson	unyson
User Activity Log Pro	user-activity-log-pro
User Avatar – Reloaded	user-avatar-reloaded
Vrm 360 3D Model Viewer	vrm360
WP Adminify – WordPress Dashboard Customization \| Custom Login \| Admin Columns \| Dashboard Widget \| Media Library Folders	adminify
WP Captcha	wp-captcha
WP Custom Admin Interface	wp-custom-admin-interface
WP GPX Maps	wp-gpx-maps
WP Hide Pages	wp-hide-pages
WP Job Openings – Job Listing, Career Page and Recruitment Plugin	wp-job-openings
WP Jump Menu	wp-jump-menu
WP Site Protector	wp-site-protector
WWM Social Share On Image Hover	wwm-social-share-on-image-hover
Welcart e-Commerce	usc-e-shop
Woocommerce ESTO	woo-esto
WordPress Gallery Plugin – NextGEN Gallery	nextgen-gallery
WordPress Online Booking and Scheduling Plugin – Bookly	bookly-responsive-appointment-booking-tool
bbp style pack	bbp-style-pack
flowpaper	flowpaper-lite-pdf-flipbook
iframe	iframe

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.

OpenHook <= 4.3.0 – Authenticated (Subscriber+) Remote Code Execution via Shortcode

Affected Software: OpenHook
CVE ID: CVE-2023-5201
CVSS Score: 9.9 (Critical)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/37b9ed0e-5af2-47c1-b2da-8d103e4c31bf

Simple File List <= 6.1.8 – Unauthenticated Arbitrary File Deletion

Affected Software: Simple File List
CVE ID: CVE-2023-44227
CVSS Score: 9.1 (Critical)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/7eada9b7-8d53-4e95-858e-aa706f74b2a1

Events Rich Snippets for Google <= 1.8 – Cross-Site Request Forgery to Arbitrary Options Update

Affected Software: Events Rich Snippets for Google
CVE ID: CVE-2023-44478
CVSS Score: 8.8 (High)
Researcher/s: Mika
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5beb0f93-baa7-4400-ab40-d63f3430169e

Welcart e-Commerce <= 2.8.21 – Authenticated(Editor+) Arbitrary File Upload

Affected Software: Welcart e-Commerce
CVE ID: CVE-2023-40219
CVSS Score: 8.8 (High)
Researcher/s: Akihiro Hashimoto
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c5eb9b1f-39d5-4c5d-8fb3-71d4bbe5f43a

Track The Click <= 0.3.11 – Authenticated (Author+) SQL Injection via ‘stats’ REST Endpoint

Affected Software: Track The Click
CVE ID: CVE-2023-5041
CVSS Score: 8.8 (High)
Researcher/s: Karolis Narvilas
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/dcddb0f3-41d5-4635-88ac-556ee3eec49a

Simple Membership <= 4.3.4 – Account Takeover via Password Reset

Affected Software: Simple Membership
CVE ID: CVE-2023-41956
CVSS Score: 8.8 (High)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/e53bb240-8784-4d34-8d3f-4a7af917f3f4

Active Directory Integration / LDAP Integration <= 4.1.9 – Sensitive Information Exposure

Affected Software: Active Directory Integration / LDAP Integration
CVE ID: CVE-2023-4506
CVSS Score: 7.5 (High)
Researcher/s: Pedro José Navas Pérez
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/1c667631-7934-467e-baa2-7c3b0160c3a5

Simple Membership <= 4.3.4 – Privilege escalation via Registration

Affected Software: Simple Membership
CVE ID: CVE-2023-41957
CVSS Score: 7.3 (High)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/7cff7dc5-23e1-424c-923b-68eef49dec6f

FooGallery <= 2.2.44 – Reflected Cross-Site Scripting

Affected Software: Best WordPress Gallery Plugin – FooGallery
CVE ID: CVE-2023-44244
CVSS Score: 7.2 (High)
Researcher/s: Vladislav Pokrovsky
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5fd495e8-d7e8-4949-b7aa-43ef40063ca1

User Activity Log Pro <= 2.3.3 – Unauthenticated Stored Cross-Site Scripting via User-Agent header

Affected Software: User Activity Log Pro
CVE ID: CVE-2023-5167
CVSS Score: 7.2 (High)
Researcher/s: Bartłomiej Marek, Tomasz Swiadek
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/bcf205a3-be7b-49e7-ba02-3f69632ed65f

WPSchoolPress <= 2.2.4 – Authenticated(Teacher+) SQL Injection via ClassID

Affected Software: School Management System – WPSchoolPress
CVE ID: CVE-2023-4776
CVSS Score: 7.2 (High)
Researcher/s: Dao Xuan Hieu
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d070e12e-ec53-4574-ac37-dc8805d9a553

Bookly <= 22.3.1 – Authenticated(Administrator+) SQL Injection

Affected Software: WordPress Online Booking and Scheduling Plugin – Bookly
CVE ID: CVE-2023-4691
CVSS Score: 6.6 (Medium)
Researcher/s: Pablo Sanchez
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ade6f9f2-2a35-4bb0-ab13-33b84394d965

NextGEN Gallery <= 3.37 – Authenticated (Admininistrator+) Arbitrary File Read and Deletion in gallery_edit

Affected Software: WordPress Gallery Plugin – NextGEN Gallery
CVE ID: CVE-2023-3155
CVSS Score: 6.5 (Medium)
Researcher/s: Linwz
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a15e917f-f46a-4006-a4cb-3d55331ccb5b

ActivityPub <= 0.17.0 – Authenticated (Subscriber+) Insecure Direct Object Reference to Sensitive Post Content Exposure

Affected Software: ActivityPub
CVE ID: CVE-2023-3707
CVSS Score: 6.5 (Medium)
Researcher/s: Erwan LR
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a1c6ad5a-bc76-4012-acc6-35f742e0869e

Booking Calendar <= 9.7.3.3 – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode

Affected Software: Booking Calendar
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/08814d06-0039-49cc-bcbb-96cb01129e3c

Font Awesome More Icons <= 3.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Font Awesome More Icons
CVE ID: CVE-2023-5232
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/15947764-a070-4715-bd44-cb79b62ed59d

bbp style pack <= 5.6.7 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: bbp style pack
CVE ID: CVE-2023-44984
CVSS Score: 6.4 (Medium)
Researcher/s: NGÔ THIÊN AN
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/169cb1b8-8a37-4a8b-b824-c31ef132b88a

flowpaper <= 2.0.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: flowpaper
CVE ID: CVE-2023-5200
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/31d6288d-87f0-4822-b3f4-541f70cf99fd

iframe <= 4.6 – Authenticated (Contributor+) Stored Cross-Site Scripting via ‘iframe’ Shortcode

Affected Software: iframe
CVE ID: CVE-2023-4919
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes, Alex Thomas
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3706deed-55f2-4dfb-bfed-7a14872cd15a

ActivityPub <= 0.17.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Post Content

Affected Software: ActivityPub
CVE ID: CVE-2023-3746
CVSS Score: 6.4 (Medium)
Researcher/s: Ben Bidner
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/406951d8-4c61-45b3-a8a2-788921662b6c

Modal Window <= 5.3.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Modal Window – create popup modal window
CVE ID: CVE-2023-5161
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/48e2129f-6a2c-45e4-a0cf-7d8d5f563a7f

Slideshow, Image Slider by 2J <= 1.3.54 – Authenticated (Contributor+) Stored Cross-Site Scripting

Affected Software: Slideshow, Image Slider by 2J
CVE ID: CVE-2023-44242
CVSS Score: 6.4 (Medium)
Researcher/s: NGÔ THIÊN AN
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5bbccacf-0c34-4656-834b-b3b4c0a84abe

Comments by Startbit <= 1.4 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Comments by Startbit
CVE ID: CVE-2023-5295
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/602b3b9c-76a7-4b0b-8aad-e554c2fd6910

The Awesome Feed – Custom Feed <= 2.2.5 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: The Awesome Feed – Custom Feed
CVE ID: CVE-2023-44264
CVSS Score: 6.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6892fefa-3866-4dbf-8604-dd4bc1e7d481

BuddyMeet <= 2.2.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: BuddyMeet
CVE ID: CVE-2023-44985
CVSS Score: 6.4 (Medium)
Researcher/s: NGÔ THIÊN AN
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/75dafb36-7596-492f-a377-32315b1abe33

Cooked <= 1.7.13 – Authenticated (Contributor+) Stored Cross-Site Scripting

Affected Software: Cooked – Recipe Plugin
CVE ID: CVE-2023-44477
CVSS Score: 6.4 (Medium)
Researcher/s: thiennv
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/76ba273d-0919-45b3-8044-b8f0ff3972ab

ActivityPub <= 0.17.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via User Metadata

Affected Software: ActivityPub
CVE ID: CVE-2023-5057
CVSS Score: 6.4 (Medium)
Researcher/s: Ben Bidner
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/76e35dc6-a4d2-4dca-a186-395f0dd954aa

TM WooCommerce Compare & Wishlist <= 1.1.7 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: TM WooCommerce Compare & Wishlist
CVE ID: CVE-2023-5230
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/771ecb8c-feb1-40ea-b47b-a2ae033b3c87

Pretty Google Calendar <= 1.5.1 – Authenticated(Contributor+) Stored Cross-Site Scripting via pretty_google_calendar shortcode

Affected Software: Pretty Google Calendar
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/8ed90a91-e007-42a5-bbef-f186bd3875ea

Font Awesome Integration <= 5.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Font Awesome Integration
CVE ID: CVE-2023-5233
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a2791f48-895f-4099-87ec-41aaac2494a2

User Avatar – Reloaded <= 1.2.1 – Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: User Avatar – Reloaded
CVE ID: CVE-2023-4798
CVSS Score: 6.4 (Medium)
Researcher/s: Dmitrii Ignatyev
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c3ecf638-dfc4-4e9d-bca8-cd008227e934

Magic Action Box <= 2.17.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Magic Action Box
CVE ID: CVE-2023-5231
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ce9b908b-1388-41fb-915c-e4e29eaf57ed

Advanced Custom Fields: Extended <= 0.8.9.3 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Advanced Custom Fields: Extended
CVE ID: CVE-2023-5292
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/dcbe0c72-d518-45d3-a220-896a51071b26

Options for Twenty Seventeen <= 2.5.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Options for Twenty Seventeen
CVE ID: CVE-2023-5162
CVSS Score: 6.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/df35d8c6-55ec-4cf5-8055-93ec5193c0a4

Simple Posts Ticker <= 1.1.5 – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode

Affected Software: Simple Posts Ticker – Easy, Lightweight & Flexible
CVE ID: CVE-2023-4646
CVSS Score: 6.4 (Medium)
Researcher/s: Dmitrii Ignatyev
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ec1ffc70-fc0c-4c25-926c-e78e0f206d2b

Tiger Forms <= 2.0.0 – Reflected Cross-Site Scripting

Affected Software: Tiger Forms – Drag and Drop Form Builder
CVE ID: CVE-2023-44474
CVSS Score: 6.1 (Medium)
Researcher/s: SeungYongLee
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/286e52b4-2694-4f3b-9d1d-fd1ebf1d1e50

Contractor Contact Form Website to Workflow Tool <= 4.0.0 – Reflected Cross-Site Scripting

Affected Software: Contractor Contact Form Website to Workflow Tool
CVE ID: CVE-2023-44245
CVSS Score: 6.1 (Medium)
Researcher/s: SeungYongLee
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/da4684b8-20f6-4dc1-8f29-d79f64ccb9d8

Block Plugin Update <= 3.3 – Cross-Site Request Forgery via bspu_plugin_select.php

Affected Software: Block Plugin Update
CVE ID: CVE-2023-44261
CVSS Score: 5.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3a998de7-fa46-495c-a4ca-15df4e59457f

Schema App Structured Data <= 1.22.3 – Missing Authorization via page_init

Affected Software: Schema App Structured Data
CVE ID: CVE-2023-44258
CVSS Score: 5.3 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3de82328-e44f-4488-a2ae-1dd2c3b8a502

CopyRightPro <= 2.1 – Cross-Site Request Forgery

Affected Software: CopyRightPro
CVE ID: CVE-2023-44476
CVSS Score: 5.3 (Medium)
Researcher/s: Skalucy
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/83b48cfc-04e7-4929-8da2-cf6beee6d88e

User Activity Log Pro <= 2.3.3 – Tracking Bypass via IP Spoofing

Affected Software: User Activity Log Pro
CVE ID: CVE-2023-5133
CVSS Score: 5.3 (Medium)
Researcher/s: Bartłomiej Marek, Tomasz Swiadek
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9666913e-55a3-441c-85ef-8a12756e37ba

WP Captcha <= 2.0.0 – CAPTCHA Bypass

Affected Software: WP Captcha
CVE ID: CVE-2023-44235
CVSS Score: 5.3 (Medium)
Researcher/s: qilin_99
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9bc2a04c-7b7c-483f-b81b-97a7caac179c

WP Jump Menu <= 3.6.4 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: WP Jump Menu
CVE ID: CVE-2023-44479
CVSS Score: 4.4 (Medium)
Researcher/s: DoYeon Park
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2d34c665-e99c-408e-b7ab-d08a1a51c6c4

Popup contact form <= 7.1 – Authenticated (Admin+) Stored Cross-Site Scripting

Affected Software: Popup contact form
CVE ID: CVE-2023-44265
CVSS Score: 4.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/47eb6ca7-049c-41b8-9210-391d4d1b8b2f

Blocks <= 1.6.41 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Blocks
CVE ID: CVE-2023-44262
CVSS Score: 4.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/66925385-d89e-45c0-a87b-4ad4f7b89d60

Simple Posts Ticker <= 1.1.5 – Authenticated(Administrator+) Stored Cross-Site Scripting

Affected Software: Simple Posts Ticker – Easy, Lightweight & Flexible
CVE ID: CVE-2023-4725
CVSS Score: 4.4 (Medium)
Researcher/s: Dmitrii Ignatyev
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9ac2c929-2188-4818-880d-8793984e8df1

WP Adminify <= 3.1.6 – Authenticated (Admin+) Stored Cross-Site Scripting

Affected Software: WP Adminify – WordPress Dashboard Customization | Custom Login | Admin Columns | Dashboard Widget | Media Library Folders
CVE ID: CVE-2023-44266
CVSS Score: 4.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a600f164-7255-4590-8239-2d3e0b445e79

Popup contact form <= 7.1 – Authenticated (Admin+) Stored Cross-Site Scripting

Affected Software: Popup contact form
CVE ID: CVE-2023-44230
CVSS Score: 4.4 (Medium)
Researcher/s: yuyudhn
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ad896d7d-2c75-466c-9a79-b6a9cfb0bc15

WWM Social Share On Image Hover <= 2.2 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: WWM Social Share On Image Hover
CVE ID: CVE-2023-44239
CVSS Score: 4.4 (Medium)
Researcher/s: DoYeon Park
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c9ab868b-51ab-4dad-b662-8302cda9c0e7

Tiny Carousel Horizontal Slider <= 8.1 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Tiny Carousel Horizontal Slider
CVE ID: CVE-2023-44229
CVSS Score: 4.4 (Medium)
Researcher/s: yuyudhn
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d2a3ad97-b4ea-4ad9-ac83-071e56cb8df7

Onclick Show Popup <= 8.1 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Onclick show popup
CVE ID: CVE-2023-44228
CVSS Score: 4.4 (Medium)
Researcher/s: yuyudhn
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ee013d3f-18bc-418e-ab5b-87724710f340

Modern Events Calendar lite < 7.1.0 – Authenticated (Admin+) Stored Cross-Site Scripting

Affected Software: Modern Events Calendar Lite
CVE ID: CVE-2023-4021
CVSS Score: 4.4 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f213fb42-5bab-4017-80ea-ce6543031af2

Keap Landing Pages <= 1.4.2 – Cross-Site Request Forgery

Affected Software: Keap Landing Pages
CVE ID: CVE-2023-44241
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/113f0cb7-a5eb-42d5-ad42-871c0381b617

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4942
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/26d8b75b-befa-4c6a-b072-0da44e437174

BEAR <= 1.1.3.3 – Missing Authorization to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4943
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2d10475f-83dd-4e59-83e4-aeaa72a22b96

Instant CSS <= 1.2.1 – Cross-Site Request Forgery

Affected Software: Instant CSS
CVE ID: CVE-2023-44243
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/30ce93b4-9e2a-4a8c-8590-ffd61d618d31

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4940
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/31c5e524-ef4d-48c7-baa0-595f8060a167

Unyson <= 2.7.28 – Missing Authorization

Affected Software: Unyson
CVE ID: CVE-2023-44472
CVSS Score: 4.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/35421b32-701a-4fc9-bcec-80684d874bab

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4937
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/40bf51bf-efb2-4504-815b-4681d1078f77

WP Custom Admin Interface <= 7.32 – Missing Authorization to Transients Deletion

Affected Software: WP Custom Admin Interface
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/418b9138-9ae0-41f1-a75b-69cbcaffbb88

WP Hide Pages <= 1.0 – Cross-Site Request Forgery

Affected Software: WP Hide Pages
CVE ID: CVE-2023-44232
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/46e7ca97-6dd9-4e27-8e69-2e73f9490ea7

Add Shortcodes Actions And Filters <= 2.0.9 – Cross-Site Request Forgery

Affected Software: Add Shortcodes Actions And Filters
CVE ID: CVE-2023-44475
CVSS Score: 4.3 (Medium)
Researcher/s: Skalucy
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/4942de17-d141-4a6c-885e-75f540fe21b6

Woocommerce ESTO <= 2.23.1 – Cross-Site Request Forgery via saveSetting

Affected Software: Woocommerce ESTO
CVE ID: CVE-2023-44260
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/49f7e35d-e453-4e60-8f73-12891def267a

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Stored Cross-Site Scripting

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4920
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/58d25eeb-b12c-4850-8308-eaa30982b5a8

Contact Form <= 2.0.10 – Cross-Site Request Forgery

Affected Software: Contact Form
CVE ID: CVE-2023-44231
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5bdba43c-0156-4a6b-b7b9-3f74b506e8f8

Table of Contents Plus <= 2302 – Cross-Site Request Forgery

Affected Software: Table of Contents Plus
CVE ID: CVE-2023-44473
CVSS Score: 4.3 (Medium)
Researcher/s: Muhammad Daffa
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/624a3174-03fa-4a8e-9c02-5e24add92392

WP GPX Map <= 1.7.05 – Missing Authorization

Affected Software: WP GPX Maps
CVE ID: CVE-2023-44234
CVSS Score: 4.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/625c1df5-6655-4319-8833-5519b464e53e

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Profile Creation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4935
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/639f3941-7783-4500-aca4-5e8155db6460

Vrm 360 3D Model Viewer <= 1.2.1 – Authenticated(Subscriber+) Sensitive Information Exposure

Affected Software: Vrm 360 3D Model Viewer
CVE ID: CVE-2023-5177
CVSS Score: 4.3 (Medium)
Researcher/s: Jonatas Souza Villa Flor
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6c71183f-45e7-44de-a957-614ce417db90

Remove slug from custom post type <= 1.0.3 – Cross-Site Request Forgery

Affected Software: Remove slug from custom post type
CVE ID: CVE-2023-44238
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/77cb14b1-d9e5-4296-ad8c-6642327ef310

WP Captcha <= 2.0.0 – Cross-Site Request Forgery

Affected Software: WP Captcha
CVE ID: CVE-2023-44236
CVSS Score: 4.3 (Medium)
Researcher/s: qilin_99
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/810adc9a-d4e1-46a8-89e4-22615cbbb9c6

WP Custom Admin Interface <= 7.32 – Cross-Site Request Forgery to Transients Deletion

Mediavine Control Panel <= 2.10.2 – Cross-Site Request Forgery via render_settings_page

Affected Software: Mediavine Control Panel
CVE ID: CVE-2023-44259
CVSS Score: 4.3 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ac20b454-a5e5-4ff6-a5bf-9c3c339321d8

Backend Localization <= 2.1.10 – Cross-Site Request Forgery

Affected Software: Backend Localization
CVE ID: CVE-2023-44471
CVSS Score: 4.3 (Medium)
Researcher/s: Skalucy
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ad0bd82d-db0e-440e-9cea-d3843525b0f0

BEAR <= 1.1.3.3 – Missing Authorization to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4941
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/bc20f303-cac3-4517-9c45-153c410a13af

BEAR <= 1.1.3.3 – Cross-Site Request Forgery to Profile Deletion

BEAR <= 1.1.3.3 – Missing Authorization to Product Manipulation

Affected Software: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net
CVE ID: CVE-2023-4938
CVSS Score: 4.3 (Medium)
Researcher/s: Marco Wotschka
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8

Kv TinyMCE Editor Add Fonts <= 1.1 – Cross-Site Request Forgery

Affected Software: Kv TinyMCE Editor Add Fonts
CVE ID: CVE-2023-44470
CVSS Score: 4.3 (Medium)
Researcher/s: Skalucy
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/cde526f2-7eff-49cf-8a9f-e0c0cdd12522

ActivityPub <= 0.17.0 – Authenticated (Subscriber+) Insecure Direct Object Reference to Sensitive Post Title Exposure

Affected Software: ActivityPub
CVE ID: CVE-2023-3706
CVSS Score: 4.3 (Medium)
Researcher/s: Erwan LR
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d1b92249-bc18-4939-aefa-286667f6c003

FooGallery <= 2.2.44 – Cross-Site Request Forgery

Affected Software: Best WordPress Gallery Plugin – FooGallery
CVE ID: CVE-2023-44233
CVSS Score: 4.3 (Medium)
Researcher/s: Vladislav Pokrovsky
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d58ca75a-f425-477d-8e48-a5d600543578

Mang Board WP <= 1.7.6 – Cross-Site Request Forgery

Affected Software: Mang Board WP
CVE ID: CVE-2023-44257
CVSS Score: 4.3 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/e4a32fdc-1c72-45fc-bb57-44f6888e0885

Timthumb Vulnerability Scanner <= 1.54 – Cross-Site Request Forgery

Affected Software: Timthumb Vulnerability Scanner
CVE ID: CVE-2023-44240
CVSS Score: 4.3 (Medium)
Researcher/s: emad
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f0e8d029-af6b-43cb-aa90-f92777c5ac99

WP Site Protector <= 2.0 – Cross-Site Request Forgery

Affected Software: WP Site Protector
CVE ID: CVE-2023-44237
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f92f614b-162a-4ca5-bf7d-9d7088f59af9

Shockingly Simple Favicon <= 1.8.2 – Cross-Site Request Forgery

Affected Software: Shockingly Simple Favicon
CVE ID: CVE-2023-44246
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/fd7a1440-18f5-4bcb-a4cf-c4713375d0a1

WP Job Openings <= 3.4.2 – Information Exposure

Affected Software: WP Job Openings – Job Listing, Career Page and Recruitment Plugin
CVE ID: CVE-2023-4933
CVSS Score: 3.7 (Low)
Researcher/s: Dmitrii Ignatyev
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/334be95c-438a-4e03-9ee4-9a6d2c2fa5f7

Active Directory Integration / LDAP Integration <= 4.1.10 – LDAP Passback

Affected Software: Active Directory Integration / LDAP Integration
CVE ID: CVE-2023-4506
CVSS Score: 2.2 (Low)
Researcher/s: Pedro José Navas Pérez
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/0585969d-dd08-4058-9d72-138a55a2cdf1

Staff / Employee Business Directory for Active Directory <= 1.2.3 – Authenticated (Admin+) LDAP Passback

Affected Software: Staff / Employee Business Directory for Active Directory
CVE ID: CVE-2023-4505
CVSS Score: 2.2 (Low)
Researcher/s: Pedro José Navas Pérez
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/1ea40b96-4693-4f98-8e6e-2ed8186cedd8

As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (September 25, 2023 to October 1, 2023) appeared first on Wordfence.