Threat Alerts / Feb 24, 2021

The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes.

 

WordPress Core Vulnerabilities

No new WordPress core vulnerabilities have been disclosed this month.

However, WordPress version 5.6.2 was released to fix a few bugs introduced in WordPress version 5.6.1.

WordPress Plugin Vulnerabilities

1. Post SMTP Mailer/Email Log

Vulnerability: CSRF Nonce Bypass Patched in Version: 2.0.21 Severity: Medium

2. Better Search

Vulnerability: CSRF Nonce Bypass in Import/Export Patched in Version: 2.5.3 Severity: Medium

3. Theme Editor

Vulnerability: Authenticated Arbitrary File Download Patched in Version: 2.6 Severity: Medium

4. Customer Service Software & Support Ticket System

Vulnerability: Reflected Cross-Site Scripting Patched in Version: 5.6.0 Severity: Medium

5. Zebra_Form Library

Vulnerability: Reflected Cross-Site Scripting Patched in Version: No known fix Severity: Medium

Affected Plugins:

Teaser Maker: No known fix – plugin closed

Ad Swapper: No known fix – plugin closed

Drug Search: No known fix – plugin closed

WP Inimat: No known fix – plugin closed

6. Ninja Forms

Vulnerability: Authenticated SendWP Plugin Installation and Client Secret Key Disclosure Patched in Version: 3.4.34 Severity: Critical

Vulnerability: Authenticated OAuth Connection Key Disclosure Patched in Version: 3.4.34 Severity: High 

Vulnerability: Administrator Open Redirect Patched in Version: 3.4.34 Severity: Medium 

Vulnerability: CSRF to OAuth Service Disconnection Patched in Version: 3.4.34 Severity: Medium

7. Custom Banners

Vulnerability: CSRF Nonce Bypass in saveCustomFields Patched in Version: 3.3 Severity: Medium

8. Process Steps Template Designer

Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: 1.3 Severity: Medium

9. eCommerce Product Catalog

Vulnerability: CSRF Nonce Bypass Patched in Version: 3.0.18 Severity: Medium

10. Backup Guard

Vulnerability: Authenticated Arbitrary File Upload Patched in Version: 1.6.0 Severity: Critical

11. Responsive Menu

Vulnerability: CSRF to Settings Update Patched in Version: 4.0.4 Severity: Medium

Vulnerability: CSRF to Arbitrary File Upload Patched in Version: 4.0.4 Severity: High

Vulnerability: Authenticated Arbitrary File Upload Patched in Version: 4.0.4 Severity: Critical

12. Orbit Fox by ThemeIsle

Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: 2.10.3 Severity: Medium

Vulnerability: Authenticated Privilege Escalation Patched in Version: 2.10.3 Severity: Critical

13. Testimonial Rotator

Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity: High 

14. WP Content Plus

Vulnerability: CSRF Nonce Bypass Patched in Version: 3.2 Severity: High

15. QuadMenu 

Vulnerability: Unauthenticated RCE via compiler_save Patched in Version: 2.0.7 Severity: Critical

16. YITH WooCommerce Gift Cards Premium

Vulnerability: RCE via Arbitrary File Upload Patched in Version: 3.3.1 Severity: Critical

17. Photo Gallery by 10web

Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.5.69 Severity: Medium

18. Web-Stat

Vulnerability: API Key Disclosure Patched in Version: 1.4.1 Severity: High

19. NextGEN Gallery Pro

Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.1.11 Severity: Medium

WordPress Themes Vulnerabilities

No new theme vulnerabilities have been disclosed this month.

 

If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay! 

The information for this blog post was taken from iThemes Vulnerability Roundup.

If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!