Threat Alerts / Jul 07, 2021

Each vulnerability will have a severity rating of Low, Medium, High, or Critical. Responsible disclosure and reporting of vulnerabilities is an integral part of keeping the WordPress community safe.

 

WordPress Core Vulnerabilities

No new WordPress core vulnerabilities have been disclosed this month.

WordPress Plugin Vulnerabilities

1. Paid Membership Pro

Plugin: Paid Membership Pro Vulnerability: Cross-Site Scripting Patched in Version: 2.5.10 Severity: Medium

The vulnerability is patched, so you should update to version 2.5.10+.

2. Event Calendar WD

Plugin: Event Calendar WD Vulnerability: Cross-Site Scripting Patched in Version: 1.1.46 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.1.46+.

3. Yada Wiki

Plugin: Yada Wiki Vulnerability: Stored Cross-Site Scripting Patched in Version: 3.4.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.4.1+.

4. User Profile Picture

Plugin: User Profile Picture Vulnerability: Arbitrary User Picture Change/Deletion via IDOR Patched in Version: 2.6.0 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.6.0+.

5. YouTube Embed, Playlist and Popup

Plugin: YouTube Embed, Playlist and Popup Vulnerability: Stored XSS Patched in Version: 2.3.9 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.3.9+.

6. W3 Total Cache

Plugin: W3 Total Cache Vulnerability: Reflected XSS in Extensions Page Patched in Version: 2.1.5 Severity Score: High

Plugin: W3 Total Cache Vulnerability: Reflected XSS in Extensions Page Patched in Version: 2.1.4 Severity Score: Critical

The vulnerability is patched, so you should update to version 2.1.5+.

7. ProfilePress

Plugin: ProfilePress Vulnerability: Authenticated Stored XSS Patched in Version: 3.1.8 Severity Score: Medium

Plugin: ProfilePress Vulnerability: Unauthenticated Privilege Escalation Patched in Version: 3.1.4 Severity Score: Critical

Plugin: ProfilePress Vulnerability: Arbitrary File Upload in Image Uploader Component Patched in Version: 3.1.4 Severity Score: Critical

The vulnerability is patched, so you should update to version 3.1.8+.

8. Tutor LMS

Plugin: Tutor LMS Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: 1.9.2 Severity Score: High

The vulnerability is patched, so you should update to version 1.9.2+.

9. Youzify

Plugin: Youzify Vulnerability: Stored Cross-Site Scripting via Biography Patched in Version: 1.0.7 Severity Score: High

The vulnerability is patched, so you should update to version 1.0.7+.

10. Any Hostname

Plugin: Any Hostname Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

11. Event Geek

Plugin: Event Geek Vulnerability: Stored Cross-site Scripting Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

12. DrawBlog

Plugin: DrawBlog Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

13. Bookshelf

Plugin: Bookshelf Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

14. Migrate Users

Plugin: Migrate Users Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

15. Steam Group Viewer

Plugin: Steam Group Viewer Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

16. Awesome Weather Widget

Plugin: Awesome Weather Widget Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

17. Post Grid

Plugin: Post Grid Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.1.8 Severity Score: High

The vulnerability is patched, so you should update to version 2.1.8+.

18. Quiz Maker

Plugin: Quiz Maker Vulnerability: Multiple Authenticated Blind SQL Injections Patched in Version: 6.2.0.9 Severity Score: High

The vulnerability is patched, so you should update to version 6.2.0.9+.

19. Fudousan

Plugin: Portfolio Responsive Gallery Vulnerability: Authenticated Blind SQL Injections Patched in Version: 1.1.8 Severity Score: High

The vulnerability is patched, so you should update to version 1.1.8+.

Plugin: Portfolio Responsive Gallery Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.1.8 Severity Score: High

The vulnerability is patched, so you should update to version 1.1.8+.

20. Popup box

Plugin: Popup box Vulnerability: Authenticated Blind SQL Injections Patched in Version: 2.3.4 Severity Score: High

The vulnerability is patched, so you should update to version 2.3.4+.

Plugin: Popup box Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.3.4 Severity Score: High

The vulnerability is patched, so you should update to version 2.3.4+.

21. Survey Maker

Plugin: Survey Maker Vulnerability: Authenticated Blind SQL Injections Patched in Version: 1.5.6 Severity Score: High

The vulnerability is patched, so you should update to version 1.5.6+.

Plugin: Survey Maker Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.5.6 Severity Score: High

The vulnerability is patched, so you should update to version 1.5.6+.

22. Popup Like box – Page Plugin

Plugin: Popup Like box – Page Plugin Vulnerability: Authenticated Blind SQL Injections Patched in Version: 3.5.3 Severity Score: High

The vulnerability is patched, so you should update to version 3.5.3+.

Plugin: Popup Like box – Page Plugin Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.5.3 Severity Score: High

The vulnerability is patched, so you should update to version 3.5.3+.

23. FAQ Builder

Plugin: FAQ Builder Vulnerability: Authenticated Blind SQL Injections Patched in Version: 1.3.6 Severity Score: High

The vulnerability is patched, so you should update to version 1.3.6+.

24. Photo Gallery by Ays 

Plugin: Photo Gallery by Ays Vulnerability: Authenticated Blind SQL Injections Patched in Version: 4.4.4 Severity Score: High

The vulnerability is patched, so you should update to version 4.4.4+.

Plugin: Photo Gallery by Ays Vulnerability: Reflected Cross-Site Scripting Patched in Version: 4.4.4 Severity Score: High

The vulnerability is patched, so you should update to version 4.4.4+.

25. Image Slider by Ays

Plugin: Image Slider by Ays Vulnerability: Authenticated Blind SQL Injections Patched in Version: 2.5.0 Severity Score: High

Plugin: Image Slider by Ays Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.5.0 Severity Score: High

The vulnerability is patched, so you should update to version 2.5.0+.

26. Poll Maker

Plugin: Poll Maker Vulnerability: Authenticated Blind SQL Injections Patched in Version: 3.2.1 Severity Score: High

The vulnerability is patched, so you should update to version 3.2.1+.

27. Secure Copy Content Protection and Content Locking

Plugin: Secure Copy Content Protection and Content Locking Vulnerability: Authenticated Blind SQL Injections Patched in Version: 2.6.7 Severity Score: High

The vulnerability is patched, so you should update to version 2.6.7+.

28. RSVPMaker

Plugin: RSVPMaker Vulnerability: Authenticated SSRF Patched in Version: 8.7.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 8.7.3+.

29. WP Offload SES Lite

Plugin: WP Offload SES Lite Vulnerability: Stored Cross-Site Scripting Patched in Version: 1.4.5 Severity: High

The vulnerability is patched, so you should update to version 1.4.5+.

30. WP SMS

Plugin: WP SMS Vulnerability: Reflected Cross-Site Scripting Patched in Version: 5.4.9.1 Severity: High

The vulnerability is patched, so you should update to version 5.4.9.1+.

31. Profile Builder

Plugin: Profile Builder Vulnerability: Authenticated Stored XSS Patched in Version: 3.4.8 Severity: Medium

The vulnerability is patched, so you should update to version 3.4.8+

32. TaxoPress

Plugin: TaxoPress Vulnerability: Authenticated Stored Cross-Site Scripting Patched in Version: 3.0.7.2 Severity: Medium

The vulnerability is patched, so you should update to version 3.0.7.2+.

33. Strong Testimonials

Plugin: Strong Testimonials Vulnerability: Unauthorized AJAX Call Patched in Version: 2.51.3 Severity: Medium

The vulnerability is patched, so you should update to version 2.51.3+.

34. Adapta RGPD

Plugin: Adapta RGPD Vulnerability: Unauthorized Consent via CSRF Patched in Version: 1.3.3 Severity: Medium

The vulnerability is patched, so you should update to version 1.3.3+.

35. MailOptin

Plugin: MailOptin Vulnerability: Unauthorized AJAX Call Patched in Version: 1.2.35.2 Severity: Medium

The vulnerability is patched, so you should update to version 1.2.35.2+.

36. YITH Request a Quote for WooCommerce 

Plugin: YITH Request a Quote for WooCommerce Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 1.6.4 Severity: Medium

The vulnerability is patched, so you should update to version 1.6.4+.

37. ReviewX

Plugin: ReviewX Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 1.2.9 Severity: Medium

The vulnerability is patched, so you should update to version 1.2.9+.

38. Food Store

Plugin: Food Store Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 1.3.7 Severity: Medium

The vulnerability is patched, so you should update to version 1.3.7+.

39. WP Prayer

Plugin: WP Prayer Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 1.5.5 Severity: Medium

The vulnerability is patched, so you should update to version 1.5.5+.

40. KONTXT Content Advisor

Plugin: KONTXT Content Advisor Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 2.3 Severity: Medium

The vulnerability is patched, so you should update to version 2.3+.

41. Fontsampler

Plugin: Fontsampler Vulnerability: CSRF to Authenticated Reflected Cross-Site Scripting Patched in Version: 0.4.13 Severity: High

The vulnerability is patched, so you should update to version 0.4.13+.

42. MZ Mindbody API

Plugin: MZ Mindbody API Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 2.8.3 Severity: High

The vulnerability is patched, so you should update to version 2.8.3+.

43. Journey Analytics

Plugin: Journey Analytics Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 1.0.13 Severity: Medium

The vulnerability is patched, so you should update to version 1.0.13+.

44. Alkubot

Plugin: Alkubot Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: 3.0.0 Severity: Medium

The vulnerability is patched, so you should update to version 3.0.0+.

45. MZ MBO Access

Plugin: MZ MBO Access Vulnerability: Unauthorized AJAX call Patched in Version: 2.0.9 Severity: Medium

The vulnerability is patched, so you should update to version 2.0.9+.

46. BNG Gateway For Woocommerce

Plugin: BNG Gateway For Woocommerce Vulnerability: CSRF Bypass Patched in Version: No known fix Severity: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

47. BuddyPress Customer.io Analytics Integration

Plugin: BuddyPress Customer.io Analytics Integration Vulnerability: Arbitrary Plugin Settings Update via CSRF Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

48. WooCommerce Custom Registration Form

Plugin: WooCommerce Custom Registration Form Vulnerability: Arbitrary Field Deletion and Form Modification via CSRF Patched in Version: No known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

49. Woocommerce Tabs Plugin, Add Custom Product Tabs

Plugin: Woocommerce Tabs Plugin, Add Custom Product Tabs Vulnerability: Arbitrary Tab Deletion/Edition via CSRF Patched in Version: No known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

50. Global Multisite Search

Plugin: Global Multisite Search Vulnerability: CSRF Bypass Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

51. Intimate Payments

Plugin: Intimate Payments Vulnerability: CSRF Bypass Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

52. KONTXT Improves WordPress Search

Plugin: KONTXT Improves WordPress Search Vulnerability: CSRF Bypass Patched in Version: No known fix Severity Score: Medium

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

53. Instantio

Plugin: Instantio Vulnerability: CSRF Bypass Patched in Version: 1.2.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.2.6+.

54. Express Shop

Plugin: Express Shop Vulnerability: CSRF Bypass Patched in Version: 4.0.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 4.0.3+.

55. SEO Wizard

Plugin: SEO Wizard Vulnerability: Unauthorized robots.txt & .htaccess Edit via CSRF Patched in Version: No known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

56. Title Field Validation

Plugin: Title Field Validation Vulnerability: Unauthorized AJAX call via CSRF Patched in Version: No known fix Severity: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

57. Booking Calendar

Plugin: Booking Calendar Vulnerability: Authorized AJAX calls Patched in Version: 2.1.6 Severity: Medium

The vulnerability is patched, so you should update to version 2.1.6+.

58. Community Event

Plugin: Community Event Vulnerability: Reflected XSS Patched in Version: 1.4.8 Severity Score: High

The vulnerability is patched, so you should update to version 1.4.8+

59. WP LMS

Plugin: WP LMS Vulnerability: Stored Cross-Site Scripting Patched in Version: No known fix Severity: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

60. Cooked Pro

Plugin: Cooked Pro Vulnerability: Unauthenticated Reflected Cross-Site Scripting Patched in Version: 1.7.5.6 Severity: Medium

The vulnerability is patched, so you should update to version 1.7.5.6+.

61. PWA for WP & AMP

Plugin: PWA for WP & AMP Vulnerability: Authenticated Arbitrary File Upload Patched in Version: 1.7.33 Severity: Critical

The vulnerability is patched, so you should update to version 1.7.33+.

WordPress Themes Vulnerabilities

1. Onair2

Theme: Onair2 Vulnerability: Unauthenticated RFI and SSRF Patched in Version: 3.9.9.2 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.9.9.2+.

2. KenthaRadio

Theme: KenthaRadio Vulnerability: Unauthenticated RFI and SSRF Patched in Version: 2.0.2 SeverityScore: Medium

The vulnerability is patched, so you should update to version 2.0.2+.

3. Newspaper

Theme: Newspaper Vulnerability: Reflected Cross-Site Scripting Patched in Version: 11 Severity: High

The vulnerability is patched, so you should update to version 11+.

4. Woostify

Theme: Woostify Vulnerability: CSRF Bypass Patched in Version: 1.9.2 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.9.2+.

 

If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay! 

The information for this blog post was taken from iThemes Vulnerability Roundup

If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!