WordPress Vulnerabilities Digest - November 2021 Part 4

Each vulnerability will have a severity rating ofLow,Medium,High, orCritical. Responsible disclosure and reporting of vulnerabilities is an integral part of keeping the WordPress community safe.

WordPress Core Vulnerabilities

The latest version of WordPress core is 5.8.2. As a best practice, always be sure to run the latest version of WordPress core!

WordPress Plugin Vulnerabilities

1. Pixel Cat Lite

Plugin: Pixel Cat Lite Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 2.6.3 Severity Score: Low

The vulnerability is patched, so you should update to version 2.6.3.

Plugin: Pixel Cat Lite Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: 2.6.2 Severity Score: High

The vulnerability is patched, so you should update to version 2.6.2.

2. All-In-One-Gallery

Plugin: All-In-One-Gallery Vulnerability: Admin+ Local File Inclusion Patched in Version: 2.5.0 Severity Score: Low

The vulnerability is patched, so you should update to version 2.5.0.

3. StopBadBots

Plugin: StopBadBotsVulnerability: Reflected Cross-Site Scripting Patched in Version: 6.67 Severity Score: Critical

The vulnerability is patched, so you should update to version 6.67.

4. Temporary Login Without Password

Plugin: Temporary Login Without Password Vulnerability: Subscriber+ Plugins Settings Update Patched in Version: 1.7.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.7.1.

5. ProfilePress

Plugin: ProfilePress Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.2.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.2.3.

Plugin: ProfilePress Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.2.3 Severity Score: High

The vulnerability is patched, so you should update to version 3.2.3.

6. Modern Events Calendar

Plugin: Modern Events Calendar Vulnerability: Unauthenticated Blind SQL Injection Patched in Version: 6.1.5 Severity Score: High

The vulnerability is patched, so you should update to version 6.1.5.

Plugin: Modern Events Calendar Vulnerability: Reflected Cross-Site Scripting Patched in Version: 6.1.5 Severity Score: High

The vulnerability is patched, so you should update to version 6.1.5.

7. Auto Featured Image

Plugin: Auto Featured Image Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.9.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.9.3.

8. Ultimate NoFollow

Plugin: Ultimate NoFollowVulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: No known fix plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of September 28, 2021. Uninstall and delete.

9. NEX-Forms

Plugin: NEX-FormsVulnerability: Multiple Admin+ Stored Cross-Site Scripting Patched in Version: No known fix plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of October 4, 2021. Uninstall and delete.

10. SEO Booster

Plugin: SEO BoosterVulnerability: Admin+ SQL Injection Patched in Version: No known fix plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of October 5, 2021. Uninstall and delete.

11. WP System Log

Plugin: WP System Log Vulnerability: Unauthenticated Stored Cross-Site Scripting Patched in Version: 1.0.21 Severity Score: Critical

The vulnerability is patched, so you should update to version 1.0.21.

12. Inspirational Quote Rotator

Plugin: Inspirational Quote Rotator Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: No known fix plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of September 23, 2021. Uninstall and delete.

13. Single Post Exporter

Plugin: Single Post Exporter Vulnerability: Plugins Settings Update via CSRF Patched in Version: No known fix plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of September 23, 2021. Uninstall and delete.

14. Flex Local Fonts

Plugin: Flex Local FontsVulnerability: Admin+ Stored Cross-Site-Scripting Patched in Version: No known fix plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of September 23, 2021. Uninstall and delete.

15. WP Admin Logo Changer

Plugin: WP Admin Logo Changer Vulnerability: Plugins Settings Update via CSRF Patched in Version: No known fix plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of October 4, 2021. Uninstall and delete.

16. Contact Form Advanced Database

Plugin: Contact Form Advanced DatabaseVulnerability: Unauthorised AJAX Calls Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of September 27, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

17. Shiny Buttons

Plugin: Shiny Buttons Vulnerability: Unauthenticated Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: High

This plugin has been closed as of September 27, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

18. Filter Portfolio Gallery

Plugin: Filter Portfolio Gallery Vulnerability: Arbitrary Gallery Deletion via CSRF Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of September 27, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

19. WP Limits

Plugin: WP Limits Vulnerability: Plugins Settings Update via CSRF Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 4, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

20. Page/Post Content Shortcode

Plugin: Page/Post Content Shortcode Vulnerability: Contributor+ Arbitrary Posts/Pages Access Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 4, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

21. Improved Include Page

Plugin: Improved Include Page Vulnerability: Contributor+ Arbitrary Posts/Pages Access Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 8, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

22. Mediamatic

Plugin: Mediamatic Vulnerability: Subscriber+ SQL Injection Patched in Version: No known fix Severity Score: High

This plugin has been closed as of October 11, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

23. Display Post Metadata

Plugin: Display Post Metadata Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 21, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

24. ToTop Link

Plugin: ToTop Link Vulnerability: Unauthenticated PHP Object Injection Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 21, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

25. User Meta Shortcodes

Plugin: User Meta Shortcodes Vulnerability: Contributor+ Unauthorized Arbitrary User Metadata Access Patched in Version: No known fix Severity Score: High

This plugin has been closed as of October 12, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

26. Quotes Collection

Plugin: Quotes Collection Vulnerability: Admin+ SQL Injection Patched in Version: No known fix Severity Score: Medium

This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

27. Push Notifications for WordPress (Lite)

Plugin: Push Notifications for WordPress (Lite)Vulnerability: Settings Update via CSRF Patched in Version: 6.0.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 6.0.1.

28. SportsPress

Plugin: SportsPress Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.7.9 Severity Score: High

The vulnerability is patched, so you should update to version 2.7.9.

29. Login/Signup Popup

Plugin: Login/Signup Popup Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.2 Severity Score: High

The vulnerability is patched, so you should update to version 2.2.

30. Preview E-mails for WooCommerce

Plugin: Preview E-mails for WooCommerce Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.0.0 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.0.0.5.

31. WP User Frontend

Plugin: WP User FrontendVulnerability: Membership, Profile, Registration & Post Submission Plugin for WordPress Patched in Version: 3.5.25 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.5.25.

32. Directorist Business Directory Plugin

Plugin: Directorist Business Directory Plugin Vulnerability: CSRF to Remote File Upload Patched in Version: 7.0.6.2 Severity Score: Critical

The vulnerability is patched, so you should update to version 7.0.6.2.

33. Easy Registration Forms

Plugin: Easy Registration Forms Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: No known fix Severity Score: High

This plugin has been closed as of November 12, 2021 and is not available for download. This closure is temporary, pending a full review. We recommend you uninstall and delete until a fix is found.

34. WP Reset Pro

Plugin: WP Reset ProVulnerability: Subscriber+ Database Reset Patched in Version: 5.99 Severity Score: Critical

The vulnerability is patched, so you should update to version 5.99.

Plugin: WP Reset ProVulnerability: Database Reset via CSRF Patched in Version: 5.99 Severity Score: Critical

The vulnerability is patched, so you should update to version 5.99.

35. WordPress + Microsoft Office 365

Plugin: WordPress + Microsoft Office 365 Vulnerability: Unauthenticated Stored Cross-Site Scripting Patched in Version: 15.4 Severity Score: Critical

The vulnerability is patched, so you should update to version 15.4.

36. Duplicate Post

Plugin: Duplicate PostVulnerability: Authenticated SQL Injection Patched in Version: 1.2.0 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.2.0.

37. Backup Migration

Plugin: Backup Migration Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 1.1.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.1.6.

If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay!

The information for this blog post was taken from iThemes Vulnerability Roundup

If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!