Threat Alerts / Sep 29, 2021

Each vulnerability will have a severity rating of Low, Medium, High, or Critical. Responsible disclosure and reporting of vulnerabilities is an integral part of keeping the WordPress community safe.

 

WordPress Core Vulnerabilities

Several WordPress core security issues were disclosed and fixed. WordPress 5.8.1 was released as a security and maintenance release. As a best practice, always be sure to run the latest version of WordPress core!

WordPress Plugin Vulnerabilities

1. Comments – wpDiscuz

Plugin: Comments – wpDiscuz Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 7.3.2 Severity Score: Low

The vulnerability is patched, so you should update to version 7.3.2.

2. Page Generator

Plugin: Page Generator Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.5.9 Severity Score: High

The vulnerability is patched, so you should update to version 1.5.9.

3. WordPress to Hootsuite

Plugin: WordPress to Hootsuite Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.3.9 Severity Score: High

The vulnerability is patched, so you should update to version 1.3.9.

4. WordPress to Buffer

Plugin: WordPress to Buffer Vulnerability: Reflected Cross-Site Scripting Patched in Version: 3.7.5 Severity Score: High

The vulnerability is patched, so you should update to version 3.7.5.

5. Gutenberg PDF Viewer Block

Plugin: Gutenberg PDF Viewer Block Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 1.0.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.0.1.

6. YITH WooCommerce Product Add-Ons

Plugin: YITH WooCommerce Product Add-Ons Vulnerability: Authenticated Local File Inclusion Patched in Version: 2.1.0 Severity Score: Medium

This vulnerability has been patched, but the plugin has been closed. You should find a replacement ASAP.

Plugin: YITH WooCommerce Product Add-Ons Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.1.0 Severity Score: High

This vulnerability has been patched, but the plugin has been closed. You should find a replacement ASAP.

7. To Top

Plugin: To Top Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 2.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.3.

8. Header Enhancement

Plugin: Header Enhancement Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.5 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.5.

9. Generate Child Theme

Plugin: Generate Child Theme Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.6.

10. Essential Content Types

Plugin: Essential Content Types Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.9 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.9. 

11. Catch Web Tools

Plugin: Catch Web Tools Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 2.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.7.

12. Essential Widgets 

Plugin: Software License Manager Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.9 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.9.

13. Catch Under Construction

Plugin: Catch Under Construction Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.4 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.4.

14. Catch Themes Demo Import

Plugin: Catch Themes Demo Import Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.6.

15. Catch Sticky Menu

Plugin: Catch Sticky Menu Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.7.

16. Catch Scroll Progress Bar

Plugin: Catch Scroll Progress Bar Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.6.

17. Social Gallery and Widget

Plugin: Social Gallery and Widget Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 2.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.3.

18. Catch Infinite Scroll

Plugin: Catch Infinite Scroll Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.9 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.9.

19. Catch Import Export

Plugin: Catch Import Export Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.9 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.9.

20. Catch Gallery

Plugin: Catch Gallery Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.7.

21. Catch Duplicate Switcher

Plugin: Catch Duplicate Switcher Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.6 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.6.

22. Catch Breadcrumb 

Plugin: Catch Breadcrumb Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 1.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.7.

23. Catch IDs 

Plugin: Catch IDs Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 2.4 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.4.

24. Tutor LMS

Plugin: Tutor LMS Vulnerability: Multiple Admin+ Stored Cross-Site Scripting Patched in Version: 1.9.9 Severity Score: Low

The vulnerability is patched, so you should update to version 1.9.9.

25. WP Import Export Lite

Plugin: WP Import Export Lite Vulnerability: Subscriber+ Extensions Update Patched in Version: 3.9.5 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.9.5.

Plugin: WP Import Export Lite Vulnerability: Subscriber+ Arbitrary Blog Options Update Patched in Version: 3.9.5 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.9.5.

26. One User Avatar

Plugin: One User Avatar Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 2.3.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.3.7.

Plugin: One User Avatar Vulnerability: Avatar Update via CSRF Patched in Version: 2.3.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.3.7.

27. Scroll Baner

Plugin: Scroll Baner Vulnerability: CSRF to RCE Patched in Version: no known fix Severity Score: Critica

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

28. WP Ticket

Plugin: WP Ticket Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 5.10.4 Severity Score: Low

The vulnerability is patched, so you should update to version 5.10.4.

29. GamePress 

Plugin: GamePress Vulnerability: Reflected Cross-Site Scripting Patched in Version: no known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

30. Wechat Reward

Plugin: Wechat Reward Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: no known fix Severity Score: High

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

31. Sociable

Plugin: Sociable Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: no known fix Severity Score: Low

This vulnerability has NOT been patched. Uninstall and delete the plugin until a patch is released.

32. BetterDocs

Plugin: BetterDocs Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.9.2 Severity Score: High

The vulnerability is patched, so you should update to version 1.9.2.

33. Multiple WooCommerce Add-Ons – multiple plugins

Plugin: Product Filter for WooCommerce Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 8.2.0 Severity Score: High

The vulnerability is patched, so you should update to version 8.2.0.

Plugin: improved-variable-product-attributes Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 5.3.0 Severity Score: High

The vulnerability is patched, so you should update to version 5.3.0.

Plugin: improved-sale-badges Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 4.4.0 Severity Score: High

The vulnerability is patched, so you should update to version 4.4.0.

Plugin: share-print-pdf-woocommerce Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 2.8.0 Severity Score: High

The vulnerability is patched, so you should update to version 2.8.0.

Plugin: product-loops Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.7.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.7.0.

Plugin: XforWooCommerce Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.7.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.7.0.

Plugin: package-quantity-xforwc Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.2.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.2.0.

Plugin: price-commander-xforwc Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.3.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.3.0.

Plugin: spam-control-xforwc Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.5.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.5.0.

Plugin: add-tabs-xforwc Vulnerability: Low Priv Arbitrary Blog Options Update/Access/Deletion & Plugin’s Settings Update/Export/Import Patched in Version: 1.5.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.5.0.

34. WP Cookie Choice

Plugin: WP Cookie Choice Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: no known fix Severity Score: High

This vulnerability has NOT been patched. This plugin has been closed as of August 2, 2021. Uninstall and delete.

35. Easy Twitter Feed

Plugin: Easy Twitter Feed Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 1.2 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.4.

36. Html5 Audio Player

Plugin: Html5 Audio Player Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 2.1.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.1.3.

37. Polo Video Gallery

Plugin: Polo Video Gallery Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of July 27, 2021. Uninstall and delete.

38. StreamCast

Plugin: StreamCast Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 2.1.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.1.1.

39. PDF Light Viewer

Plugin: PDF Light Viewer Vulnerability: Authenticated Command Injection Patched in Version: 1.4.12 Severity Score: Low

The vulnerability is patched, so you should update to version 1.4.12.

40. MainWP Child Reports 

Plugin: MainWP Child Reports Vulnerability: Admin+ SQL Injection Patched in Version: 2.0.8 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.0.8.

41. LearnPress

Plugin: LearnPress Vulnerability: Unauthorised Plugin’s Setting Change Patched in Version: 4.1.3.1 Severity Score: Low

The vulnerability is patched, so you should update to version 4.1.3.1.

Plugin: LearnPress Vulnerability: Multiple Admin+ Stored Cross-Site Scripting Patched in Version: 4.1.3.1 Severity Score: Low

The vulnerability is patched, so you should update to version 4.1.3.1.

42. OptinMonster

Plugin: OptinMonster Vulnerability: Reflected Cross-Site Scripting (XSS) Patched in Version: 2.6.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.6.1.

43. Frontend Uploader

Plugin: Frontend Uploader Vulnerability: Unauthenticated Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of July 22, 2021. Uninstall and delete.

44. Allow REL= and HTML in Author Bios

Plugin: Allow REL= and HTML in Author Bios – WordPress plugin | WordPress.org Vulnerability: Author+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of July 22, 2021. Uninstall and delete.

45. WP HTML Author Bio

Plugin: WP HTML Author Bio Vulnerability: Author+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of July 19, 2021. Uninstall and delete.

46. jQuery Reply to Comment 

Plugin: jQuery Reply to Comment Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: High

This vulnerability has NOT been patched. This plugin has been closed as of July 19, 2021. Uninstall and delete.

47. Video Gallery – Vimeo and YouTube Gallery

Plugin: Video Gallery – Vimeo and YouTube Gallery Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of September 15, 2021. Uninstall and delete.

48. Request a Quote

Plugin: Request a Quote Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 2.3.5 Severity Score: Low

The vulnerability is patched, so you should update to version 2.3.5.

49. St Daily Tip

Plugin: St Daily Tip Vulnerability: CSRF to Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: High

This vulnerability has NOT been patched. This plugin has been closed as of June 28, 2021. Uninstall and delete.

50. Advance Search 

Plugin: Advance Search Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.1.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.1.3.

51. WP Mega Menu

Plugin: WP Mega Menu Vulnerability: Subscriber+ Arbitrary Post Access Patched in Version: 1.4.1 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.4.1.

Plugin: WP Mega Menu Vulnerability: Unauthenticated Arbitrary Post Access Patched in Version: 1.4.0 Severity Score: High

The vulnerability is patched, so you should update to version 1.4.0.

52. Cherry Plugin 

Plugin: Cherry Plugin Vulnerability: Unauthenticated Arbitrary File Upload and Download Patched in Version: 1.2.7 Severity Score: Critical

The vulnerability is patched, so you should update to version 1.2.7.

53. WP Job Manager

Plugin: WP Job Manager – WordPress plugin | WordPress.org Vulnerability: Phar Deserialization Patched in Version: 1.31.3 Severity Score:

The vulnerability is patched, so you should update to version 1.31.3.

Plugin: WP Job Manager – WordPress plugin | WordPress.org Vulnerability: Unauthenticated Object Injection Patched in Version: 1.29.3 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.29.3.

Plugin: WP Job Manager – WordPress plugin | WordPress.org Vulnerability: Unauthenticated Arbitrary File Upload Patched in Version: 1.26.2 Severity Score: Critical

The vulnerability is patched, so you should update to version 1.26.2.

Plugin: WP Job Manager – WordPress plugin | WordPress.org Vulnerability: Reflected Cross-Site Scripting (XSS) Patched in Version: 1.23.8 Severity Score: High

The vulnerability is patched, so you should update to version 1.23.8.

54. WP Mobile Detector

Plugin: WP Mobile Detector Vulnerability: Unauthenticated Arbitrary File Upload Patched in Version: 3.6 Severity Score: Critical

This vulnerability has been patched, but the plugin has been closed. You should find a replacement ASAP.

55. Telefication

Plugin: Telefication Vulnerability: Open Relay & Server-Side Request Forgery Patched in Version: no known fix – plugin closed Severity Score: Medium

This vulnerability has NOT been patched. This plugin has been closed as of September 20, 2021. Uninstall and delete.

56. Game Server Status

Plugin: Game Server Status Vulnerability: Contributor+ SQL Injection Patched in Version: no known fix – plugin closed Severity Score: High

Plugin: Game Server Status Vulnerability: Admin+ SQL Injection Patched in Version: no known fix – plugin closed Severity Score: Medium

Plugin: Game Server Status Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of August 20, 2021. Uninstall and delete.

57. Responsive WordPress Slider

Plugin: Responsive WordPress Slider Vulnerability: Subscriber+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Critical

Plugin: Responsive WordPress Slider Vulnerability: Reflected Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Critical

This vulnerability has NOT been patched. This plugin has been closed as of September 20, 2021. Uninstall and delete.

58. Fetch Tweets 

Plugin: Fetch Tweets Vulnerability: Reflected Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: High

This vulnerability has NOT been patched. This plugin has been closed as of August 9, 2021. Uninstall and delete.

59. WooCommerce

Plugin: WooCommerce Vulnerability: Analytics Report Leaks Patched in Version: 5.7.0 Severity Score: Medium

The vulnerability is patched, so you should update to version 5.7.0.

60. WooCommerce Admin

Plugin: WooCommerce Admin Vulnerability: Analytics Report Leaks Patched in Version: 2.6.0 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.6.0.

61. YT Player

Plugin: YT Player Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 1.4 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.4.

62. Cookie Bar

Plugin: Cookie Bar Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: no known fix – plugin closed Severity Score: Low

This vulnerability has NOT been patched. This plugin has been closed as of August 5, 2021. Uninstall and delete.

63. WP User Manager 

Plugin: WP User Manager Vulnerability: Arbitrary User Password Reset to Account Compromise Patched in Version: 2.6.3 Severity Score: High

The vulnerability is patched, so you should update to version 2.6.3.

64. Easy Media Download

Plugin: Easy Media Download Vulnerability: Contributor+ Stored Cross-Site Scripting Patched in Version: 1.1.7 Severity Score: Medium

The vulnerability is patched, so you should update to version 1.1.7.

65. Ninja Forms

Plugin: Ninja Forms Vulnerability: Unprotected REST-API to Sensitive Information Disclosure Patched in Version: 3.5.8 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.5.8.

Plugin: Ninja Forms Vulnerability: Unprotected REST-API to Email Injection Patched in Version: 3.5.8 Severity Score: Medium

The vulnerability is patched, so you should update to version 3.5.8.

Plugin: Ninja Forms Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 3.5.8.2 Severity Score: Low

The vulnerability is patched, so you should update to version 3.5.8.2.

66. 3DPrint Lite

Plugin: 3DPrint Lite Vulnerability: Unauthenticated Arbitrary File Upload Patched in Version: no known fix – plugin closed Severity Score: Critical

This vulnerability has NOT been patched. This plugin has been closed as of September 23, 2021. Uninstall and delete.

67. iQ Block Country 

Plugin: iQ Block Country Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 1.2.12 Severity Score: Low

The vulnerability is patched, so you should update to version 1.2.12.

68. WordPress Popular Posts

Plugin: WordPress Popular Posts Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 5.3.4 Severity Score: Low

The vulnerability is patched, so you should update to version 5.3.4.

69. Custom Dashboard & Login Page

Plugin: Custom Dashboard & Login Page Vulnerability: Admin+ Stored Cross-Site Scripting Patched in Version: 6.9.2 Severity Score: Low

The vulnerability is patched, so you should update to version 6.9.2.

70. Bug Library 

Plugin: Bug Library Vulnerability: Reflected Cross-Site Scripting Patched in Version: 2.0.4 Severity Score: Medium

The vulnerability is patched, so you should update to version 2.0.4.

 

If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay! 

The information for this blog post was taken from iThemes Vulnerability Roundup

If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!