WordPress Vulnerabilities Digest - September 2022 Part 1

Each vulnerability will have a severity rating oflow, medium, high, or critical. Responsible disclosure and reporting of vulnerabilities is an integral part of keeping the WordPress community safe.

WordPress Core Vulnerabilities

WordPress 6.0.2 was released on August 30, 2022. This security and maintenance release features 12 bug fixes on Core, 5 bug fixes for the Block Editor, and 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately.

1. WordPress Core

VULNERABILITY Authenticated Stored Cross-Site Scripting; SQLi via Link API; Reflected Cross-Site Scripting PATCHED IN VERSION 6.0.2 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 6.0.2.

WordPress Core Dropping Support for WordPress Versions 3.7. 4.0

In more WordPress core security news, the WordPress Security Team will no longer provide security updates for WordPress core versions 3.7 4.0. Please make sure all your WordPress sites are running the latest version.

BackupBuddy

PLUGIN BackupBuddy VULNERABILITY Directory Traversal Vulnerability PATCHED IN VERSION 8.7.5 SEVERITY SCORE High

The vulnerability has been patched, so you should update to version 8.7.5.

WordPress Plugin Vulnerabilities

1. SVG Support

PLUGIN SVG Support INSTALLATIONS 1,000,000+ VULNERABILITY Author+ Stored Cross-Site Scripting PATCHED IN VERSION 2.5 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 2.5.

2. NinjaForms

PLUGIN Ninja Forms Contact Form The Drag and Drop Form Builder for WordPress INSTALLATIONS 900,000+ VULNERABILITY Admin+ PHP Objection Injection PATCHED IN VERSION 3.6.13 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 3.6.13.

3. Post SMTP

PLUGIN Post SMTP Mailer/Email Log INSTALLATIONS 300,000+ VULNERABILITY Admin+ Blind SSRF PATCHED IN VERSION 2.1.7 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 2.1.7.

4. Beaver Builder

PLUGIN Beaver Builder WordPress Page Builder INSTALLATIONS 200,000+ VULNERABILITY Authenticated Stored XSS via Caption On Hover; Authenticated Stored XSS via Caption PATCHED IN VERSION 2.5.5.3 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 2.5.5.3.

5. Download Manager

PLUGIN Download Manager INSTALLATIONS 100,000+ VULNERABILITY Admin+ Arbitrary File/Folder Access via Path Traversal PATCHED IN VERSION 3.2.55 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 3.2.55.

6. Booking Calendar

PLUGIN Booking Calendar INSTALLATIONS 60,000+ VULNERABILITY Arbitrary Translation Update via CSRF PATCHED IN VERSION 9.2.2 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 9.2.2.

7. Restricted Site Access

PLUGIN Restricted Site Access INSTALLATIONS 20,000+ VULNERABILITY Access Bypass via IP Spoofing PATCHED IN VERSION 7.3.2 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 7.3.2.

8. Image Hover Effects Ultimate

PLUGIN Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) INSTALLATIONS 20,000+ VULNERABILITY Authenticated Stored XSS PATCHED IN VERSION 9.8.0 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 9.8.0.

9. Simple File List

PLUGIN Simple File List INSTALLATIONS 5,000+ VULNERABILITY Reflected Cross-Site Scripting PATCHED IN VERSION 4.4.12 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 4.4.12.

10. Slider Hero

PLUGIN Slider Hero with Animation, Video Background INSTALLATIONS 4,000+ VULNERABILITY Admin+ Stored Cross-Site Scripting PATCHED IN VERSION 8.4.4 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 8.4.4.

11. Generate PDF using Contact Form 7

PLUGIN Generate PDF using Contact Form 7 INSTALLATIONS 2,000+ VULNERABILITY Admin+ Stored Cross-Site Scripting PATCHED IN VERSION 3.6 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 3.6.

12. CM Download Manager

PLUGIN CM Download Manager INSTALLATIONS 500+ VULNERABILITY Admin+ Arbitrary File Upload PATCHED IN VERSION 2.8.6 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 2.8.6.

13. OAuth client Single Sign On for WordPress

PLUGIN OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) INSTALLATIONS 100+ VULNERABILITY Unauthenticated Settings Update to Authentication Bypass PATCHED IN VERSION 3.0.4 SEVERITY SCORE Critical

The vulnerability has been patched, so you should update to version 3.0.4.

14. WP Cerber Security

PLUGIN WP Cerber Security, Anti-spam & Malware Scan VULNERABILITY Username Enumeration Bypass PATCHED IN VERSION 9.1 SEVERITY SCORE Medium

The vulnerability has been patched, so you should update to version 9.1.

15. Wordlift

PLUGIN WordLift AI powered SEO Schema VULNERABILITY Admin+ Stored Cross-Site Scripting PATCHED IN VERSION 3.37.2 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 3.37.2.

16. Ldap WP Login / Active Directory Integration

PLUGIN Ldap WP Login / Active Directory Integration VULNERABILITY Unauthenticated Settings Update to Auth Bypass; Reflected Cross-Site Scripting PATCHED IN VERSION 3.0.2 SEVERITY SCORE Critical

The vulnerability has been patched, so you should update to version 3.0.2.

17. WP Socializer

PLUGIN WP Socializer Simple & Easy Social Media Share Icons VULNERABILITY Admin+ Stored Cross-Site Scripting PATCHED IN VERSION 7.3 SEVERITY SCORE Low

The vulnerability has been patched, so you should update to version 7.3.

18. Scripts Organizer

PLUGIN VULNERABILITY Unauthenticated Arbitrary File Upload PATCHED IN VERSION 3.0 SEVERITY SCORE Critical

The vulnerability has been patched, so you should update to version 3.0.

WordPress Plugin Vulnerabilities No Known Fix

Until a patch is available, immediately uninstall and delete the plugin.

CallRail Phone Call Tracking

PLUGIN CallRail Phone Call Tracking INSTALLATIONS 20,000+ VULNERABILITY Stored XSS via CSRF PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched. You should deactivate the plugin.

MP3 jPlayer

PLUGIN MP3-jPlayer VULNERABILITY Multiple CSRF PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

SEO Smart Links

PLUGIN SEO Smart Links VULNERABILITY Admin+ Stored Cross-Site Scripting PATCHED IN VERSION No Fix SEVERITY SCORE Low

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

Ketchup Restaurant Reservations

PLUGIN Ketchup Restaurant Reservations VULNERABILITY Unauthenticated Stored XSS; Unauthenticated Blind SQLi PATCHED IN VERSION No Fix SEVERITY SCORE High

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

Easy Org Chart

PLUGIN Easy Org Chart VULNERABILITY Contributor+ Stored Cross-Site Scripting PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

WP Popup Builder

PLUGIN WP Popup Builder Popup Forms , Marketing PoPuP & Newsletter VULNERABILITY Reflected Cross-Site Scripting; Subscriber+ Arbitrary Popup Deletion PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

Bitcoin / Altcoin Faucet

PLUGIN Bitcoin / Altcoin Faucet VULNERABILITY Settings Update to Stored XSS via CSRF PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

Login Block IPs

PLUGIN Login Block IPs VULNERABILITY Arbitrary Setting Update via CSRF PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

Simple Bitcoin Faucets

PLUGIN Bitcoin Satoshi Tools : Faucets, Visitor Rewarder, Satoshi Games, Referral Program VULNERABILITY Unauthorised AJAX Call to Stored XSS PATCHED IN VERSION No Fix SEVERITY SCORE Medium

The vulnerability has not been patched and the plugin is closed. You should uninstall and delete the plugin.

WordPress Theme Vulnerabilities

Good news! No new WordPress theme vulnerabilities were disclosed this week.

If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay!

The information for this blog post was taken from iThemes Vulnerability Roundup

If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!