Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023)

Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface and vulnerability API are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:

JetElements <= 2.6.10 – Authenticated (Contributor+) Remote Code Execution

Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.

Total Unpatched & Patched Vulnerabilities Last Week

Patch Status
Number of Vulnerabilities

Unpatched
2

Patched
27

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating
Number of Vulnerabilities

Low Severity
0

Medium Severity
19

High Severity
7

Critical Severity
3

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE
Number of Vulnerabilities

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
11

Improper Privilege Management
4

Cross-Site Request Forgery (CSRF)
3

Improper Control of Generation of Code (‘Code Injection’)
3

Missing Authorization
2

Information Exposure
2

Authentication Bypass Using an Alternate Path or Channel
1

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
1

Use of Less Trusted Source
1

Unrestricted Upload of File with Dangerous Type
1

Researchers That Contributed to WordPress Security Last Week

Researcher Name
Number of Vulnerabilities

Lana Codes
(Wordfence Vulnerability Researcher)
5

Dmitriy
1

DoYeon Park
1

Bob Matyas
1

Marc-Alexandre Montpas
1

Rafie Muhammad
1

Dmitrii Ignatyev
1

Erwan LR
1

Daniel Ruf
1

MyungJu Kim
1

Pallab Jyoti Borah
1

Sayandeep Dutta
1

Vikas Kumawat
1

Satoo Nakano
1

Ryotaro Imamura
1

Vincenzo Turturro
1

Gianluca Parisi
1

Vincenzo Cantatore
1

 

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.

WordPress Plugins with Reported Vulnerabilities Last Week

Software Name
Software Slug

Advanced Custom Fields (ACF)
advanced-custom-fields

Booster for WooCommerce
woocommerce-jetpack

Bus Ticket Booking with Seat Reservation
bus-ticket-booking-with-seat-reservation

Duplicate Post
copy-delete-posts

FormCraft – Contact Form Builder for WordPress
formcraft-form-builder

Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor
front-editor

Import All Pages, Post types, Products, Orders, and Users as XML & CSV
wp-ultimate-csv-importer

JetElements
jet-elements

Media from FTP
media-from-ftp

MultiParcels Shipping For WooCommerce
multiparcels-shipping-for-woocommerce

Order Delivery Date for WooCommerce
order-delivery-date-for-woocommerce

PostX – Gutenberg Post Grid Blocks
ultimate-post

Shop as a Customer for WooCommerce
shop-as-a-customer-for-woocommerce

Short URL
shorten-url

Simple Blog Card
simple-blog-card

Simple Share Follow Button
simple-share-follow-button

Simple Ticker
simple-ticker

Stripe Payment Plugin for WooCommerce
payment-gateway-stripe-and-woocommerce-integration

Subscribers Text Counter
subscribers-text-counter

TI WooCommerce Wishlist
ti-woocommerce-wishlist

Upload Media By URL
upload-media-by-url

User Access Manager
user-access-manager

WordPress Job Board and Recruitment Plugin – JobWP
jobwp

wpShopGermany – Protected Shops
wpshopgermany-protectedshops

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.

Stripe Payment Plugin for WooCommerce <= 3.7.7 – Authentication Bypass

Affected Software: Stripe Payment Plugin for WooCommerce
CVE ID: CVE-2023-3162
CVSS Score: 9.8 (Critical)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b

TI WooCommerce Wishlist <= 2.7.3 – Unauthenticated Blind SQL Injection via Rest API

Affected Software: TI WooCommerce Wishlist
CVE ID: CVE Unknown
CVSS Score: 9.8 (Critical)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/82420667-9ba6-46ed-9a53-d16850755bb9

WordPress Job Board and Recruitment Plugin – JobWP <= 2.0 – Arbitrary File Upload via ‘jobwp_upload_resume’

Affected Software: WordPress Job Board and Recruitment Plugin – JobWP
CVE ID: CVE-2023-29384
CVSS Score: 9.8 (Critical)
Researcher/s: MyungJu Kim
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/88f4c567-eb57-4f98-afdc-65f8863b90c3

Shop as a Customer for WooCommerce <= 1.2.3 – Authenticated (Shop Manager+) Privilege Escalation

Affected Software: Shop as a Customer for WooCommerce
CVE ID: CVE Unknown
CVSS Score: 8.8 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3c730a69-015a-4b36-aa16-eff6916a302f

Shop as a Customer for WooCommerce <= 1.1.7 – Authenticated (Subscriber+) Privilege Escalation

Affected Software: Shop as a Customer for WooCommerce
CVE ID: CVE Unknown
CVSS Score: 8.8 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6d041edb-70f3-4894-8a78-f6881541054c

JetElements <= 2.6.10 – Authenticated (Contributor+) Remote Code Execution

Affected Software: JetElements
CVE ID: CVE-2023-39157
CVSS Score: 8.8 (High)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/73fca37e-c6cf-420c-b984-3ef89acf3216

WP Ultimate CSV Importer <= 7.9.8 – Authenticated (Author+) PHP File Creation to Remote Code Execution

Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV
CVE ID: CVE-2023-4141
CVSS Score: 8 (High)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/b4fe8b1f-da1c-4f94-9ab4-272766b488c3

WP Ultimate CSV Importer <= 7.9.8 – Authenticated (Author+) Remote Code Execution

Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV
CVE ID: CVE-2023-4142
CVSS Score: 8 (High)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/db1bad2e-55df-40c5-9a3f-651858a19b42

WP Ultimate CSV Importer <= 7.9.8 – Sensitive Information Exposure via Directory Listing

Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV
CVE ID: CVE-2023-4139
CVSS Score: 7.5 (High)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6404476e-0c32-4f8e-882f-6a1785ba5748

Booster for WooCommerce 7.0.0 – Authenticated (Shop Manager+) Missing Authorization to Arbitrary Options Update

Affected Software: Booster for WooCommerce
CVE ID: CVE Unknown
CVSS Score: 7.2 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/0903bd2b-240f-4791-bfa6-f727d193af4a

WP Ultimate CSV Importer <= 7.9.8 – Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation

Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV
CVE ID: CVE-2023-4140
CVSS Score: 6.6 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5fdba41f-daa5-44e8-bc47-aa8b7bd31054

Upload Media By URL <= 1.0.7 – Cross-Site Request Forgery via ‘umbu_download’

Affected Software: Upload Media By URL
CVE ID: CVE-2023-3720
CVSS Score: 6.5 (Medium)
Researcher/s: Dmitriy
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/18a0b8f2-4512-46a5-92a6-66d375c986dd

Simple Ticker <= 3.05 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Simple Ticker
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/162595bb-d41b-4dfd-bfda-3a1e5794eaaf

Simple Blog Card <= 1.30 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Simple Blog Card
CVE ID: CVE-2023-4035
CVSS Score: 6.4 (Medium)
Researcher/s: Dmitrii Ignatyev
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/78f6d878-6ba8-4d80-9c9b-1a363d6aaed5

Simple Share Follow Button <= 1.03 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Simple Share Follow Button
CVE ID: CVE Unknown
CVSS Score: 6.4 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ed98d335-16f9-4be8-bace-06e2b5db4cb9

Media from FTP <= 11.15 – Improper Privilege Management

Affected Software: Media from FTP
CVE ID: CVE Unknown
CVSS Score: 6.3 (Medium)
Researcher/s: Marc-Alexandre Montpas
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5f9cf9c5-d836-4414-a53f-adee2784bd96

Duplicate Post <= 1.4.1 – Cross-Site Request Forgery via ‘cdp_action_handling’ AJAX action

Affected Software: Duplicate Post
CVE ID: CVE Unknown
CVSS Score: 6.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a8c8d839-d2a4-4b2a-ad61-a3cda7826636

PostX – Gutenberg Post Grid Blocks <= 3.0.5 – Reflected Cross-Site Scripting via ‘postx_type’

Affected Software: PostX – Gutenberg Post Grid Blocks
CVE ID: CVE-2023-3992
CVSS Score: 6.1 (Medium)
Researcher/s: Bob Matyas
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5ab2e2ae-6f46-4815-a2d2-407767bfaba8

MultiParcels Shipping For WooCommerce <= 1.15.3 – Reflected Cross-Site Scripting

Affected Software: MultiParcels Shipping For WooCommerce
CVE ID: CVE-2023-3954
CVSS Score: 6.1 (Medium)
Researcher/s: Erwan LR
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/83a3f61c-2385-456f-bca3-6d3f3ffd9694

Order Delivery Date for WooCommerce <= 3.20.0 – Reflected Cross-Site Scripting via ‘orddd_lite_custom_startdate’ and ‘orddd_lite_custom_enddate’

Affected Software: Order Delivery Date for WooCommerce
CVE ID: CVE Unknown
CVSS Score: 6.1 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9719d083-cc7c-4655-a4c4-f5370cfe76e0

Short URL <= 1.6.7 – Missing Authorization via multiple AJAX functions

Affected Software: Short URL
CVE ID: CVE Unknown
CVSS Score: 6.1 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/dcd05142-9700-46a8-9ca6-f85e81dfee0d

Bus Ticket Booking with Seat Reservation <= 5.2.3 – Reflected Cross-Site Scripting

Affected Software: Bus Ticket Booking with Seat Reservation
CVE ID: CVE-2023-4067
CVSS Score: 6.1 (Medium)
Researcher/s: Vincenzo Turturro, Gianluca Parisi, Vincenzo Cantatore
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ff2855cb-e4a8-4412-af24-4cee03ae2d43

User Access Manager <= 2.2.16 – IP Spoofing

Affected Software: User Access Manager
CVE ID: CVE-2022-1601
CVSS Score: 5.3 (Medium)
Researcher/s: Daniel Ruf
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/88c5752c-ef4e-4343-810e-ecf1f33d3538

wpShopGermany – Protected Shops <= 2.0 – Authenticated(Administrator+) Stored Cross-Site Scripting

Affected Software: wpShopGermany – Protected Shops
CVE ID: CVE-2023-39919
CVSS Score: 4.4 (Medium)
Researcher/s: DoYeon Park
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/21cc5aec-ab5f-412b-aed0-bb41584a84cf

FormCraft <= 1.2.6 – Authenticated (Admin+) Stored Cross-Site Scripting

Affected Software: FormCraft – Contact Form Builder for WordPress
CVE ID: CVE-2023-3501
CVSS Score: 4.4 (Medium)
Researcher/s: Sayandeep Dutta
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c17967a4-20df-4b23-973f-591a0caeea39

Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor <= 4.0.4 – Authenticated(Administrator+) Stored Cross-Site Scripting

Affected Software: Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor
CVE ID: CVE-2023-1982
CVSS Score: 4.4 (Medium)
Researcher/s: Vikas Kumawat
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/dfea441c-2e77-47fa-8f6e-8d17d0c90ebe

Advanced Custom Fields <= 6.1.7 – Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Advanced Custom Fields (ACF)
CVE ID: CVE Unknown
CVSS Score: 4.4 (Medium)
Researcher/s: Satoo Nakano, Ryotaro Imamura
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f412bdb0-953d-4375-85c2-b87f3aa77d60

Simple Blog Card <= 1.31 – Sensitive Information Exposure

Affected Software: Simple Blog Card
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/36cec19a-4631-4ada-b37a-f4b2dc264096

Subscribers Text Counter <= 1.7 – Cross-Site Request Forgery to Settings Update and Cross-Site Scripting

Affected Software: Subscribers Text Counter
CVE ID: CVE-2023-3356
CVSS Score: 4.3 (Medium)
Researcher/s: Pallab Jyoti Borah
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a548e71f-4f36-4a29-8293-474e119f09cc

As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023) appeared first on Wordfence.

Leave a Comment