Last week, there were 43 vulnerabilities disclosed in 38 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 23 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API and webhook notifications are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
JupiterX Core <= 3.3.8 – Unauthenticated Privilege Escalation
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
Patch Status
Number of Vulnerabilities
Unpatched
17
Patched
26
Total Vulnerabilities by CVSS Severity Last Week
Severity Rating
Number of Vulnerabilities
Low Severity
0
Medium Severity
35
High Severity
6
Critical Severity
2
Total Vulnerabilities by CWE Type Last Week
Vulnerability Type by CWE
Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
16
Missing Authorization
13
Cross-Site Request Forgery (CSRF)
8
Unrestricted Upload of File with Dangerous Type
2
Reliance on Untrusted Inputs in a Security Decision
1
Authentication Bypass Using an Alternate Path or Channel
1
Use of Less Trusted Source
1
Improper Privilege Management
1
Researchers That Contributed to WordPress Security Last Week
Researcher Name
Number of Vulnerabilities
yuyuddn
1
Skalucy
1
konagash
1
An Dang
1
Erwan LR
1
Mika
1
Lana Codes
(Wordfence Vulnerability Researcher)
1
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
Software Name
Software Slug
Category Slider for WooCommerce
woo-category-slider-grid
Collapse-O-Matic
jquery-collapse-o-matic
Cookies by JM
cookies-by-jm
DX-auto-save-images
dx-auto-save-images
DoLogin Security
dologin
ElementsKit Elementor addons
elementskit-lite
FTP Access
ftp-access
FV Flowplayer Video Player
fv-wordpress-flowplayer
Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager
folders
Herd Effects – fake notifications and social proof plugin
mwp-herd-effect
Hide My WP Ghost – Security Plugin
hide-my-wp
Jupiter X Core
jupiterx-core
Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages
page-builder-add
Leyka
leyka
Lock User Account
lock-user-account
Master Addons for Elementor
master-addons
MasterStudy LMS WordPress Plugin – for Online Courses and Education
masterstudy-lms-learning-management-system
Min Max Control – Min Max Quantity & Step Control for WooCommerce
woo-min-max-quantity-step-control-single
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor
post-and-page-builder
Posts Like Dislike
posts-like-dislike
Premmerce User Roles
premmerce-user-roles
Push Notification for Post and BuddyPress
push-notification-for-post-and-buddypress
ReviewX – Multi-criteria Rating & Reviews for WooCommerce
reviewx
Royal Elementor Addons and Templates
royal-elementor-addons
Save as Image plugin by Pdfcrowd
save-as-image-by-pdfcrowd
Save as PDF plugin by Pdfcrowd
save-as-pdf-by-pdfcrowd
Secure Admin IP
secure-admin-ip
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management
simple-urls
Slimstat Analytics
wp-slimstat
Sticky Social Media Icons
sticky-social-media-icons
Translate WordPress with GTranslate
gtranslate
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress
url-shortify
Vertical marquee plugin
vertical-marquee-plugin
Void Elementor Post Grid Addon for Elementor Page builder
void-elementor-post-grid-addon-for-elementor-page-builder
WP Adminify – WordPress Dashboard Customization | Custom Login | Admin Columns | Dashboard Widget | Media Library Folders
adminify
WP VK-付费内容插件(付费阅读/资料/工具软件资源管理)
wp-vk
gAppointments – Appointment booking addon for Gravity Forms
gAppointments
iThemes Sync
ithemes-sync
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.
JupiterX Core <= 3.3.5 – Unauthenticated Arbitrary File Upload
CVE ID: CVE-2023-38388
CVSS Score: 9.8 (Critical)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/980a9237-7dea-4058-a850-b849457b4fef
JupiterX Core <= 3.3.8 – Unauthenticated Privilege Escalation
CVE ID: CVE-2023-38389
CVSS Score: 9.8 (Critical)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/b894473b-b2ed-475b-892e-603db609f88a
Folders <= 2.9.2 – Authenticated (Author+) Arbitrary File Upload
CVE ID: CVE Unknown
CVSS Score: 8.8 (High)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/35afef52-350c-4b61-b9c0-3ae2572f81fb
Premmerce User Roles <= 1.0.12 – Missing Authorization via role management functions
CVE ID: CVE-2023-41130
CVSS Score: 8.3 (High)
Researcher/s: Nguyen Xuan Chien
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f53cd4a3-a6db-42c2-b4d8-218071c4bcd4
Master Addons for Elementor <= 2.0.3 – Missing Authorization
CVE ID: CVE-2023-40679
CVSS Score: 7.3 (High)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6150c355-1046-483e-aa8b-463c3752021d
MasterStudy LMS <= 3.0.17 – Privilege Escalation
CVE ID: CVE-2023-4278
CVSS Score: 7.3 (High)
Researcher/s: Revan Arifio
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/df00c8bc-8acd-4197-86fe-b88cb47d52c3
Simple URLs <= 117 – Unauthenticated Cross-Site Scripting
CVE ID: CVE-2023-40667
CVSS Score: 7.2 (High)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/54c38be0-ffe7-4fa4-b5c9-cb717c11aed5
URL Shortify <= 1.7.5 – Unauthenticated Stored Cross-Site Scripting via Referrer Header
CVE ID: CVE-2023-4294
CVSS Score: 7.2 (High)
Researcher/s: Bartłomiej Marek, Tomasz Swiadek
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/7b452283-9f0d-469b-b1b8-4bd253f9ea1d
Collapse-O-Matic <= 1.8.4 – Authenticated (Contributor+) Stored Cross-Site Scripting
CVE ID: CVE-2023-40669
CVSS Score: 6.4 (Medium)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/aa85abba-e13f-42cd-8f13-432ed375fb37
Simple URLs <= 117 – Authenticated (Contributor+) Stored Cross-Site Scripting
CVE ID: CVE-2023-40674
CVSS Score: 6.4 (Medium)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/f8147f63-91a5-457c-8259-8e4ddf5c67e4
FTP Access <= 1.0 – Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting
CVE ID: CVE-2023-3510
CVSS Score: 6.1 (Medium)
Researcher/s: Bob Matyas
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/0a1e0d55-2894-450b-afaf-134a13512403
gAppointments – Appointment booking addon for Gravity Forms <= 1.9.7 – Reflected Cross-Site Scripting
CVE ID: CVE-2023-2705
CVSS Score: 6.1 (Medium)
Researcher/s: Carlos David Garrido León
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/19983f79-b439-4bb0-8f29-8312f1ff9791
Min Max Control <= 4.5 – Reflected Cross-Site Scripting
CVE ID: CVE-2023-4270
CVSS Score: 6.1 (Medium)
Researcher/s: Animesh Gaurav
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/4240fcda-c61d-4888-8837-5012e5ba1f26
Elements kit Elementor addons <= 2.9.1 – Missing Authorization
CVE ID: CVE-2023-39993
CVSS Score: 5.4 (Medium)
Researcher/s: Rafie Muhammad
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5ff589ec-756d-4183-8bb8-61dae9be7c5d
FV Flowplayer Video Player <= 7.5.37.7212 – Insufficient Input Validation to Unauthenticated Stored Cross-Site Scripting and Arbitrary Usermeta Update
CVE ID: CVE-2023-4520
CVSS Score: 5.4 (Medium)
Researcher/s: Lana Codes
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c55ca7d4-6bc0-49c9-8ce0-50fff8775a76
Void Elementor Post Grid Addon for Elementor Page builder <= 2.1.10 – Missing Authorization to Review Notice Dismissal
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/1b847857-5dc9-4793-b9d6-759f27377fe3
Push Notification for Post and BuddyPress <= 1.63 – Missing Authorization to Unauthenticated Admin Notice Dismissal
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/228a3c72-fbb0-48bc-8066-6ca954a14421
Hide My WP Ghost <= 5.0.25 – CAPTCHA Bypass in brute_math_authenticate
CVE ID: CVE-2023-34001
CVSS Score: 5.3 (Medium)
Researcher/s: konagash
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5618db77-fe74-4982-92b3-cec554640bde
Posts Like Dislike <= 1.1.1 – Missing Authorization to Authenticated (Subscriber+) Plugin Setting Reset
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/8babc42a-c45c-423f-bd09-da7afb947691
Secure Admin IP <= 2.0 – Missing Authorization via ‘saveSettings’
CVE ID: CVE-2023-41133
CVSS Score: 5.3 (Medium)
Researcher/s: Mika
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/a0f38af7-7753-4dbe-a4fd-e9a01785dd13
DoLogin Security <= 3.6 – IP Address Spoofing
CVE ID: CVE Unknown
CVSS Score: 5.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/def06edd-ea4f-4b49-9902-b179d40e4133
Vertical Marquee Plugin <= 7.1 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE-2023-40677
CVSS Score: 4.4 (Medium)
Researcher/s: yuyuddn
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/06c86c87-840c-4ca6-9582-98254194eb1b
Cookies by JM <= 1.0 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE-2023-40604
CVSS Score: 4.4 (Medium)
Researcher/s: Nithissh S
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3aa2a693-831b-44e7-b158-99fecf6506be
Slimstat Analytics <= 5.0.8 – Authenticated (Administrator+) Stored Cross-Site Scripting via settings
CVE ID: CVE-2023-40676
CVSS Score: 4.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/3c14a863-2aed-4f65-a0e3-eb73e485ce85
Save as PDF plugin by Pdfcrowd <= 2.16.0 – Authenticated (Administrator+) Stored Cross-Site Scripting via admin settings
CVE ID: CVE-2023-40668
CVSS Score: 4.4 (Medium)
Researcher/s: Mahesh Nagabhairava
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/52056177-8604-48b9-ab50-d0dc1e13a3d5
GTranslate <= 3.0.3 – Authenticated (Administrator+) Cross-Site Scripting via Multiple Parameters
CVE ID: CVE Unknown
CVSS Score: 4.4 (Medium)
Researcher/s: Unknown
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/5e24be91-6a58-42c3-84dd-4090da55b720
WP Adminify <= 3.1.5 – Authenticated (Admin+) Stored Cross-Site Scripting
CVE ID: CVE-2023-4060
CVSS Score: 4.4 (Medium)
Researcher/s: Dipak Panchal
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/6ac72136-7911-4980-92b0-9bf18bed2201
Save as Image plugin by Pdfcrowd <= 2.16.0 – Authenticated (Administrator+) Stored Cross-Site Scripting via settings
CVE ID: CVE-2023-40665
CVSS Score: 4.4 (Medium)
Researcher/s: Mahesh Nagabhairava
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/74b284b7-ec0a-42c1-82e5-0c8cb422c0c5
Leyka <= 3.30.3 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE-2023-2995
CVSS Score: 4.4 (Medium)
Researcher/s: An Dang
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/95210ed8-4606-44fa-b823-b33e1d4a4ce0
Landing Page Builder <= 1.5.1.1 – Authenticated (Administrator+) Stored Cross-Site Scripting
CVE ID: CVE-2023-40675
CVSS Score: 4.4 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/c2e83cb5-3c10-45dc-b37e-4d47ebc6853d
WP VK-付费内容插件 <= 1.3.3 – Cross-Site Request Forgery via AJions
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/0c6bc786-341a-4ab6-b86e-d21bb3dbf298
iThemes Sync <= 2.1.13 – Cross-Site Request Forgery and Missing Authorization via ‘hide_authenticate_notice’
CVE ID: CVE-2023-40001
CVSS Score: 4.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/0f9229f2-e7dd-43c9-9c15-9b76c13e895b
Simple URLs <= 117 – Missing Authorization via AJAX actions
CVE ID: CVE-2023-40678
CVSS Score: 4.3 (Medium)
Researcher/s: Rafshanzani Suhada
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/118e1a8c-a638-4571-9ce9-cf2cba4b9b06
DX-auto-save-images <= 1.4.0 – Cross-Site Request Forgery
CVE ID: CVE-2023-40671
CVSS Score: 4.3 (Medium)
Researcher/s: Skalucy
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/2f2fb51b-984c-4b82-98d4-9a681a1855a7
Royal Elementor Addons <= 1.3.75 – Cross-Site Request Forgery
CVE ID: CVE-2022-47175
CVSS Score: 4.3 (Medium)
Researcher/s: Muhammad Daffa
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/4809d513-69e8-4572-9549-9dba9f40cb80
Sticky Social Media Icons <= 2.0 – Missing Authorization via ajax_request_handle
CVE ID: CVE-2023-40672
CVSS Score: 4.3 (Medium)
Researcher/s: Nguyen Xuan Chien
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/58cfb328-40d0-4bea-a707-d5d6c1ce364a
ReviewX <= 1.6.17 – Missing Authorization in rx_coupon_from_submit
CVE ID: CVE-2023-40670
CVSS Score: 4.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9a9f4fb7-92f5-4136-9ca3-cf7bf5c0b717
Herd Effects <= 5.2.3 – Cross-Site Request Forgery to Effect Deletion
CVE ID: CVE-2023-4318
CVSS Score: 4.3 (Medium)
Researcher/s: Erwan LR
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/9fd15c0b-cd3b-45e7-8379-b0e64e64d6b1
Category Slider for WooCommerce <= 1.4.15 – Missing Authorization via notice dismissal functionality
CVE ID: CVE-2023-41132
CVSS Score: 4.3 (Medium)
Researcher/s: Abdi Pranata
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/ab1bd64b-8575-4ab4-bca5-8d5ce6f476d1
Simple URLs <= 117 – Cross-Site Request Forgery via AJAX actions
CVE ID: CVE Unknown
CVSS Score: 4.3 (Medium)
Researcher/s: Unknown
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/bf101b60-f12e-4326-8e39-96d6415a218d
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.24.1 – Cross-Site Request Forgery via submitDefaultEditor
CVE ID: CVE-2023-25480
CVSS Score: 4.3 (Medium)
Researcher/s: Rio Darmawan
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/bf801042-5cd5-424f-a25a-858302285170
Slimstat Analytics <= 5.0.5.1 – Missing Authorization via delete_pageview
CVE ID: CVE-2023-33994
CVSS Score: 4.3 (Medium)
Researcher/s: Rafshanzani Suhada
Patch Status: Patched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/cbb8501e-7e8b-4ed6-8792-c685a69de982
Lock User Account <= 1.0.3 – Cross-Site Request Forgery to Account Lock/Unlock
CVE ID: CVE-2023-4307
CVSS Score: 4.3 (Medium)
Researcher/s: Dmitrii Ignatyev
Patch Status: Unpatched
Vulnerability Details: https://wordfence.com/threat-intel/vulnerabilities/id/d06f265c-c1c1-4316-9526-3392f6ee31da
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (August 21, 2023 to August 27, 2023) appeared first on Wordfence.