Wordfence Intelligence Weekly WordPress Vulnerability Report (July 17, 2023 to July 23, 2023)
Last week, there were 62 vulnerabilities disclosed in 1035 WordPress Plugins and 90 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface and vulnerability API are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
- Spectra Groups
wc4bp-groups WooCommerce Affiliate Plugin – Coupon Affiliates woo-coupon-usage WooCommerce Attribute Stock – Share Stock Between Products (Lite Version) attribute-stock-for-woocommerce WooCommerce Bulk Edit Coupons – WP Sheet Editor woo-coupons-bulk-editor WooCommerce Bulk Edit Products – WP Sheet Editor woo-bulk-edit-products WooCommerce Country Catalogs – Product Country Restrictions woo-country-restrictions-advanced WooCommerce Cross-Seller wc-cross-seller WooCommerce Customers Table: View, Search, Bulk Editor woo-customers-spreadsheet-bulk-edit WooCommerce Disable Payment Methods based on cart conditions woo-conditional-payment-gateways WooCommerce EU VAT Assistant woocommerce-eu-vat-assistant WooCommerce Etsy Integration exportfeed-for-woocommerce-product-to-etsy WooCommerce Extra Fees Lite – Use for Extra charge + Conditional Fee + Extra Cost for WooCommerce woo-advanced-extra-fees-lite WooCommerce Google Ads Dynamic Remarketing woocommerce-google-dynamic-retargeting-tag WooCommerce Google Analytics Integration By Advanced WC Analytics advance-wc-analytics WooCommerce Google Sheet Connector wc-gsheetconnector WooCommerce Next Order Coupon next-order-coupon-woocommerce WooCommerce PayPlug woocommerce-payplug WooCommerce Role Based Pricing by Meow Crew role-and-customer-based-pricing-for-woocommerce WooCommerce Shipping gateway per Product woocommerce-shipping-gateway-per-product WooCommerce Simple Frontend Manager woo-simple-frontend-manager WooCommerce upcoming Products woocommerce-upcoming-product Woocommerce Customers Order History woo-customers-order-history Woocommerce Delivery Date Premium woocommerce-delivery-date WoowGallery – image gallery / content gallery / ecommerce gallery / social gallery / video gallery / album photo gallery woowgallery Word Count Analysis word-count-analysis WordApp Mobile App Plugin – Convert your WordPress Site to a Mobile App wordapp-mobile-app WordLive | Livecall Addon for Woocommerce wordlive-livecall-addon-for-woocommerce WordPress Animation Plugin – Animated Everything animate-everything WordPress Auto SEO Plugin – Upfiv SEO Wizard upfiv-complete-all-in-one-seo-wizard WordPress Behance Plugin – Make a Portfolio, Feed, Gallery, Slider and More gs-behance-portfolio WordPress Books Gallery wp-books-gallery WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule buffer-my-post WordPress Coupon Plugin for Bloggers and Marketers – WP Offers wp-offers WordPress Easy Call Now Button by elixirs.io easy-call-now-button WordPress Editable Posts Table for the Frontend bulk-edit-posts-on-frontend WordPress Everse Starter Sites – Elementor Templates everse-starter-sites WordPress Form Customizer | CF7 Customizer cf7-customizer WordPress Gallery Plugin – Edge Photo Gallery edge-gallery WordPress Gallery Plugin – NextGEN Gallery nextgen-gallery WordPress Google Translate wpgt-google-translate WordPress Gutenberg Blocks, Bootstrap Blocks, WPForms Styler – Blockington blockington WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support WordPress Image Compression and Optimizer Plugin – CheetahO cheetaho-image-optimizer WordPress Job Board and Recruitment Plugin – JobWP jobwp WordPress Language wordpress-language WordPress News Plugin – TopNewsWp wp-top-news WordPress Notification Bar Plugin – TinyBar tiny-bar WordPress Persistent Login wp-persistent-login WordPress Reviews by ReviewPress reviewpress WordPress SEO Audit Plugin – WP Site Auditor seo-site-auditor-agency WordPress SEO Checklist seo-checklist WordPress Shortcodes Plugin — Shortcodes Ultimate shortcodes-ultimate WordPress Slider Block Gutenslider gutenslider WordPress Slider Plugin – Block Slider block-slider WordPress Slideshow Gallery Plugin – Easy Slideshow easy-slideshow WordPress Table Builder – TableGenie table-genie WordPress Testimonial Plugin – HmTestimonial hm-testimonial WordPress Translation plugin for Post, Pages & WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator. tranzly WordPress YouTube, Vimeo and more elements security Plugin (GDPR) simple-youtube-gdpr WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto tripetto Wp My Admin Bar wp-my-admin-bar WpStream – Live Streaming, Video on Demand, Pay Per View wpstream WritersBlok AI Content Generator for WordPress writersblok-ai XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] faq-for-woocommerce XT Ajax Add To Cart for WooCommerce xt-woo-ajax-add-to-cart XT Floating Cart for WooCommerce woo-floating-cart-lite XT Points & Rewards for WooCommerce xt-woo-points-rewards XT Quick View for WooCommerce xt-woo-quick-view-lite XT Variation Swatches for WooCommerce xt-woo-variation-swatches YARPP – Yet Another Related Posts Plugin yet-another-related-posts-plugin Yasr – Yet Another Stars Rating yet-another-stars-rating Yatri Tools yatri-tools YouTube Easy Embed (Wall/Rail) easy-embed-for-youtube-wall YouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin youram-youtube-embed YourMembership Single Sign On – YM SSO Login login-with-yourmembership Yummy Recipes yummy-recipes Zipcode Redirect zip-codes-redirect a-staff – Team member showcase plugin for WordPress a-staff annasta Woocommerce Product Filters annasta-woocommerce-product-filters arscode-ninja-popups arscode-ninja-popups azw woocommerce file uploads azw-woocommerce-file-uploads bbResolutions bbresolutions eCommerce Addon ecommerce-addon eCommerce Shopping Cart and Funnel Builder – Studiocart studiocart eRoom – Zoom Meetings & Webinars eroom-zoom-meetings-webinar enhanced-catalog-images-for-woocommerce enhanced-catalog-images-for-woocommerce freemage freemage id:CRM Contacts & Companies idcrm-contacts-companies integrate automate integrate-automate jav’s – WooCommerce and Trello integration WooTrello wootrello kk Star Ratings kk-star-ratings myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin mycred netFORUM Single Sign On avectra-netforum-single-sign-on remove-cart-and-query-button woo-remove-cart-and-query-button what3words Address Field 3-word-address-validation-field wpShopGermany IT-RECHT KANZLEI wpshopgermany-it-recht-kanzlei Кнопка ЮMoney yandex-money-button WordPress Themes with Reported Vulnerabilities Last Week
Software Name Software Slug Agncy agncy Amela amela Aquarella Lite aquarella-lite Arendelle arendelle Bani bani Baton baton BingoPress bingopress Bizpress bizpress Blockst blockst BlogHub bloghub Bootstrap Blog bootstrap-blog Bootstrap Coach bootstrap-coach Bootstrap Fitness bootstrap-fitness Bootstrap Photography bootstrap-photography Brand brand Brasserie brasserie Broadcast Lite broadcast-lite Chained chained Chic Lifestyle chic-lifestyle ConsultPress Lite consultpress-lite Corporate Event corporate-event Cuisine Palace cuisine-palace Cyclone Blog cyclone-blog Deadline deadline Dostart dostart EduPress edupress Eighteen tags eighteen-tags Elasta elasta Elation elation Everse everse Fire Blog fire-blog Fortune fortune G Blog g-blog Gema Lite gema-lite Gump gump GutenBook gutenbook Gym Express gym-express Hasium hasium Hive Lite hive-lite Hotelica hotelica Julia Lite julia-lite Krste krste LearnMore learnmore Lifestyle Magazine lifestyle-magazine MedicPress Lite medicpress-lite MedikAid | Medical Health Care RTL WordPress Theme medikaid Meridia meridia Monograph monograph Nasio nasio News Unlimited news-unlimited NewsHit newshit NicheBase nichebase Nokke nokke Ona ona One Page Conference one-page-conference Patch Lite patch-lite PixiGo pixigo Purosa purosa Purus purus Relax Spa relax-spa Roven Blog roven-blog Rovenstart rovenstart SalesZone saleszone Salzburg Blog salzburg-blog Shuban shuban Silk Lite silk-lite Simplifii simplifii Speculor speculor Startup Blog startup-blog Suffice suffice Techism techism Temp Mail X temp-mail-x The Authority the-authority Topcat Lite topcat-lite TotalPress totalpress Travel Agency Booking travel-agency-booking Travel Tour travel-tour Unakit unakit Videoblog videoblog Villar villar Viralike viralike WP Magazine wp-magazine WP Moose wp-moose WP Sierra wp-sierra WP-Forge wp-forge WPCake wpcake Wellness wellness Whimsy Framework whimsy-framework Yuki yuki start start Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.
Subscribe to Category
Source: wordfence.com