Last week, there were 86 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. **Review those vulnerabilities in this report now to ensure your site is not affected.**
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, and webhook integration are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
_[Click here to sign-up for our mailing list]() to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published. _
* * *
### New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our [Premium](), [Care](), and [Response]() customers last week:
* WAF-RULE-622, data redacted while we work with the developer to ensure this vulnerability gets patched.
* WAF-RULE-623, data redacted while we work with the developer to ensure this vulnerability gets patched.
Wordfence [Premium](), [Care](), and [Response]() customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
* * *
### Total Unpatched & Patched Vulnerabilities Last Week
**Patch Status** | **Number of Vulnerabilities**
—|—
Unpatched | 25
Patched | 61
* * *
### Total Vulnerabilities by CVSS Severity Last Week
**Severity Rating** | **Number of Vulnerabilities**
—|—
Low Severity | 0
Medium Severity | 63
High Severity | 19
Critical Severity | 4
* * *
### Total Vulnerabilities by CWE Type Last Week
**Vulnerability Type by CWE** | **Number of Vulnerabilities**
—|—
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) | 25
Missing Authorization | 21
Cross-Site Request Forgery (CSRF) | 20
Unrestricted Upload of File with Dangerous Type | 4
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) | 4
Improper Privilege Management | 3
Authorization Bypass Through User-Controlled Key | 2
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) | 2
Server-Side Request Forgery (SSRF) | 1
Improper Authorization | 1
Improper Authentication | 1
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) | 1
Deserialization of Untrusted Data | 1
* * *
### Researchers That Contributed to WordPress Security Last Week
**Researcher Name** | **Number of Vulnerabilities**
—|—
[Rafie Muhammad]() | 13
[Lana Codes]()
(Wordfence Vulnerability Researcher) | 11
[Mika]() | 5
[Marco Wotschka]()
(Wordfence Vulnerability Researcher) | 4
[Abdi Pranata]() | 4
[Cat]() | 3
[Rio Darmawan]() | 2
[Aman Rawat]() | 2
[thiennv]() | 2
[Skalucy]() | 2
[Jonas Höbenreich]() | 2
[Erwan LR]() | 2
[OZ1NG (TOOR, LISA)]() | 2
[Ramuel Gall]()
(Wordfence Vulnerability Researcher) | 2
[Phd]() | 2
[minhtuanact]() | 2
[LEE SE HYOUNG]() | 2
[Ivy]() | 1
[Bob Matyas]() | 1
[Rafshanzani Suhada]() | 1
[deokhunKim]() | 1
[Nguyen Hoang Nam]() | 1
[Dmitrii Ignatyev]() | 1
[Taihei Shimamine]() | 1
[Satoo Nakano]() | 1
[Ryotaro Imamura]() | 1
[Mesh3l_911]() | 1
[Dmitrii]() | 1
[Nguyen Xuan Chien]() | 1
[Alexander Concha]() | 1
[Daniel Ruf]() | 1
[Robert DeVore]() | 1
[Sayandeep Dutta]() | 1
[Truoc Phan]() | 1
[Robert Rowley]() | 1
[tnt24]() | 1
_Are you a security researcher who would like to be featured in our weekly vulnerability report?_ You can responsibly disclose your WordPress vulnerability discoveries to us and [obtain a CVE ID through this form](). Responsibly disclosing your vulnerability discoveries to us will also get your name added on the [Wordfence Intelligence leaderboard]() along with being mentioned in our weekly vulnerability report.
* * *
### WordPress Plugins with Reported Vulnerabilities Last Week
**Software Name** | **Software Slug**
—|—
AI ChatBot | [chatbot]()
ARMember Premium â Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | [armember]()
Absolute Privacy | [absolute-privacy]()
Accordion and Accordion Slider | [accordion-and-accordion-slider]()
Advanced Custom Fields Pro | [advanced-custom-fields-pro]()
All Users Messenger | [all-users-messenger]()
BigBlueButton | [bigbluebutton]()
Biometric Login For WooCommerce | [biometric-login-for-woocommerce]()
Booking Package | [booking-package]()
Canto | [canto]()
Donations Made Easy â Smart Donations | [smart-donations]()
Easy Cookie Law | [easy-cookie-law]()
Easy!Appointments | [easyappointments]()
Email Template Designer â WP HTML Mail | [wp-html-mail]()
EmbedPress â Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor | [embedpress]()
FULL â Customer | [full-customer]()
Fusion Builder | [fusion-builder]()
Futurio Extra | [futurio-extra]()
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) | [gdpr-cookie-compliance]()
Gutenberg Blocks by Kadence Blocks â Page Builder Features | [kadence-blocks]()
Highcompress Image Compressor | [high-compress]()
ImageRecycle pdf & image compression | [imagerecycle-pdf-image-compression]()
JCH Optimize | [jch-optimize]()
Jupiter X Core | [jupiterx-core]()
Justified Gallery | [justified-gallery]()
Kangu para WooCommerce | [kangu]()
Leyka | [leyka]()
MailChimp Forms by MailMunch | [mailchimp-forms-by-mailmunch]()
Ninja Forms Contact Form â The Drag and Drop Form Builder for WordPress | [ninja-forms]()
Online Booking & Scheduling Calendar for WordPress by vcita | [meeting-scheduler-by-vcita]()
POEditor | [poeditor]()
Photo Gallery by Ays â Responsive Image Gallery | [gallery-photo-gallery]()
PixTypes | [pixtypes]()
Popup by Supsystic | [popup-by-supsystic]()
Portfolio and Projects | [portfolio-and-projects]()
Post Grid Combo â 36+ Blocks for Gutenberg | [post-grid]()
Post Timeline | [post-timeline]()
Premium Courses & eLearning with Paid Memberships Pro for LearnDash, LifterLMS, Sensei LMS & TutorLMS | [pmpro-courses]()
Premium Packages â Sell Digital Products Securely | [wpdm-premium-packages]()
Printful Integration for WooCommerce | [printful-shipping-for-woocommerce]()
Product Attachment for WooCommerce | [woo-product-attachment]()
Profile Builder â User Profile & User Registration Forms | [profile-builder]()
Rate my Post â WP Rating System | [rate-my-post]()
Real Estate Manager â Property Listing and Agent Management | [real-estate-manager]()
Realia | [realia]()
Responsive WordPress Slider â Avartan Slider Lite | [avartan-slider-lite]()
SB Child List | [sb-child-list]()
SendPress Newsletters | [sendpress]()
Sign-up Sheets | [sign-up-sheets]()
Stock Ticker | [stock-ticker]()
The Post Grid â Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid | [the-post-grid]()
Theme Demo Import | [theme-demo-import]()
Themesflat Addons For Elementor | [themesflat-addons-for-elementor]()
Ultimate Member â User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | [ultimate-member]()
User Activity Log | [user-activity-log]()
User Activity Tracking and Log | [user-activity-tracking-and-log]()
Visual Website Collaboration, Feedback & Project Management â Atarim | [atarim-visual-collaboration]()
WP 404 Auto Redirect to Similar Post | [wp-404-auto-redirect-to-similar-post]()
WP Categories Widget | [wp-categories-widget]()
WP Like Button | [wp-like-button]()
WP Pipes | [wp-pipes]()
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more | [woo-pdf-invoice-builder]()
WxSync-æ åäºå¾®ä¿¡å
¬ä¼å·æç« å
è´¹éé-ä»»æå
¬ä¼ style=”height: 40px; background-color: rgba(45, 45, 45, 0.05); width: 23.8959%; text-align: center;”>[wxsync]()
YITH WooCommerce Waitlist | [yith-woocommerce-waiting-list]()
demon image annotation | [demon-image-annotation]()
flowpaper | [flowpaper-lite-pdf-flipbook]()
wSecure Lite | [wsecure]()
woocommerce-one-page-checkout | [woocommerce-one-page-checkout]()
* * *
### WordPress Themes with Reported Vulnerabilities Last Week
**Software Name** | **Software Slug**
—|—
Avada | Website Builder For WordPress & WooCommerce | [Avada]()
Betheme | [betheme]()
Business Pro | [business-pro]()
* * *
### Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you shouldâve already been notified if your site was affected by any of these vulnerabilities.
#### [Kadence Blocks <= 3.1.10 – Unauthenticated Arbitrary File Upload]()
**Affected Software**: [Gutenberg Blocks by Kadence Blocks â Page Builder Features]()
**CVE ID**: CVE Unknown
**CVSS Score**: 9.8 (Critical)
**Researcher/s**: Unknown
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Canto <= 3.0.4 – Unauthenticated Remote File Inclusion]()
**Affected Software**: [Canto]()
**CVE ID**: CVE-2023-3452
**CVSS Score**: 9.8 (Critical)
**Researcher/s**: [Marco Wotschka]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Biometric Login for WooCommerce <= 1.0.3 – Unauthenticated Privilege Escalation]()
**Affected Software**: [Biometric Login For WooCommerce]()
**CVE ID**: CVE Unknown
**CVSS Score**: 9.8 (Critical)
**Researcher/s**: [Alexander Concha]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Themesflat Addons For Elementor <= 2.0.0 – Unauthenticated PHP Object Injection]()
**Affected Software**: [Themesflat Addons For Elementor]()
**CVE ID**: CVE-2023-37390
**CVSS Score**: 9.8 (Critical)
**Researcher/s**: [Robert Rowley]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Realia <= 1.4.0 – Cross-Site Request Forgery to User Email Change]()
**Affected Software**: [Realia]()
**CVE ID**: CVE-2023-4277
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Lana Codes]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [WooCommerce PDF Invoice Builder <= 1.2.89 – Authenticated (Subscriber+) SQL Injection via Export]()
**Affected Software**: [WooCommerce PDF Invoice Builder, Create invoices, packing slips and more]()
**CVE ID**: CVE-2023-3677
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Marco Wotschka]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Fusion Builder <= 3.11.1 – Authenticated (Subscriber+) SQL Injection]()
**Affected Software**: [Fusion Builder]()
**CVE ID**: CVE-2023-39309
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Premium Packages – Sell Digital Products Securely <= 5.7.4 – Arbitrary User Meta Update to Authenticated (Subscriber+) Privilege Escalation]()
**Affected Software**: [Premium Packages â Sell Digital Products Securely]()
**CVE ID**: CVE-2023-4293
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Lana Codes]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [FULL – Customer <= 2.2.3 – Authenticated(Subscriber+) Improper Authorization to Arbitrary Plugin Installation]()
**Affected Software**: [FULL â Customer]()
**CVE ID**: CVE-2023-4243
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Ramuel Gall]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Avada <= 7.11.1 – Authenticated(Author+) Arbitrary File Upload via Zip Extraction]()
**Affected Software**: [Avada | Website Builder For WordPress & WooCommerce]()
**CVE ID**: CVE-2023-39312
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Real Estate Manager <= 6.7.1 – Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation]()
**Affected Software**: [Real Estate Manager â Property Listing and Agent Management]()
**CVE ID**: CVE-2023-4239
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Lana Codes]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Absolute Privacy <= 2.1 – Cross-Site Request Forgery to User Email/Password Change]()
**Affected Software**: [Absolute Privacy]()
**CVE ID**: CVE-2023-4276
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Lana Codes]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [WooCommerce One Page Checkout <= 2.3.0 – Authenticated (Contributor+) Local File Inclusion via `woocommerce_one_page_checkout`]()
**Affected Software**: [woocommerce-one-page-checkout]()
**CVE ID**: CVE-2023-35881
**CVSS Score**: 8.8 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Avada <= 7.11.1 – Authenticated(Contributor+) Server Side Request Forgery via ‘ajax_import_options’]()
**Affected Software**: [Avada | Website Builder For WordPress & WooCommerce]()
**CVE ID**: CVE-2023-39313
**CVSS Score**: 8.5 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [JupiterX Core 3.0.0 – 3.3.0 – Missing Authorization]()
**Affected Software**: [Jupiter X Core]()
**CVE ID**: CVE-2023-38385
**CVSS Score**: 8.3 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Easy!Appointments <= 1.3.1 – Authenticated(Subscriber+) Arbitrary File Deletion via ‘disconnect’]()
**Affected Software**: [Easy!Appointments]()
**CVE ID**: CVE-2023-32295
**CVSS Score**: 8.1 (High)
**Researcher/s**: [Jonas Höbenreich]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Post Grid <= 2.2.50 – Missing Authorization to Sensitive Information Exposure via REST API]()
**Affected Software**: [Post Grid Combo â 36+ Blocks for Gutenberg]()
**CVE ID**: CVE-2023-40211
**CVSS Score**: 7.5 (High)
**Researcher/s**: [Mika]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Avada <= 7.11.1 – Authenticated(Contributor+) Arbitrary File Upload via ‘ajax_import_options’]()
**Affected Software**: [Avada | Website Builder For WordPress & WooCommerce]()
**CVE ID**: CVE-2023-39307
**CVSS Score**: 7.5 (High)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [User Activity Log <= 1.6.5 – Unauthenticated Data Export to Sensitive Information Disclosure]()
**Affected Software**: [User Activity Log]()
**CVE ID**: CVE-2023-4269
**CVSS Score**: 7.5 (High)
**Researcher/s**: [Daniel Ruf]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Theme Demo Import <= 1.1.1 – Authenticated (Administrator+) Arbitrary File Upload]()
**Affected Software**: [Theme Demo Import]()
**CVE ID**: CVE-2023-28170
**CVSS Score**: 7.2 (High)
**Researcher/s**: [deokhunKim]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [WP 404 Auto Redirect to Similar Post <= 1.0.3 – Authenticated (Administrator+) Stored Cross-Site Scripting]()
**Affected Software**: [WP 404 Auto Redirect to Similar Post]()
**CVE ID**: CVE-2023-40206
**CVSS Score**: 7.2 (High)
**Researcher/s**: [Taihei Shimamine]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Donations Made Easy â Smart Donations <= 4.0.12 – Authenticated (Administrator+) SQL Injection]()
**Affected Software**: [Donations Made Easy â Smart Donations]()
**CVE ID**: CVE-2023-40207
**CVSS Score**: 7.2 (High)
**Researcher/s**: [minhtuanact]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Demon image annotation <= 5.1 – Authenticated (Administrator+) SQL Injection]()
**Affected Software**: [demon image annotation]()
**CVE ID**: CVE-2023-40215
**CVSS Score**: 7.2 (High)
**Researcher/s**: [LEE SE HYOUNG]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Fusion Builder <= 3.11.1 – Cross-Site Request Forgery]()
**Affected Software**: [Fusion Builder]()
**CVE ID**: CVE-2023-39311
**CVSS Score**: 6.5 (Medium)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Accordion and Accordion Slider <= 1.2.4 – Missing Authorization via ‘wp_aas_get_attachment_edit_form’ and ‘wp_aas_save_attachment_data’]()
**Affected Software**: [Accordion and Accordion Slider]()
**CVE ID**: CVE-2023-39996
**CVSS Score**: 6.5 (Medium)
**Researcher/s**: [Cat]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Betheme <= 27.1.1 – Missing Authorization via ‘_tool_history_delete’]()
**Affected Software**: [Betheme]()
**CVE ID**: CVE-2023-39998
**CVSS Score**: 6.5 (Medium)
**Researcher/s**: [Rafie Muhammad]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Highcompress Image Compressor <= 4.0.0 – Missing Authorization via multiple AJAX actions]()
**Affected Software**: [Highcompress Image Compressor]()
**CVE ID**: CVE-2023-40209
**CVSS Score**: 6.5 (Medium)
**Researcher/s**: [Abdi Pranata]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [EmbedPress <= 3.8.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode]()
**Affected Software**: [EmbedPress â Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor]()
**CVE ID**: CVE-2023-4283
**CVSS Score**: 6.4 (Medium)
**Researcher/s**: [Lana Codes]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [WxSync <= 2.7.23 – Authenticated (Contributor+) Stored Cross-Site Scripting]()
**Affected Software**: [WxSync-æ åäºå¾®ä¿¡å
¬ä¼å·æç« å
è´¹éé-ä»»æå
¬ä¼å·èªå¨ééä»è´¹è´ä¹°]()
**CVE ID**: CVE-2023-39988
**CVSS Score**: 6.4 (Medium)
**Researcher/s**: [Rio Darmawan]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.2 – Authenticated (Contributor+) Stored Cross-Site Scripting]()
**Affected Software**: [Online Booking & Scheduling Calendar for WordPress by vcita]()
**CVE ID**: CVE-2023-39992
**CVSS Score**: 6.4 (Medium)
**Researcher/s**: [LEE SE HYOUNG]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [flowpaper <= 1.9.9 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode]()
**Affected Software**: [flowpaper]()
**CVE ID**: CVE-2023-40197
**CVSS Score**: 6.4 (Medium)
**Researcher/s**: [Mika]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [Popup by Supsystic <= 1.10.19 – Cross-Site Request Forgery]()
**Affected Software**: [Popup by Supsystic]()
**CVE ID**: CVE-2023-39997
**CVSS Score**: 6.3 (Medium)
**Researcher/s**: [Rafshanzani Suhada]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Stock Ticker <= 3.23.3 – Reflected Cross-Site Scripting in ajax_stockticker_load]()
**Affected Software**: [Stock Ticker]()
**CVE ID**: CVE-2023-40208
**CVSS Score**: 6.1 (Medium)
**Researcher/s**: [Aman Rawat]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [BigBlueButton <= 3.0.0-beta.4 – Reflected Cross-Site Scripting]()
**Affected Software**: [BigBlueButton]()
**CVE ID**: CVE-2023-39991
**CVSS Score**: 6.1 (Medium)
**Researcher/s**: [Marco Wotschka](), [Ivy]()
**Patch Status**: Unpatched
**Vulnerability Details:**
* * *
#### [ImageRecycle pdf & image compression <= 3.1.11 – Reflected Cross-Site Scripting]()
**Affected Software**: [ImageRecycle pdf & image compression]()
**CVE ID**: CVE-2023-40196
**CVSS Score**: 6.1 (Medium)
**Researcher/s**: [thiennv]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [Stock Ticker <= 3.23.2 – Reflected Cross-Site Scripting in ajax_stockticker_symbol_search_test]()
**Affected Software**: [Stock Ticker]()
**CVE ID**: CVE-2022-45365
**CVSS Score**: 6.1 (Medium)
**Researcher/s**: [Aman Rawat]()
**Patch Status**: Patched
**Vulnerability Details:**
* * *
#### [ImageRecycle pdf & image compression <= 3.1.10 – Reflected Cross-Site Scripting]()
**Affected Software**: [ImageRecycle pdf & image compression]()
**CVE ID**: CVE-2023-30494
**CVSS Score**: 6.1 (Medium)
**Researcher/s**: [OZ1NG (TOOR, LISA)]()
**Patch Status**: Patched
**Vulnerability Details:** Read More
References
Back to Main