Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now!
Over the last two weeks, there were 263 vulnerabilities disclosed in 217 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 42 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 12,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
_Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published. _
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Patch Status | Number of Vulnerabilities |
---|---|
Unpatched | 43 |
Patched | 220 |
Severity Rating | Number of Vulnerabilities |
---|---|
Low Severity | 1 |
Medium Severity | 212 |
High Severity | 30 |
Critical Severity | 20 |
Vulnerability Type by CWE | Number of Vulnerabilities |
---|---|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 77 |
Missing Authorization | 51 |
Cross-Site Request Forgery (CSRF) | 47 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 30 |
Unrestricted Upload of File with Dangerous Type | 9 |
Deserialization of Untrusted Data | 7 |
Information Exposure Through Log Files | 7 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 5 |
Information Exposure | 4 |
Protection Mechanism Failure | 3 |
Authorization Bypass Through User-Controlled Key | 3 |
Server-Side Request Forgery (SSRF) | 2 |
URL Redirection to Untrusted Site ('Open Redirect') | 2 |
Storage of Sensitive Data in a Mechanism without Access Control | 2 |
Weak Password Recovery Mechanism for Forgotten Password | 2 |
Improper Input Validation | 2 |
Improper Privilege Management | 1 |
Reliance on IP Address for Authentication | 1 |
External Control of File Name or Path | 1 |
Information Exposure Through Debug Information | 1 |
Use of Less Trusted Source | 1 |
Improper Authentication | 1 |
Improper Authorization | 1 |
Improper Access Control | 1 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 1 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | 1 |
Researcher Name | Number of Vulnerabilities |
---|---|
Rafie Muhammad | 61 |
Brandon James Roldan (tomorrowisnew) | 24 |
Muhammad Daffa | 23 |
Ngô Thiên An (ancorn_) | 16 |
LVT-tholv2k | 14 |
emad | 11 |
Abdi Pranata | 10 |
Joshua Chan | 10 |
Nguyen Xuan Chien | 9 |
Abu Hurayra (HurayraIIT) | 9 |
Mika | 6 |
Skalucy | 6 |
Dave Jong | 6 |
thiennv | 5 |
resecured.io | 5 |
Revan Arifio | 5 |
Huynh Tien Si | 3 |
wpdabh | 3 |
Le Ngoc Anh | 3 |
Dmitrii Ignatyev | 3 |
DoYeon Park (p6rkdoye0n) | 3 |
Hiroho Shimada | 2 |
Kyle Sanchez | 2 |
Hung -mov Nguyen | 2 |
Webbernaut | 2 |
Nguyen Anh Tien | 2 |
Jeongwoo-Lee(Roronoa) | 2 |
Elliot | 1 |
István Márton | |
(Wordfence Vulnerability Researcher) | 1 |
Taihei Shimamine | 1 |
Rein Daelman (trein) | 1 |
Robert DeVore | 1 |
Marc-Alexandre Montpas | 1 |
Vladislav Pokrovsky (ΞX.MI) | 1 |
Yuchen Ji | 1 |
Fariq Fadillah Gusti Insani (fariqfgi) | 1 |
Yudistira Arya | 1 |
Lucio Sá | 1 |
Francesco Carlucci | 1 |
Benmalek Aymen (centaurus) | 1 |
Nex Team | 1 |
Françoa Taffarel | 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
Software Name | Software Slug |
---|---|
404 Solution | 404-solution |
AI Power: Complete AI Pack – Powered by GPT-4 | gpt3-ai-content-generator |
AMP for WP – Accelerated Mobile Pages | accelerated-mobile-pages |
ARI Stream Quiz – WordPress Quizzes Builder | ari-stream-quiz |
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | armember-membership |
Accredible Certificates & Open Badges | accredible-certificates |
Active Products Tables for WooCommerce. Professional products tables for WooCommerce store | profit-products-tables-for-woocommerce |
Add Any Extension to Pages | add-any-extension-to-pages |
Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | advanced-access-manager |
Advanced Category Template | advanced-category-template |
Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms | advanced-form-integration |
Affiliates Manager | affiliates-manager |
All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs – My Sticky Elements | mystickyelements |
Apollo13 Framework Extensions | apollo13-framework-extensions |
Appointment & Event Booking Calendar Plugin – Webba Booking | webba-booking-lite |
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | simply-schedule-appointments |
Author Box, Guest Author and Co-Authors for Your Posts – Molongui | molongui-authorship |
Auto Amazon Links – Amazon Associates Affiliate Plugin | amazon-auto-links |
Awesome Support – WordPress HelpDesk & Support Plugin | awesome-support |
BERTHA AI. Your AI co-pilot for WordPress and Chrome | bertha-ai-free |
Back Button Widget | back-button-widget |
Backup Migration | backup-backup |
Beaver Builder – WordPress Page Builder | beaver-builder-lite-version |
Block IPs for Gravity Forms | gf-block-ips |
Booking Calendar | Appointment Booking |
Booking Manager | booking-manager |
Booking for Appointments and Events Calendar – Amelia | ameliabooking |
BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin | bookingpress-appointment-booking |
Booster Elite for WooCommerce | booster-elite-for-woocommerce |
Branda – White Label WordPress, Custom Login Page Customizer | branda-white-labeling |
Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content | brave-popup-builder |
BuddyPress | buddypress |
Build App Online | build-app-online |
BulkGate SMS Plugin for WooCommerce | woosms-sms-module-for-woocommerce |
Business Directory Plugin – Easy Listing Directories for WordPress | business-directory-plugin |
CBX Bookmark & Favorite | cbxwpbookmark |
CRM Perks Forms – WordPress Form Builder | crm-perks-forms |
CSS & JavaScript Toolbox | css-javascript-toolbox |
CURCY – Multi Currency for WooCommerce | UNKNOWN-CVE-2023-50831-1 |
Calculated Fields Form | calculated-fields-form |
Checkout Mestres WP | checkout-mestres-wp |
Clockwork SMS Notfications | mediaburst-email-to-sms |
Clone | wp-clone-by-wp-academy |
Colibri Page Builder | colibri-page-builder |
Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce | enhanced-e-commerce-for-woocommerce-store |
Crowdsignal Dashboard – Polls, Surveys & more | polldaddy |
Currency Converter Widget – Exchange Rates | currency-converter-widget |
Custom 404 Pro | custom-404-pro |
Custom Post Carousels with Owl | dd-post-carousel |
Custom Twitter Feeds – A Tweets Widget or X Feed Widget | custom-twitter-feeds |
Customer Reviews for WooCommerce | customer-reviews-woocommerce |
Customize My Account for WooCommerce | customize-my-account-for-woocommerce |
Dan's Embedder for Google Calendar | dans-gcal |
Database Cleaner: Clean, Optimize & Repair | database-cleaner |
Defender Security – Malware Scanner, Login Security & Firewall | defender-security |
Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan | antihacker |
Doofinder WP & WooCommerce Search | doofinder-for-woocommerce |
Duplicator – WordPress Migration & Backup Plugin | duplicator |
Dynamic Content for Elementor | dynamic-content-for-elementor |
E2Pdf – Export To Pdf Tool for WordPress | e2pdf |
Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) | easy-digital-downloads |
Easy PayPal & Stripe Buy Now Button | wp-ecommerce-paypal |
Easy Video Player | easy-video-player |
Eazy Plugin Manager – Powerful Plugin Management Solution for WordPress | plugins-on-steroids |
Enable Media Replace | enable-media-replace |
EnvíaloSimple: Email Marketing y Newsletters | envialosimple-email-marketing-y-newsletters-gratis |
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates | essential-blocks |
Event Monster – Event Management, Tickets Booking, Upcoming Event | event-monster |
Events Shortcodes For The Events Calendar | template-events-calendar |
Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | everest-backup |
Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! | everest-forms |
Export Media URLs | export-media-urls |
FOX – Currency Switcher Professional for WooCommerce | woocommerce-currency-switcher |
FastDup – Fastest WordPress Migration & Duplicator | fastdup |
Floating Button | floating-button |
Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin | fluent-support |
Form plugin for WordPress – Zoho Forms | zoho-forms |
Frontend Admin by DynamiApps | acf-frontend-form-element |
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits | funnel-builder |
FunnelKit Checkout | woofunnels-aero-checkout |
GEO my WordPress | geo-my-wp |
GeoDirectory – WordPress Business Directory Plugin, or Classified Directory | geodirectory |
Google Photos Gallery with Shortcodes | google-picasa-albums-viewer |
HT Mega – Absolute Addons For Elementor | ht-mega-for-elementor |
HTML Forms | html-forms |
HUSKY – Products Filter for WooCommerce Professional | woocommerce-products-filter |
Happy Addons for Elementor | happy-elementor-addons |
HashBar – WordPress Notification Bar | hashbar-wp-notification-bar |
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building | icegram |
If-So Dynamic Content Personalization | if-so |
Image Optimizer, Resizer and CDN – Sirv | sirv |
Image Source Control Lite – Show Image Credits and Captions | image-source-control-isc |
Impreza – WordPress Website and WooCommerce Builder | impreza |
Inline Image Upload for BBPress | image-upload-for-bbpress |
Insert or Embed Articulate Content into WordPress | insert-or-embed-articulate-content-into-wordpress |
Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site | integrate-google-drive |
JS Help Desk – Best Help Desk & Support Plugin | js-support-ticket |
JSM file_get_contents() Shortcode | wp-file-get-contents |
JVM Gutenberg Rich Text Icons | jvm-rich-text-icons |
Job Manager & Career – Manage job board listings, and recruitments | job-manager-career |
LA-Studio Element Kit for Elementor | lastudio-element-kit |
Limit Login Attempts Reloaded | limit-login-attempts-reloaded |
Loan Repayment Calculator and Application Form | quick-interest-slider |
Local Delivery Drivers for WooCommerce | local-delivery-drivers-for-woocommerce |
Login Lockdown – Protect Login Form | login-lockdown |
Login as User or Customer | login-as-customer-or-user |
Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation | gs-logo-slider |
MC4WP: Mailchimp for WordPress | mailchimp-for-wp |
MF Gig Calendar | mf-gig-calendar |
MStore API | mstore-api |
Mail logging – WP Mail Catcher | wp-mail-catcher |
Malware Scanner | miniorange-malware-protection |
Media File Renamer: Rename Files (Manual, Auto & AI) | media-file-renamer |
Menu Image, Icons made easy | menu-image |
Metform Elementor Contact Form Builder | metform |
Most And Least Read Posts Widget | most-and-least-read-posts-widget |
Multi Step Form | multi-step-form |
MultiVendorX Marketplace – WooCommetrce MultiVendor Marketplace Solution | dc-woocommerce-multi-vendor |
My Agile Privacy – The only GDPR solution for WordPress that you can truly trust | myagileprivacy |
NEX-Forms – Ultimate Form Builder – Contact forms and much more | nex-forms-express-wp-form-builder |
New User Approve | new-user-approve |
NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images | nitropack |
Page Generator | page-generator |
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction | paid-member-subscriptions |
Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | paid-memberships-pro |
Pay with Vipps for WooCommerce | woo-vipps |
Photo Gallery by 10Web – Mobile-Friendly Image Gallery | photo-gallery |
Piotnet Forms | piotnetforms |
Poll Maker – Best WordPress Poll Plugin | poll-maker |
Pre* Party Resource Hints | pre-party-browser-hints |
Product Catalog Simple | post-type-x |
Product Code for WooCommerce | product-code-for-woocommerce |
Product Feed Manager – WooCommerce to Google Shopping, Social Catalogs, and 170+ Popular Marketplaces | best-woocommerce-feed |
Product Filter by WBW | woo-product-filter |
Product Table by WBW | woo-product-tables |
Product Vendors | woocommerce-product-vendors |
ProfileGrid – User Profiles, Memberships, Groups and Communities | profilegrid-user-profiles-groups-and-communities |
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress | quiz-master-next |
Rate my Post – WP Rating System | rate-my-post |
Recipe Maker For Your Food Blog from Zip Recipes | zip-recipes |
Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit | wp-marketing-automations |
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | custom-registration-form-builder-with-submission-manager |
Rencontre – Dating Site | rencontre |
Republish Old Posts | republish-old-posts |
Restaurant Reservations | nd-restaurant-reservations |
Rise Blocks – A Complete Gutenberg Page Builder | rise-blocks |
Schema & Structured Data for WP & AMP | schema-and-structured-data-for-wp |
Send Users Email | send-users-email |
Sensei LMS – Online Courses, Quizzes, & Learning | sensei-lms |
Seos Contact Form | seos-contact-form |
Simple Counter | abwp-simple-counter |
Simple Job Board | simple-job-board |
Simple Membership | simple-membership |
Simple Staff List | simple-staff-list |
Slider by Soliloquy – Responsive Image Slider for WordPress | soliloquy-lite |
Spam protection, Anti-Spam, FireWall by CleanTalk | cleantalk-spam-protect |
Split Test For Elementor | split-test-for-elementor |
Squirrly SEO - Advanced Pack | squirrly-seo-pack |
Sticky Chat Widget: WhatsApp, Messenger, Click to chat, SMS, Email, Messages, Call Button, Contact form and more Chat buttons | sticky-chat-widget |
Stock Ticker | stock-ticker |
Store Locator WordPress | agile-store-locator |
Strong Testimonials | strong-testimonials |
Stylish Price List – Price Table Builder & QR Code Restaurant Menu | stylish-price-list |
SureFeedback Client Site | projecthuddle-child-site |
TerraClassifieds – Simple Classifieds Plugin | terraclassifieds |
Theme per user | theme-per-user |
Themify Icons | themify-icons |
Thrive Automator | thrive-automator |
Ultimate Addons for Beaver Builder | bb-ultimate-addon |
Ultimate Addons for WPBakery | Ultimate_VC_Addons |
Ultimate Dashboard – Custom WordPress Dashboard | ultimate-dashboard |
Uncanny Automator – Automate everything with the #1 no-code automation and integration plugin | uncanny-automator |
User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds | userfeedback-lite |
Verge3D Publishing and E-Commerce | verge3d |
WP Adminify – WordPress Dashboard Customization | Custom Login |
WP Affiliate Disclosure | wp-affiliate-disclosure |
WP Chat App | wp-whatsapp |
WP Crowdfunding | wp-crowdfunding |
WP Edit Username | wp-edit-username |
WP Frontend Profile | wp-front-end-profile |
WP Go Maps (formerly WP Google Maps) | wp-google-maps |
WP Job Portal – A Complete Job Board | wp-job-portal |
WP MLM SOFTWARE PLUGIN | wp-mlm |
WP Mail Log | wp-mail-log |
WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce | wp-optin-wheel |
WP Remote Site Search | wp-remote-site-search |
WP Review Slider | wp-facebook-reviews |
WP Shortcodes Plugin — Shortcodes Ultimate | shortcodes-ultimate |
WP Simple Booking Calendar | wp-simple-booking-calendar |
WP Stripe Checkout | wp-stripe-checkout |
WP Tabs – Responsive Tabs Plugin for WordPress | wp-expand-tabs-free |
WP User Profile Avatar | wp-user-profile-avatar |
WPC Product Bundles for WooCommerce | woo-product-bundle |
WPCS – WordPress Currency Switcher Professional | currency-switcher |
WS Form LITE – Drag & Drop Contact Form Builder for WordPress | ws-form |
Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition |
Welcart e-Commerce | usc-e-shop |
White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard | white-label |
WooCommerce Easy Duplicate Product | woo-easy-duplicate-product |
WooCommerce Menu Extension | woocommerce-menu-extension |
WooCommerce PDF Invoice Builder, Create invoices, packing slips and more | woo-pdf-invoice-builder |
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels | print-invoices-packing-slip-labels-for-woocommerce |
WooCommerce Per Product Shipping | woocommerce-shipping-per-product |
WooCommerce Ship to Multiple Addresses | woocommerce-shipping-multiple-addresses |
WooCommerce Stripe Payment Gateway | woocommerce-gateway-stripe |
WooCommerce Warranty Requests | woocommerce-warranty |
WooPayments – Fully Integrated Solution Built and Supported by Woo | woocommerce-payments |
Woocommerce Shipping Canada Post | woocommerce-shipping-canada-post |
WordPress Infinite Scroll – Ajax Load More | ajax-load-more |
WordPress.com Editing Toolkit | full-site-editing |
YITH WooCommerce Product Add-Ons | yith-woocommerce-product-add-ons |
ZeroBounce Email Verification & Validation | zerobounce |
eCommerce Product Catalog Plugin for WordPress | ecommerce-product-catalog |
iframe | iframe |
iframe Shortcode | iframe-shortcode |
uncode-core | uncode-core |
weForms – Easy Drag & Drop Contact Form Builder For WordPress | weforms |
Software Name | Software Slug |
---|---|
BuddyBoss Theme | [buddyboss-theme](<https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/BuddyBoss Theme>) |
Divi | Divi |
TheGem | thegem |
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities. If you'd like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
Affected Software: BERTHA AI. Your AI co-pilot for WordPress and Chrome CVE ID: CVE-2023-51419 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1b4630f7-74db-46c4-bf86-f1ff64be3463>
Affected Software: Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition CVE ID: CVE-2023-51424 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/24517dc6-4995-48ee-9b02-5c7c29d359f6>
Affected Software: Piotnet Forms CVE ID: CVE-2023-51412 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2f52298b-344b-4561-b1bf-93bea95a3e53>
Affected Software: Clone CVE ID: CVE-2023-6750 CVSS Score: 9.8 (Critical) Researcher/s: Dmitrii Ignatyev Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/44a921e7-cce3-4347-968d-76dab243fcd6>
Affected Software: Rencontre – Dating Site CVE ID: CVE-2023-51468 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/59be1fc7-2854-404d-8e9d-dd9bd26e6a2c>
Affected Software: Login as User or Customer CVE ID: CVE-2023-51484 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5b07ea6a-511d-44ab-b0b7-5124702ad47d>
Affected Software: Build App Online CVE ID: CVE-2023-51478 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/743e40f6-dde3-4d8f-938e-b2a0dcdfb901>
Affected Software: Frontend Admin by DynamiApps CVE ID: CVE-2023-51411 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7815322d-a240-4855-b458-60caa3cec96c>
Affected Software: JS Help Desk – Best Help Desk & Support Plugin CVE ID: CVE-2023-50839 CVSS Score: 9.8 (Critical) Researcher/s: Fariq Fadillah Gusti Insani (fariqfgi) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7a3e89cc-56cb-42d7-b4f6-bfc7ca0e03e6>
Affected Software: Checkout Mestres WP CVE ID: CVE-2023-51472 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7ad16d1e-e778-4cb4-a15d-ddb906f27762>
Affected Software: Checkout Mestres WP CVE ID: CVE-2023-51471 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8a52bf70-667b-400f-8912-75fae20a3f5b>
Affected Software: WP Frontend Profile CVE ID: CVE-2023-51483 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/91de6cf4-e5df-4130-bb96-92b89717a678>
Affected Software: WP MLM SOFTWARE PLUGIN CVE ID: CVE-2023-51476 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/abcc1ed6-1871-4e8c-9469-c44dbfca5a17>
Affected Software: TerraClassifieds – Simple Classifieds Plugin CVE ID: CVE-2023-51473 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b0399b60-6e40-4f35-985f-845a32f69d64>
Affected Software: Rencontre – Dating Site CVE ID: CVE-2023-51425 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b1278291-9fef-40f5-a432-d96f4bed31fe>
Affected Software: WP MLM SOFTWARE PLUGIN CVE ID: CVE-2023-51475 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b3451ed9-9a9a-443f-b1ce-dcd07bd3e6ce>
Affected Software: Theme per user CVE ID: CVE-2023-52181 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bc7e6844-23e2-4523-8261-21d4cba87db3>
Affected Software: Active Products Tables for WooCommerce. Professional products tables for WooCommerce store CVE ID: CVE-2023-51505 CVSS Score: 9.8 (Critical) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c5519d4e-84b5-4901-b55c-a0a919f4b6c9>
Affected Software: Checkout Mestres WP CVE ID: CVE-2023-51469 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e068573d-bc3e-48de-b4e7-6a0666086ac3>
Affected Software: Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition CVE ID: CVE-2023-51423 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f4ea6044-bf7b-469d-89ec-a9b89ef5715e>
Affected Software: Recipe Maker For Your Food Blog from Zip Recipes CVE ID: CVE-2023-52180 CVSS Score: 8.8 (High) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/01ab2ed8-ff2f-41ac-bbbd-d8878fd067d6>
Affected Software: WP Mail Log CVE ID: CVE-2023-51410 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0542f8bf-8fb1-4c47-89b7-106a6feacca1>
Affected Software: Ultimate Addons for Beaver Builder CVE ID: CVE-2023-51398 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1b29048e-cf06-463c-82e0-f1d973e50232>
Affected Software: ARI Stream Quiz – WordPress Quizzes Builder CVE ID: CVE-2023-52182 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/36ad7fe2-0dc9-427d-811b-8fb1fdb78579>
Affected Software: TerraClassifieds – Simple Classifieds Plugin CVE ID: CVE-2023-51474 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4a6e5f89-ebc0-413a-a76e-3cf4339430ba>
Affected Software: Verge3D Publishing and E-Commerce CVE ID: CVE-2023-51421 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/71dd864f-1975-4cee-be26-0cdb0d54be95>
Affected Software: Rencontre – Dating Site CVE ID: CVE-2023-51470 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/722c35e5-4084-46a4-a3d4-c73f8e7a1882>
Affected Software: MF Gig Calendar CVE ID: CVE-2023-50842 CVSS Score: 8.8 (High) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7d977636-a509-4f32-9ad3-762720fdb433>
Affected Software: Job Manager & Career – Manage job board listings, and recruitments CVE ID: CVE-2023-51545 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8558cd96-3b2a-4282-950b-6d9753698291>
Affected Software: Booking Manager CVE ID: CVE-2023-50840 CVSS Score: 8.8 (High) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9829ec10-ad37-4345-b4d6-cd0429b2d8f7>
Affected Software: JVM Gutenberg Rich Text Icons CVE ID: CVE-2023-51418 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a3e54f9b-db12-42ef-a0fa-2d40c0f7908c>
Affected Software: uncode-core CVE ID: CVE-2023-51515 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bb5e6767-d0a9-4ac4-816f-6fb57b1e5f9b>
Affected Software: Events Shortcodes For The Events Calendar CVE ID: CVE-2023-52142 CVSS Score: 8.8 (High) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c1d9ee9f-d8d0-4a9d-b414-bc79c4255b4e>
Affected Software: ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup CVE ID: CVE-2023-51356 CVSS Score: 8.8 (High) Researcher/s: Revan Arifio Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c681d1ac-a5d0-43f2-a1e4-0684cd56a3b8>
Affected Software: JVM Gutenberg Rich Text Icons CVE ID: CVE-2023-51417 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ca064db0-2718-4521-9467-335b59208858>
Affected Software: BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin CVE ID: CVE-2023-50841 CVSS Score: 8.8 (High) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e1a3cc98-3bee-4d52-a4bf-2a1a284b9311>
Affected Software: Build App Online CVE ID: CVE-2023-51479 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e3551218-e272-4c96-94fe-9db0aee0d4f4>
Affected Software: Most And Least Read Posts Widget CVE ID: CVE-2023-52133 CVSS Score: 8.8 (High) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e9fa55cc-c686-43e4-a028-dd2721d2db85>
Affected Software: uncode-core CVE ID: CVE-2023-51500 CVSS Score: 8.1 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/74ab025d-4e76-46e5-b8f8-963eeea5b802>
Affected Software: Backup Migration CVE ID: CVE-2023-6971 CVSS Score: 8.1 (High) Researcher/s: Hiroho Shimada Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b380283c-0dbb-4d67-9f66-cb7c400c0427>
Affected Software: Backup Migration CVE ID: CVE-2023-6972 CVSS Score: 7.5 (High) Researcher/s: Hiroho Shimada Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0a3ae696-f67d-4ed2-b307-d2f36b6f188c>
Affected Software: Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin CVE ID: CVE-2023-52185 CVSS Score: 7.5 (High) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/31a54705-99e8-4e41-bf57-9365ab387228>
Affected Software: WP Stripe Checkout CVE ID: CVE-2023-52143 CVSS Score: 7.5 (High) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3f244b8e-94ae-4d95-83a7-53b826e98656>
Affected Software: MultiVendorX Marketplace – WooCommetrce MultiVendor Marketplace Solution CVE ID: CVE-2023-51355 CVSS Score: 7.5 (High) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6cdc0096-8e21-4b82-b9d0-961f48907a09>
Affected Software: Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition CVE ID: CVE-2023-51422 CVSS Score: 7.5 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/aa4244d3-a611-416d-8159-2f6a8cf61b30>
Affected Software: Local Delivery Drivers for WooCommerce CVE ID: CVE-2023-51481 CVSS Score: 7.3 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/99f4f1dc-13a9-4fa0-bdb1-77a0d416c80f>
Affected Software: Custom 404 Pro CVE ID: CVE-2023-51540 CVSS Score: 7.2 (High) Researcher/s: Kyle Sanchez Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1106e7b2-eac7-459d-8eb3-fe84c76f3b67>
Affected Software: WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels CVE ID: CVE-2023-51546 CVSS Score: 7.2 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7927edf2-b092-4b56-83aa-038f99ea658e>
Affected Software: Welcart e-Commerce CVE ID: CVE-2023-50847 CVSS Score: 7.2 (High) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a328643a-ab12-427e-9bcd-2d40738afb61>
Affected Software: Backup Migration CVE ID: CVE-2023-7002 CVSS Score: 7.2 (High) Researcher/s: Françoa Taffarel Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cc49db10-988d-42bd-a9cf-9a86f4c79568>
Affected Software: Clockwork SMS Notfications CVE ID: CVE-2023-50843 CVSS Score: 6.6 (Medium) Researcher/s: Mika Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/08fb51d6-30c1-4a48-b626-a8c6f203ac83>
Affected Software: Media File Renamer: Rename Files (Manual, Auto & AI) CVE ID: CVE-2023-50897 CVSS Score: 6.6 (Medium) Researcher/s: Taihei Shimamine Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/32b2b8e9-aa49-4cc3-97b7-249695969461>
Affected Software: E2Pdf – Export To Pdf Tool for WordPress CVE ID: CVE-2023-50849 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3f0ed355-b5c8-4143-b391-7436d67ba0de>
Affected Software: 404 Solution CVE ID: CVE-2023-50848 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/477d3d7a-6028-4dd3-b713-6098bfe32832>
Affected Software: Mail logging – WP Mail Catcher CVE ID: CVE-2023-50844 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/47aed582-efb6-4caf-a65b-57995907ecaa>
Affected Software: WP Adminify – WordPress Dashboard Customization | Custom Login | Admin Columns | Dashboard Widget | Media Library Folders CVE ID: CVE-2023-52132 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/555dce5e-9868-464a-9cb4-67644cc6a61c>
Affected Software: Page Generator CVE ID: CVE-2023-52131 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/73ea7672-4e3f-4a26-a59e-043c2cd10a7a>
Affected Software: Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin CVE ID: CVE-2023-50851 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/775d4ba7-7198-493c-bae0-7f3f78741b90>
Affected Software: Pre* Party Resource Hints CVE ID: CVE-2023-50855 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7c043945-d327-4f26-98b4-99ac5b4761f1>
Affected Software: Login Lockdown – Protect Login Form CVE ID: CVE-2023-50837 CVSS Score: 6.6 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7c9d088c-e71a-4e73-a7e3-d99f3511e519>
Affected Software: YITH WooCommerce Product Add-Ons CVE ID: CVE-2023-49777 CVSS Score: 6.6 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7edd06d9-3897-4644-a77e-e58ab6d14c95>
Affected Software: Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin CVE ID: CVE-2023-51547 CVSS Score: 6.6 (Medium) Researcher/s: Yudistira Arya Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8909dafa-3383-405e-a264-f0770e6714a4>
Affected Software: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit CVE ID: CVE-2023-50857 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8af44af4-ea56-4686-ad35-5bcdd98ba2cc>
Affected Software: Store Locator WordPress CVE ID: CVE-2023-50885 CVSS Score: 6.6 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8cb5c386-eee3-4e88-a827-766a4901f432>
Affected Software: Squirrly SEO - Advanced Pack CVE ID: CVE-2023-50854 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8ce4204f-3ee3-4877-8e9d-123d01ae80f5>
Affected Software: GEO my WordPress CVE ID: CVE-2023-52134 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/94f118c3-d470-43c4-a61a-1ec998694880>
Affected Software: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login CVE ID: CVE-2023-50846 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9b378df7-b182-4a56-a7fa-3228c06f960f>
Affected Software: WS Form LITE – Drag & Drop Contact Form Builder for WordPress CVE ID: CVE-2023-52135 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a3171015-227d-420a-ba3a-e6e2dc17ba8c>
Affected Software: GeoDirectory – WordPress Business Directory Plugin, or Classified Directory CVE ID: CVE-2023-50845 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b3d48aca-3db5-4585-bd71-5548f3b36ea1>
Affected Software: Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits CVE ID: CVE-2023-50856 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bf172a41-31dc-4864-9385-53decdc70aeb>
Affected Software: Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms CVE ID: CVE-2023-50853 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c5782b71-3234-4e53-9b26-225472f604c5>
Affected Software: Booking Calendar | Appointment Booking | BookIt CVE ID: CVE-2023-50852 CVSS Score: 6.6 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d4e97c01-7e8a-41b7-90ad-029d8c5fd37c>
Affected Software: EnvíaloSimple: Email Marketing y Newsletters CVE ID: CVE-2023-51414 CVSS Score: 6.5 (Medium) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/13245eab-9a72-44d7-bbcd-a0d3e2879814>
Affected Software: WooCommerce Stripe Payment Gateway CVE ID: CVE-2023-51502 CVSS Score: 6.5 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6ee04e4d-4385-4854-9bfe-1b957ca13963>
Affected Software: Affiliates Manager CVE ID: CVE-2023-52130 CVSS Score: 6.5 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/756b5e3e-46fa-483e-945a-86166e79d989>
Affected Software: FunnelKit Checkout CVE ID: CVE-2023-51672 CVSS Score: 6.5 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c9d07faf-cc88-4233-a552-55e3376a2fc4>
Affected Software: Piotnet Forms CVE ID: CVE-2023-51413 CVSS Score: 6.5 (Medium) Researcher/s: Abdi Pranata Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f119c6c2-cd4e-415a-b717-2bfc90ed729e>
Affected Software: weForms – Easy Drag & Drop Contact Form Builder For WordPress CVE ID: CVE-2023-51524 CVSS Score: 6.5 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f2b7258e-c594-415a-a872-d5b28397e40d>
Affected Software: Sensei LMS – Online Courses, Quizzes, & Learning CVE ID: CVE-2023-50875 CVSS Score: 6.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/031995fb-48c4-4f56-8b64-d66a47b2fbe9>
Affected Software: Schema & Structured Data for WP & AMP CVE ID: CVE-2023-51677 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0752b4f3-b9f0-4c39-8e4c-2db188600087>
Affected Software: Product Code for WooCommerce CVE ID: CVE-2023-51669 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0be84866-2a49-42da-b498-962fc1bcb811>
Affected Software: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building CVE ID: CVE-2023-51532 CVSS Score: 6.4 (Medium) Researcher/s: Huynh Tien Si Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0feeca6b-b611-44d3-90a6-569e4d2ccf5a>
Affected Software: Insert or Embed Articulate Content into WordPress CVE ID: CVE-2023-50824 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/128d3046-94a0-465c-9225-a3ce652f5282>
Affected Software: WooCommerce Menu Extension CVE ID: CVE-2023-50834 CVSS Score: 6.4 (Medium) Researcher/s: wpdabh Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/173c8c8a-a015-4522-b957-1805f520a77d>
Affected Software: Active Products Tables for WooCommerce. Professional products tables for WooCommerce store CVE ID: CVE-2023-51480 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1f18147d-60e6-447d-a6f5-6ad7b633e62c>
Affected Software: WP Crowdfunding CVE ID: CVE-2023-50859 CVSS Score: 6.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/294b5bd1-a7c8-4c06-b107-e80bf3b35da8>
Affected Software: Pay with Vipps for WooCommerce CVE ID: CVE-2023-51485 CVSS Score: 6.4 (Medium) Researcher/s: resecured.io Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2950a264-b60c-48ad-b8e0-6d0e1a230982>
Affected Software: Colibri Page Builder CVE ID: CVE-2023-6988 CVSS Score: 6.4 (Medium) Researcher/s: Hung -mov Nguyen Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b>
Affected Software: Booking for Appointments and Events Calendar – Amelia CVE ID: CVE-2023-50860 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/33398af8-7b7f-47e5-b95b-c9faa33d0c80>
Affected Software: My Agile Privacy – The only GDPR solution for WordPress that you can truly trust CVE ID: CVE-2023-51404 CVSS Score: 6.4 (Medium) Researcher/s: resecured.io Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/35c40c81-c7b4-4453-bd2f-7910fcb7f13e>
Affected Software: WP Tabs – Responsive Tabs Plugin for WordPress CVE ID: CVE-2023-52124 CVSS Score: 6.4 (Medium) Researcher/s: wpdabh Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/433c8908-587e-4086-9d0c-c9b1819b26e8>
Affected Software: Currency Converter Widget – Exchange Rates CVE ID: CVE-2023-50822 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/47f051dd-138c-4c71-8a92-150c9ffd3601>
Affected Software: Colibri Page Builder CVE ID: CVE-2023-50833 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/532d185c-4384-4b15-a104-42f8d2a1ca23>
Affected Software: Form plugin for WordPress – Zoho Forms CVE ID: CVE-2023-50891 CVSS Score: 6.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/57e9b09c-adfb-4fc2-8d2b-41cfc1f73e22>
Affected Software: Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More CVE ID: CVE-2023-50881 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5c50b451-519c-4da8-93ce-b84e594e6775>
Affected Software: WP Affiliate Disclosure CVE ID: CVE-2023-52178 CVSS Score: 6.4 (Medium) Researcher/s: resecured.io Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5e38ee27-30a4-45be-bab6-a3e65ada215f>
Affected Software: Seos Contact Form CVE ID: CVE-2023-50830 CVSS Score: 6.4 (Medium) Researcher/s: DoYeon Park (p6rkdoye0n) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/62b2113a-70a2-4223-8c6c-6cd15057d72d>
Affected Software: HashBar – WordPress Notification Bar CVE ID: CVE-2023-51372 CVSS Score: 6.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6f3e4e53-3a4a-4b9d-845c-927a59e03488>
Affected Software: WPCS – WordPress Currency Switcher Professional CVE ID: CVE-2023-51506 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/72a06690-f40a-472b-b9d1-985a49b914b3>
Affected Software: WP Remote Site Search CVE ID: CVE-2023-51397 CVSS Score: 6.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/79d4e5a8-028a-488e-b419-77a0981a28a9>
Affected Software: CURCY – Multi Currency for WooCommerce CVE ID: CVE-2023-50831 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7b7dee9e-1272-4e70-926c-a73e2897968c>
Affected Software: If-So Dynamic Content Personalization CVE ID: CVE-2023-51492 CVSS Score: 6.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8407b678-76c5-4232-b17e-8db05f9e7b12>
Affected Software: Auto Amazon Links – Amazon Associates Affiliate Plugin CVE ID: CVE-2023-52175 CVSS Score: 6.4 (Medium) Researcher/s: Nguyen Anh Tien Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8b2a5938-232e-487c-b31b-f48e2b9acb65>
Affected Software: Limit Login Attempts Reloaded CVE ID: CVE-2023-6934 CVSS Score: 6.4 (Medium) Researcher/s: Hung -mov Nguyen Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/906049c0-4710-47aa-bf44-cdf29032dc1f>
Affected Software: Divi CVE ID: CVE-2023-6744 CVSS Score: 6.4 (Medium) Researcher/s: Francesco Carlucci Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/999475c5-5f17-47fa-a0d0-47cb5a8a0eb4>
Affected Software: iframe Shortcode CVE ID: CVE-2023-50825 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a3c323d5-59bc-4ecc-8211-2104fd22639f>
Affected Software: Restaurant Reservations CVE ID: CVE-2023-51403 CVSS Score: 6.4 (Medium) Researcher/s: resecured.io Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4fa8aa9-0af8-4202-b219-863bbef8d02c>
Affected Software: CSS & JavaScript Toolbox CVE ID: CVE-2023-50823 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ace85b25-251b-4549-8f6e-1a1494cbabb6>
Affected Software: WordPress.com Editing Toolkit CVE ID: CVE-2023-50879 CVSS Score: 6.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b54307fb-ecbc-4742-9deb-59dbb85b4a7c>
Affected Software: BuddyPress CVE ID: CVE-2023-50880 CVSS Score: 6.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b824cab6-d340-487d-90ba-5b554db1da14>
Affected Software: Stock Ticker CVE ID: CVE-2023-51541 CVSS Score: 6.4 (Medium) Researcher/s: resecured.io Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b8e921f4-d889-490f-a817-53d132a56f83>
Affected Software: Back Button Widget CVE ID: CVE-2023-51399 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bcd28bc3-f893-4eb7-946f-34a2e9c7ff27>
Affected Software: Easy Video Player CVE ID: CVE-2023-51689 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bd28f7f0-ed52-45d0-8d97-5ff95d17eb26>
Affected Software: AMP for WP – Accelerated Mobile Pages CVE ID: CVE-2023-6782 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c1cae64e-caed-43c0-9a75-9aa4234946a0>
Affected Software: WP User Profile Avatar CVE ID: CVE-2023-52118 CVSS Score: 6.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c291aa80-f1cd-4933-b522-73ec115a3a68>
Affected Software: Dan's Embedder for Google Calendar CVE ID: CVE-2023-51504 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cbca88e0-1563-43cb-adf4-4f89856a07d0>
Affected Software: CBX Bookmark & Favorite CVE ID: CVE-2023-51514 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cddda02e-c36f-4ed8-b3ac-6cb3f17c6ce2>
Affected Software: Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) CVE ID: CVE-2023-51684 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d19a9c96-918f-4f19-82a9-badd5765cea3>
Affected Software: WordPress Infinite Scroll – Ajax Load More CVE ID: CVE-2023-50874 CVSS Score: 6.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e3bcc0aa-281f-4c59-b3de-dde4277cc989>
Affected Software: Themify Icons CVE ID: CVE-2023-51693 CVSS Score: 6.4 (Medium) Researcher/s: wpdabh Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/efa156b7-ab18-414d-80a5-3a1c2a977b3b>
Affected Software: Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More CVE ID: CVE-2023-51674 CVSS Score: 6.4 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f1bf4f77-9539-4a9f-afec-f43f602c684f>
Affected Software: Simple Membership CVE ID: CVE-2023-50376 CVSS Score: 6.1 (Medium) Researcher/s: Le Ngoc Anh Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/18fe9769-3681-4a5e-866a-640b4cc76199>
Affected Software: Simple Membership CVE ID: CVE-2023-6882 CVSS Score: 6.1 (Medium) Researcher/s: Rein Daelman (trein) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/366165fe-93e5-49ab-b2e5-1de624f22286>
Affected Software: WP Go Maps (formerly WP Google Maps) CVE ID: CVE-2023-6627 CVSS Score: 6.1 (Medium) Researcher/s: Marc-Alexandre Montpas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3a468814-ecb7-4414-9472-6c2aaa5f5c2c>
Affected Software: New User Approve CVE ID: CVE-2023-50902 CVSS Score: 6.1 (Medium) Researcher/s: Vladislav Pokrovsky (ΞX.MI) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3abde27c-8234-4146-9e55-ea20b275ca48>
Affected Software: HT Mega – Absolute Addons For Elementor CVE ID: CVE-2023-50901 CVSS Score: 6.1 (Medium) Researcher/s: Le Ngoc Anh Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6745be2e-d151-452a-8e65-0db2409dd54d>
Affected Software: Impreza – WordPress Website and WooCommerce Builder CVE ID: CVE-2023-50893 CVSS Score: 6.1 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7bd931a9-18ec-48fa-9382-d4c2d99258c5>
Affected Software: TheGem CVE ID: CVE-2023-50892 CVSS Score: 6.1 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a243fbde-951b-43e0-a432-c92ae4b04c26>
Affected Software: Crowdsignal Dashboard – Polls, Surveys & more CVE ID: CVE-2023-51488 CVSS Score: 6.1 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a78da5c5-fb12-4fc9-8c51-6d9f6f7a4043>
Affected Software: Google Photos Gallery with Shortcodes CVE ID: CVE-2023-51373 CVSS Score: 6.1 (Medium) Researcher/s: Le Ngoc Anh Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c5ab6a1f-181c-4bc2-bcc3-e19f94fc5e46>
Affected Software: uncode-core CVE ID: CVE-2023-51501 CVSS Score: 6.1 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d4efe60a-d8e3-4e51-95b2-246e30e90e89>
Affected Software: HTML Forms CVE ID: CVE-2023-50836 CVSS Score: 5.5 (Medium) Researcher/s: Huynh Tien Si Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2921ea67-e88a-489a-8c45-cfe458f29d2b>
Affected Software: NEX-Forms – Ultimate Form Builder – Contact forms and much more CVE ID: CVE-2023-50838 CVSS Score: 5.5 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6b5964a7-410b-4fea-9de2-22ffda80c8e8>
Affected Software: ZeroBounce Email Verification & Validation CVE ID: CVE-2023-51374 CVSS Score: 5.5 (Medium) Researcher/s: DoYeon Park (p6rkdoye0n) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c7d215e9-e615-46ab-b0b8-b37f10cfae98>
Affected Software: Stylish Price List – Price Table Builder & QR Code Restaurant Menu CVE ID: CVE-2023-51673 CVSS Score: 5.4 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0d9cea4e-b619-4935-bb7c-a64ddf52d480>
Affected Software: JSM file_get_contents() Shortcode CVE ID: CVE-2023-6991 CVSS Score: 5.4 (Medium) Researcher/s: Dmitrii Ignatyev Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/191d5bcc-70d8-430b-9215-00ffdc04be87>
Affected Software: Simple Staff List CVE ID: CVE-2023-51526 CVSS Score: 5.4 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3ef8bf84-768f-4ef1-8037-4e51ccc20c83>
Affected Software: ARI Stream Quiz – WordPress Quizzes Builder CVE ID: CVE-2023-51487 CVSS Score: 5.4 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/45180c8e-0625-4a21-b3a1-673abe52d78f>
Affected Software: WP Shortcodes Plugin — Shortcodes Ultimate CVE ID: CVE-2023-6488 CVSS Score: 5.4 (Medium) Researcher/s: Webbernaut Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/50a89ad1-a3d0-49e3-8d2e-4cb81ac115ba>
Affected Software: Happy Addons for Elementor CVE ID: CVE-2023-51676 CVSS Score: 5.4 (Medium) Researcher/s: Yuchen Ji Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/64ae36a3-d102-4d51-b685-395283155101>
Affected Software: Author Box, Guest Author and Co-Authors for Your Posts – Molongui CVE ID: CVE-2023-50876 CVSS Score: 5.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6f01ecab-2dfe-45d2-9d9a-ba1e30c7d75f>
Affected Software: FOX – Currency Switcher Professional for WooCommerce CVE ID: CVE-2023-6556 CVSS Score: 5.4 (Medium) Researcher/s: Lucio Sá Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8cb37019-33f6-4f72-adfc-befbfbf69e47>
Affected Software: Doofinder WP & WooCommerce Search CVE ID: CVE-2023-51678 CVSS Score: 5.4 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ad50e216-f522-4294-a4dc-7f3bd52820b3>
Affected Software: Business Directory Plugin – Easy Listing Directories for WordPress CVE ID: CVE-2023-51516 CVSS Score: 5.4 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ea3c5188-4570-4958-8b2d-69048b10c5f9>
Affected Software: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates CVE ID: CVE-2023-51359 CVSS Score: 5.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/eca703ec-645c-4d12-ae57-75db14e08f3e>
Affected Software: WooCommerce Warranty Requests CVE ID: CVE-2023-51496 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/03e96aea-30a2-4cd3-8967-52e1870cc293>
Affected Software: Block IPs for Gravity Forms CVE ID: CVE-2023-51358 CVSS Score: 5.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/19958187-7eb1-479e-bd36-d40974ae65ca>
Affected Software: WP Optin Wheel – Gamified Optin Email Marketing Tool for WordPress and WooCommerce CVE ID: CVE-2023-51408 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2a83ade5-5e53-4d53-ada0-43d487e5e23f>
Affected Software: Rate my Post – WP Rating System CVE ID: CVE-2023-51667 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2d24aa7e-bbf1-4a54-b53b-7a37e613e0e6>
Affected Software: Customer Reviews for WooCommerce CVE ID: CVE-2023-51692 CVSS Score: 5.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2e093d1f-9c5a-44f8-bc27-9c320e220358>
Affected Software: Poll Maker – Best WordPress Poll Plugin CVE ID: CVE-2023-50904 CVSS Score: 5.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/345097c7-8f0e-46ed-9a1d-7c8a4a589e3f>
Affected Software: Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions CVE ID: CVE-2023-6855 CVSS Score: 5.3 (Medium) Researcher/s: Webbernaut Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/383c7837-e7b7-4608-9cdc-91b7dbc7f4e2>
Affected Software: AI Power: Complete AI Pack – Powered by GPT-4 CVE ID: CVE-2023-51527 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3f95c288-7710-46aa-898b-a923afa7a4ab>
Affected Software: Database Cleaner: Clean, Optimize & Repair CVE ID: CVE-2023-51508 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4031f857-9712-4f4a-93e8-0b01f9a9c32d>
Affected Software: Beaver Builder – WordPress Page Builder CVE ID: CVE-2023-50889 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4a13c7a1-f904-41b1-ab7f-2df95c9b2880>
Affected Software: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login CVE ID: CVE-2023-51543 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4b37b57c-4a11-4971-b38f-12c70d71b76b>
Affected Software: MC4WP: Mailchimp for WordPress CVE ID: CVE-2023-51682 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4f289527-3a89-4db9-887d-fb0980848734>
Affected Software: Product Catalog Simple CVE ID: CVE-2023-51687 CVSS Score: 5.3 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4f4099b3-6c79-42c2-be41-4ad8d73cc2b8>
Affected Software: Uncanny Automator – Automate everything with the #1 no-code automation and integration plugin CVE ID: CVE-2023-52151 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5098e74a-9a99-48b3-9f44-b780bfdeb24e>
Affected Software: LA-Studio Element Kit for Elementor CVE ID: CVE-2023-50884 CVSS Score: 5.3 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/523f7a8a-d06d-4778-be14-d0b7ca32dab3>
Affected Software: Woocommerce Shipping Canada Post CVE ID: CVE-2023-51498 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/549788e3-e31a-46a6-a2de-361747c98514>
Affected Software: Branda – White Label WordPress, Custom Login Page Customizer CVE ID: CVE-2023-51542 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/552bc1cc-df98-4608-a50e-db1381ca8e0a>
Affected Software: Send Users Email CVE ID: CVE-2023-52126 CVSS Score: 5.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5d50e9bb-e357-42d3-b131-468511b8e98a>
Affected Software: User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds CVE ID: CVE-2023-50887 CVSS Score: 5.3 (Medium) Researcher/s: Revan Arifio Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/63c7bb29-c8b2-49ee-8ac4-1046b61b7e6a>
Affected Software: WooPayments – Fully Integrated Solution Built and Supported by Woo CVE ID: CVE-2023-51503 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/68f5bc13-b0b2-48b6-82ac-ff02367f4780>
Affected Software: 404 Solution CVE ID: CVE-2023-52146 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/73643d45-9542-4372-a7a2-0a443819b8a2>
Affected Software: WP User Profile Avatar CVE ID: CVE-2023-6384 CVSS Score: 5.3 (Medium) Researcher/s: Dmitrii Ignatyev Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/75c325a1-1a88-4b67-a5f8-6307627d8c6a>
Affected Software: Awesome Support – WordPress HelpDesk & Support Plugin CVE ID: CVE-2023-51537 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7d713de0-40a4-4926-9942-e5e2bf7434c4>
Affected Software: RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login CVE ID: CVE-2023-51544 CVSS Score: 5.3 (Medium) Researcher/s: Kyle Sanchez Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/86ebb3d1-5fd1-48cb-95b7-f82014323f01>
Affected Software: Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress CVE ID: CVE-2023-51507 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/89ee5d27-9123-4fd2-94f8-4395db5663ec>
Affected Software: Defender Security – Malware Scanner, Login Security & Firewall CVE ID: CVE-2023-51490 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/94c8979a-db2e-490f-b055-cdf19a48cf73>
Affected Software: Metform Elementor Contact Form Builder CVE ID: CVE-2023-50903 CVSS Score: 5.3 (Medium) Researcher/s: Revan Arifio Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a6425d39-cc8b-4130-8f67-2d6de7954934>
Affected Software: Affiliates Manager CVE ID: CVE-2023-52148 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/abc3f352-8568-4649-bf3c-dd0ce0295589>
Affected Software: Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce CVE ID: CVE-2023-51357 CVSS Score: 5.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ae007dc0-9ac7-459d-bfe6-bcde87028b14>
Affected Software: eCommerce Product Catalog Plugin for WordPress CVE ID: CVE-2023-51688 CVSS Score: 5.3 (Medium) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b48b9170-4dd9-4004-a081-488cafbc7597>
Affected Software: FastDup – Fastest WordPress Migration & Duplicator CVE ID: CVE-2023-51406 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b8261317-462b-49c5-9526-20b695895e49>
Affected Software: All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs – My Sticky Elements CVE ID: CVE-2023-51362 CVSS Score: 5.3 (Medium) Researcher/s: Revan Arifio Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c4098a47-986c-4b2c-b27a-18ff81da0f58>
Affected Software: WooCommerce Warranty Requests CVE ID: CVE-2023-51495 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c8970d08-6c75-4dbb-ad24-6d9ba4c07530>
Affected Software: Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! CVE ID: CVE-2023-51377 CVSS Score: 5.3 (Medium) Researcher/s: Revan Arifio Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cc3d49c5-3054-4e1f-b571-6591a0b31d69>
Affected Software: BuddyBoss Theme CVE ID: CVE-2023-51477 CVSS Score: 5.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ccbeb69e-6476-42a6-86ac-723947c70301>
Affected Software: Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) CVE ID: CVE-2023-40005 CVSS Score: 5.3 (Medium) Researcher/s: Nguyen Anh Tien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dbce48b2-aa7c-4c92-8df8-ee3a17336e97>
Affected Software: Image Source Control Lite – Show Image Credits and Captions CVE ID: CVE-2023-52187 CVSS Score: 5.3 (Medium) Researcher/s: Joshua Chan Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e3b3ce65-b226-4b93-ab0c-984f774454f7>
Affected Software: Product Vendors CVE ID: CVE-2023-52186 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e4457df6-81ca-4149-bcca-623cff2cbeef>
Affected Software: Malware Scanner CVE ID: CVE-2023-52176 CVSS Score: 5.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/fb19fd06-7b2c-41a1-a470-230da7ce944d>
Affected Software: Product Vendors CVE ID: CVE-2023-51494 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/fcce0a92-520d-45ac-845e-a1635f763eed>
Affected Software: iframe CVE ID: CVE-2023-52125 CVSS Score: 5 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/66f392d0-d5fb-4a8c-b972-becfac6cf6e7>
Affected Software: Enable Media Replace CVE ID: CVE-2023-6737 CVSS Score: 4.7 (Medium) Researcher/s: Nex Team Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c37d8218-6059-46f2-a5d9-d7c22486211e>
Affected Software: Menu Image, Icons made easy CVE ID: CVE-2023-50826 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0ff001c2-95f9-42a2-b5a3-74937be41756>
Affected Software: Ultimate Dashboard – Custom WordPress Dashboard CVE ID: CVE-2023-50828 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/10c1b000-537a-4009-a740-19666505989e>
Affected Software: Accredible Certificates & Open Badges CVE ID: CVE-2023-50827 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1d5ac3df-ddaf-4c78-acd3-baddea42443f>
Affected Software: Photo Gallery by 10Web – Mobile-Friendly Image Gallery CVE ID: CVE-2023-6924 CVSS Score: 4.4 (Medium) Researcher/s: István Márton Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4>
Affected Software: Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! CVE ID: CVE-2023-51695 CVSS Score: 4.4 (Medium) Researcher/s: Robert DeVore Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/381ec612-2086-4925-98cd-652a6c2ac081>
Affected Software: WP Review Slider CVE ID: CVE-2023-51685 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/62233370-3b54-4d89-93e7-07afdae4a413>
Affected Software: WP Chat App CVE ID: CVE-2023-51370 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/73232bff-b11a-4580-8cde-5bf085ba749c>
Affected Software: weForms – Easy Drag & Drop Contact Form Builder For WordPress CVE ID: CVE-2023-50896 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7c44efe0-bdc0-42e0-9bdd-cf25bff1d2d5>
Affected Software: Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content CVE ID: CVE-2023-51534 CVSS Score: 4.4 (Medium) Researcher/s: Huynh Tien Si Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/88cf21c3-52d7-472f-8f55-8e1a5819f133>
Affected Software: Sticky Chat Widget: WhatsApp, Messenger, Click to chat, SMS, Email, Messages, Call Button, Contact form and more Chat buttons CVE ID: CVE-2023-51361 CVSS Score: 4.4 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/892fe839-57ca-45bc-aa9b-f1bf87994a77>
Affected Software: Event Monster – Event Management, Tickets Booking, Upcoming Event CVE ID: CVE-2023-47525 CVSS Score: 4.4 (Medium) Researcher/s: Jeongwoo-Lee(Roronoa) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8f4f2317-945e-4fd8-8a0b-981b88a8412c>
Affected Software: Multi Step Form CVE ID: CVE-2023-50832 CVSS Score: 4.4 (Medium) Researcher/s: Benmalek Aymen (centaurus) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a5e6b508-35ef-45da-bf17-c038d3b7ce52>
Affected Software: Custom Post Carousels with Owl CVE ID: CVE-2023-51493 CVSS Score: 4.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a89f795d-246d-4a3c-a7a7-5c9867d7a01e>
Affected Software: CRM Perks Forms – WordPress Form Builder CVE ID: CVE-2023-51536 CVSS Score: 4.4 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ca954d68-18a5-47e2-af56-261c7a55b017>
Affected Software: Simple Counter CVE ID: CVE-2023-50377 CVSS Score: 4.4 (Medium) Researcher/s: Abu Hurayra (HurayraIIT) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cb4eb28a-3dd5-4d8d-bef0-53cee7285180>
Affected Software: WP Edit Username CVE ID: CVE-2023-47527 CVSS Score: 4.4 (Medium) Researcher/s: Jeongwoo-Lee(Roronoa) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f445de97-b6fd-4180-b63e-5b8da40dae6a>
Affected Software: Loan Repayment Calculator and Application Form CVE ID: CVE-2023-50829 CVSS Score: 4.4 (Medium) Researcher/s: DoYeon Park (p6rkdoye0n) Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f8756fb7-ee15-4fc7-b5bd-b4f2e64f8e6f>
Affected Software: WooCommerce Easy Duplicate Product CVE ID: CVE-2023-51523 CVSS Score: 4.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/02d11be0-2e2e-4c76-8a8e-f3f637b99809>
Affected Software: EnvíaloSimple: Email Marketing y Newsletters CVE ID: CVE-2023-51416 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0c533277-5cea-419f-93ec-e510c0fbd75d>
Affected Software: Simple Job Board CVE ID: CVE-2023-52122 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/100b6786-7cad-4d65-b457-9beb179e293a>
Affected Software: Appointment & Event Booking Calendar Plugin – Webba Booking CVE ID: CVE-2023-51354 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/12a195a0-f992-462d-9b4e-69e8a2975635>
Affected Software: Spam protection, Anti-Spam, FireWall by CleanTalk CVE ID: CVE-2023-51696 CVSS Score: 4.3 (Medium) Researcher/s: Elliot Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/19dd6670-2813-4944-abcd-c26fb9b82092>
Affected Software: Custom Twitter Feeds – A Tweets Widget or X Feed Widget CVE ID: CVE-2023-52136 CVSS Score: 4.3 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1ab56d29-7e35-4bc3-812e-d82890f60c8e>
Affected Software: Republish Old Posts CVE ID: CVE-2023-52145 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1e1db52a-3966-4e04-b0ed-08bda9ba1ff6>
Affected Software: Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More CVE ID: CVE-2023-51675 CVSS Score: 4.3 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1eb25ef3-28ea-4f8f-932a-e90ca1914e8d>
Affected Software: Floating Button CVE ID: CVE-2023-52149 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/20151f80-c25f-482e-a2b0-34607dba9d1e>
Affected Software: Rise Blocks – A Complete Gutenberg Page Builder CVE ID: CVE-2023-51378 CVSS Score: 4.3 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2b249842-c480-495a-8eec-6c7d0893ef1c>
Affected Software: WP Simple Booking Calendar CVE ID: CVE-2023-51525 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2f72e5bb-e076-4379-8699-e399761c043f>
Affected Software: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building CVE ID: CVE-2023-52119 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3000b140-2e38-463d-9128-b486293e3cf6>
Affected Software: White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard CVE ID: CVE-2023-52128 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/383da457-b930-470c-a68a-db3e87af7a80>
Affected Software: Ultimate Addons for Beaver Builder CVE ID: CVE-2023-51401 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/38a5be0c-f905-4e27-b5c3-8c0606d71a61>
Affected Software: HUSKY – Products Filter for WooCommerce Professional CVE ID: CVE-2023-50861 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3d9179d2-2e90-4de7-8178-073a0ce5865b>
Affected Software: Duplicator – WordPress Migration & Backup Plugin CVE ID: CVE-2023-51681 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/416da5d4-3d47-443b-a82c-c059c38f5218>
Affected Software: Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress CVE ID: CVE-2023-51521 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4cfdbf80-3733-4d5c-9bc6-01e543ee08b1>
Affected Software: Thrive Automator CVE ID: CVE-2023-51531 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4d5b1a3d-ce7f-4d5d-b72b-61024d5c5378>
Affected Software: Spam protection, Anti-Spam, FireWall by CleanTalk CVE ID: CVE-2023-51535 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4eb4400d-d629-4c88-9ec5-06da9089f6d1>
Affected Software: WPC Product Bundles for WooCommerce CVE ID: CVE-2023-52127 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5188dc72-a00d-4a07-b178-3f3ef26d7fc1>
Affected Software: AI Power: Complete AI Pack – Powered by GPT-4 CVE ID: CVE-2023-51528 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5511c5f4-b71c-484b-ab6f-2389a29809cd>
Affected Software: Apollo13 Framework Extensions CVE ID: CVE-2023-51539 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/575b51f4-fed4-4057-9e8b-762fda275ef3>
Affected Software: WooCommerce Ship to Multiple Addresses CVE ID: CVE-2023-51497 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/63ab255f-e061-447b-a2b6-21a85eed9d57>
Affected Software: WooCommerce PDF Invoice Builder, Create invoices, packing slips and more CVE ID: CVE-2023-51486 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/652367a0-fca2-4313-8217-d8811ada0ab5>
Affected Software: Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction CVE ID: CVE-2023-51522 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/69ab17fc-8290-4230-8c44-25d12009c08a>
Affected Software: HT Mega – Absolute Addons For Elementor CVE ID: CVE-2023-51529 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6f26b04f-2a25-40a6-9b2c-27d9970acb8f>
Affected Software: FunnelKit Checkout CVE ID: CVE-2023-51670 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6f789ff9-5d86-4911-8b2f-2a425393c61d>
Affected Software: ProfileGrid – User Profiles, Memberships, Groups and Communities CVE ID: CVE-2023-52117 CVSS Score: 4.3 (Medium) Researcher/s: emad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/71fb1cef-6e01-4bd7-b0bc-5d21295f119a>
Affected Software: Dynamic Content for Elementor CVE ID: CVE-2023-52150 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/77a85024-33ff-4056-89f6-991182d71b80>
Affected Software: Product Filter by WBW CVE ID: CVE-2023-50877 CVSS Score: 4.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/77acb885-1776-4a74-96d0-4edbf1a92917>
Affected Software: Export Media URLs CVE ID: CVE-2023-51510 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7b121abf-3842-43ac-a3dc-bde6d5e0b263>
Affected Software: Calculated Fields Form CVE ID: CVE-2023-51517 CVSS Score: 4.3 (Medium) Researcher/s: Ngô Thiên An (ancorn_) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/85555a8f-5d23-458d-9166-d30f8f0551e0>
Affected Software: Inline Image Upload for BBPress CVE ID: CVE-2023-51668 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/86bd6ae1-e74d-4aab-98e1-3c47cb484fe9>
Affected Software: WooCommerce Per Product Shipping CVE ID: CVE-2023-51499 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8b0504f3-f8df-4b37-bafa-5320920e9571>
Affected Software: Easy PayPal & Stripe Buy Now Button CVE ID: CVE-2023-51683 CVSS Score: 4.3 (Medium) Researcher/s: LVT-tholv2k Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8f6fd0bb-d37b-40b6-b84e-9b21aae891cc>
Affected Software: BulkGate SMS Plugin for WooCommerce CVE ID: CVE-2023-51679 CVSS Score: 4.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/93e590f8-5f8d-4ee5-bcff-96bcb8daf4b7>
Affected Software: FunnelKit Checkout CVE ID: CVE-2023-51671 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9603e394-b358-4599-8610-ef5737a39de0>
Affected Software: Booster Elite for WooCommerce CVE ID: CVE-2023-51511 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/995a086a-4795-4092-823c-b941445dc361>
Affected Software: MStore API CVE ID: CVE-2023-50878 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9d32bda7-2d2d-4364-8ac9-e32950f889ed>
Affected Software: Add Any Extension to Pages CVE ID: CVE-2023-50873 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9f49e727-cac4-4a46-b649-5ca48d5e2402>
Affected Software: Image Optimizer, Resizer and CDN – Sirv CVE ID: CVE-2023-50898 CVSS Score: 4.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4a67ec6-ee13-4532-8213-d17dbf5f2c55>
Affected Software: Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site CVE ID: CVE-2023-52177 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4c8d390-145a-4926-99e9-b386dfe5e6ac>
Affected Software: Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan CVE ID: CVE-2023-50858 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a8ae5712-09a8-45a4-9f79-3e5b7786e652>
Affected Software: NEX-Forms – Ultimate Form Builder – Contact forms and much more CVE ID: CVE-2023-52120 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a9b45e9b-57a6-4bfd-b9e4-d07780370f02>
Affected Software: Split Test For Elementor CVE ID: CVE-2023-51407 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/be23388e-9371-4ea0-974b-80f76de90012>
Affected Software: Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation CVE ID: CVE-2023-51530 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c89a8001-ab50-466c-aa51-62c0ff5f86dc>
Affected Software: WP Job Portal – A Complete Job Board CVE ID: CVE-2023-52184 CVSS Score: 4.3 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d0aa1fad-1ff4-4bc5-a584-99b528470990>
Affected Software: SureFeedback Client Site CVE ID: CVE-2023-51376 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d484500f-c8c1-4278-8a38-82a7fd5674f9>
Affected Software: Slider by Soliloquy – Responsive Image Slider for WordPress CVE ID: CVE-2023-51519 CVSS Score: 4.3 (Medium) Researcher/s: Abdi Pranata Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d6331b42-f15b-46c6-b8bd-7f65c28c4a12>
Affected Software: Awesome Support – WordPress HelpDesk & Support Plugin CVE ID: CVE-2023-51538 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d69915e9-af9b-4c07-ac43-21c6e350c3c4>
Affected Software: Advanced Category Template CVE ID: CVE-2023-50835 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/da09b158-3626-455b-b3bc-b1109d0fab2e>
Affected Software: NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images CVE ID: CVE-2023-52121 CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/daa30370-0d11-45b7-8ca3-b2a3b9046127>
Affected Software: Crowdsignal Dashboard – Polls, Surveys & more CVE ID: CVE-2023-51489 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e03390e5-5604-4b9d-ab1b-dac2b19270cd>
Affected Software: Strong Testimonials CVE ID: CVE-2023-52123 CVSS Score: 4.3 (Medium) Researcher/s: Brandon James Roldan (tomorrowisnew) Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e0ccdc0d-7c38-4dd3-be39-2359d63b2b6c>
Affected Software: Eazy Plugin Manager – Powerful Plugin Management Solution for WordPress CVE ID: CVE-2023-51482 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e214fadf-73fd-430f-8608-6630ce82b78c>
Affected Software: Ultimate Addons for WPBakery CVE ID: CVE-2023-51402 CVSS Score: 4.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ece4eca1-9dc1-4f17-92e4-8b2e3e1a7306>
Affected Software: Product Table by WBW CVE ID: CVE-2023-51512 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/eff03dbc-1bb7-4a72-b57c-f1bde966c286>
Affected Software: Customize My Account for WooCommerce CVE ID: CVE-2023-51369 CVSS Score: 4.3 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f79f9385-f8d1-44a0-9e53-7576a9453163>
Affected Software: Product Feed Manager – WooCommerce to Google Shopping, Social Catalogs, and 170+ Popular Marketplaces CVE ID: CVE-2023-52144 CVSS Score: 2.7 (Low) Researcher/s: Muhammad Daffa Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7a20b65a-6d3a-41fc-80c5-94cce0459a6b>
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (December 18, 2023 to December 31, 2023) appeared first on Wordfence.