Chloe ChamberlandWORDFENCE:FC9E4C7F7F6FDE6E5E84F231807FB449Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023)
0.002 Low
EPSS
Percentile
55.0%
Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface and vulnerability API are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
_Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published. _
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Unpatched | 2 |
| Patched | 27 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Low Severity | 0 |
| Medium Severity | 19 |
| High Severity | 7 |
| Critical Severity | 3 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 11 |
| Improper Privilege Management | 4 |
| Cross-Site Request Forgery (CSRF) | 3 |
| Improper Control of Generation of Code ('Code Injection') | 3 |
| Missing Authorization | 2 |
| Information Exposure | 2 |
| Authentication Bypass Using an Alternate Path or Channel | 1 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 1 |
| Use of Less Trusted Source | 1 |
| Unrestricted Upload of File with Dangerous Type | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| Lana Codes | |
| (Wordfence Vulnerability Researcher) | 5 |
| Dmitriy | 1 |
| DoYeon Park | 1 |
| Bob Matyas | 1 |
| Marc-Alexandre Montpas | 1 |
| Rafie Muhammad | 1 |
| Dmitrii Ignatyev | 1 |
| Erwan LR | 1 |
| Daniel Ruf | 1 |
| MyungJu Kim | 1 |
| Pallab Jyoti Borah | 1 |
| Sayandeep Dutta | 1 |
| Vikas Kumawat | 1 |
| Satoo Nakano | 1 |
| Ryotaro Imamura | 1 |
| Vincenzo Turturro | 1 |
| Gianluca Parisi | 1 |
| Vincenzo Cantatore | 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Advanced Custom Fields (ACF) | advanced-custom-fields |
| Booster for WooCommerce | woocommerce-jetpack |
| Bus Ticket Booking with Seat Reservation | bus-ticket-booking-with-seat-reservation |
| Duplicate Post | copy-delete-posts |
| FormCraft β Contact Form Builder for WordPress | formcraft-form-builder |
| Guest posting / Frontend Posting wordpress plugin β WP Front User Submit / Front Editor | front-editor |
| Import All Pages, Post types, Products, Orders, and Users as XML & CSV | wp-ultimate-csv-importer |
| JetElements | jet-elements |
| Media from FTP | media-from-ftp |
| MultiParcels Shipping For WooCommerce | multiparcels-shipping-for-woocommerce |
| Order Delivery Date for WooCommerce | order-delivery-date-for-woocommerce |
| PostX β Gutenberg Post Grid Blocks | ultimate-post |
| Shop as a Customer for WooCommerce | shop-as-a-customer-for-woocommerce |
| Short URL | shorten-url |
| Simple Blog Card | simple-blog-card |
| Simple Share Follow Button | simple-share-follow-button |
| Simple Ticker | simple-ticker |
| Stripe Payment Plugin for WooCommerce | payment-gateway-stripe-and-woocommerce-integration |
| Subscribers Text Counter | subscribers-text-counter |
| TI WooCommerce Wishlist | ti-woocommerce-wishlist |
| Upload Media By URL | upload-media-by-url |
| User Access Manager | user-access-manager |
| WordPress Job Board and Recruitment Plugin β JobWP | jobwp |
| wpShopGermany β Protected Shops | wpshopgermany-protectedshops |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you shouldβve already been notified if your site was affected by any of these vulnerabilities.
Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass
Affected Software: Stripe Payment Plugin for WooCommerce CVE ID: CVE-2023-3162 CVSS Score: 9.8 (Critical) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b>
TI WooCommerce Wishlist <= 2.7.3 - Unauthenticated Blind SQL Injection via Rest API
Affected Software: TI WooCommerce Wishlist CVE ID: CVE Unknown CVSS Score: 9.8 (Critical) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/82420667-9ba6-46ed-9a53-d16850755bb9>
WordPress Job Board and Recruitment Plugin β JobWP <= 2.0 - Arbitrary File Upload via 'jobwp_upload_resume'
Affected Software: WordPress Job Board and Recruitment Plugin β JobWP CVE ID: CVE-2023-29384 CVSS Score: 9.8 (Critical) Researcher/s: MyungJu Kim Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/88f4c567-eb57-4f98-afdc-65f8863b90c3>
Shop as a Customer for WooCommerce <= 1.2.3 - Authenticated (Shop Manager+) Privilege Escalation
Affected Software: Shop as a Customer for WooCommerce CVE ID: CVE Unknown CVSS Score: 8.8 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3c730a69-015a-4b36-aa16-eff6916a302f>
Shop as a Customer for WooCommerce <= 1.1.7 - Authenticated (Subscriber+) Privilege Escalation
Affected Software: Shop as a Customer for WooCommerce CVE ID: CVE Unknown CVSS Score: 8.8 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6d041edb-70f3-4894-8a78-f6881541054c>
JetElements <= 2.6.10 - Authenticated (Contributor+) Remote Code Execution
Affected Software: JetElements CVE ID: CVE-2023-39157 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/73fca37e-c6cf-420c-b984-3ef89acf3216>
WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution
Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV CVE ID: CVE-2023-4141 CVSS Score: 8 (High) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b4fe8b1f-da1c-4f94-9ab4-272766b488c3>
WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution
Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV CVE ID: CVE-2023-4142 CVSS Score: 8 (High) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/db1bad2e-55df-40c5-9a3f-651858a19b42>
WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing
Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV CVE ID: CVE-2023-4139 CVSS Score: 7.5 (High) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6404476e-0c32-4f8e-882f-6a1785ba5748>
Booster for WooCommerce 7.0.0 - Authenticated (Shop Manager+) Missing Authorization to Arbitrary Options Update
Affected Software: Booster for WooCommerce CVE ID: CVE Unknown CVSS Score: 7.2 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0903bd2b-240f-4791-bfa6-f727d193af4a>
WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation
Affected Software: Import All Pages, Post types, Products, Orders, and Users as XML & CSV CVE ID: CVE-2023-4140 CVSS Score: 6.6 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5fdba41f-daa5-44e8-bc47-aa8b7bd31054>
Upload Media By URL <= 1.0.7 - Cross-Site Request Forgery via 'umbu_download'
Affected Software: Upload Media By URL CVE ID: CVE-2023-3720 CVSS Score: 6.5 (Medium) Researcher/s: Dmitriy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/18a0b8f2-4512-46a5-92a6-66d375c986dd>
Simple Ticker <= 3.05 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Affected Software: Simple Ticker CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/162595bb-d41b-4dfd-bfda-3a1e5794eaaf>
Simple Blog Card <= 1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Affected Software: Simple Blog Card CVE ID: CVE-2023-4035 CVSS Score: 6.4 (Medium) Researcher/s: Dmitrii Ignatyev Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/78f6d878-6ba8-4d80-9c9b-1a363d6aaed5>
Simple Share Follow Button <= 1.03 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Affected Software: Simple Share Follow Button CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ed98d335-16f9-4be8-bace-06e2b5db4cb9>
Media from FTP <= 11.15 - Improper Privilege Management
Affected Software: Media from FTP CVE ID: CVE Unknown CVSS Score: 6.3 (Medium) Researcher/s: Marc-Alexandre Montpas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5f9cf9c5-d836-4414-a53f-adee2784bd96>
Duplicate Post <= 1.4.1 - Cross-Site Request Forgery via 'cdp_action_handling' AJAX action
Affected Software: Duplicate Post CVE ID: CVE Unknown CVSS Score: 6.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a8c8d839-d2a4-4b2a-ad61-a3cda7826636>
PostX - Gutenberg Post Grid Blocks <= 3.0.5 - Reflected Cross-Site Scripting via 'postx_type'
Affected Software: PostX β Gutenberg Post Grid Blocks CVE ID: CVE-2023-3992 CVSS Score: 6.1 (Medium) Researcher/s: Bob Matyas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5ab2e2ae-6f46-4815-a2d2-407767bfaba8>
MultiParcels Shipping For WooCommerce <= 1.15.3 - Reflected Cross-Site Scripting
Affected Software: MultiParcels Shipping For WooCommerce CVE ID: CVE-2023-3954 CVSS Score: 6.1 (Medium) Researcher/s: Erwan LR Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/83a3f61c-2385-456f-bca3-6d3f3ffd9694>
Order Delivery Date for WooCommerce <= 3.20.0 - Reflected Cross-Site Scripting via 'orddd_lite_custom_startdate' and 'orddd_lite_custom_enddate'
Affected Software: Order Delivery Date for WooCommerce CVE ID: CVE Unknown CVSS Score: 6.1 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9719d083-cc7c-4655-a4c4-f5370cfe76e0>
Short URL <= 1.6.7 - Missing Authorization via multiple AJAX functions
Affected Software: Short URL CVE ID: CVE Unknown CVSS Score: 6.1 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dcd05142-9700-46a8-9ca6-f85e81dfee0d>
Bus Ticket Booking with Seat Reservation <= 5.2.3 - Reflected Cross-Site Scripting
Affected Software: Bus Ticket Booking with Seat Reservation CVE ID: CVE-2023-4067 CVSS Score: 6.1 (Medium) Researcher/s: Vincenzo Turturro, Gianluca Parisi, Vincenzo Cantatore Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ff2855cb-e4a8-4412-af24-4cee03ae2d43>
User Access Manager <= 2.2.16 - IP Spoofing
Affected Software: User Access Manager CVE ID: CVE-2022-1601 CVSS Score: 5.3 (Medium) Researcher/s: Daniel Ruf Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/88c5752c-ef4e-4343-810e-ecf1f33d3538>
wpShopGermany - Protected Shops <= 2.0 - Authenticated(Administrator+) Stored Cross-Site Scripting
Affected Software: wpShopGermany β Protected Shops CVE ID: CVE-2023-39919 CVSS Score: 4.4 (Medium) Researcher/s: DoYeon Park Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/21cc5aec-ab5f-412b-aed0-bb41584a84cf>
FormCraft <= 1.2.6 - Authenticated (Admin+) Stored Cross-Site Scripting
Affected Software: FormCraft β Contact Form Builder for WordPress CVE ID: CVE-2023-3501 CVSS Score: 4.4 (Medium) Researcher/s: Sayandeep Dutta Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c17967a4-20df-4b23-973f-591a0caeea39>
Guest posting / Frontend Posting wordpress plugin β WP Front User Submit / Front Editor <= 4.0.4 - Authenticated(Administrator+) Stored Cross-Site Scripting
Affected Software: Guest posting / Frontend Posting wordpress plugin β WP Front User Submit / Front Editor CVE ID: CVE-2023-1982 CVSS Score: 4.4 (Medium) Researcher/s: Vikas Kumawat Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dfea441c-2e77-47fa-8f6e-8d17d0c90ebe>
Advanced Custom Fields <= 6.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
Affected Software: Advanced Custom Fields (ACF) CVE ID: CVE Unknown CVSS Score: 4.4 (Medium) Researcher/s: Satoo Nakano, Ryotaro Imamura Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f412bdb0-953d-4375-85c2-b87f3aa77d60>
Simple Blog Card <= 1.31 - Sensitive Information Exposure
Affected Software: Simple Blog Card CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/36cec19a-4631-4ada-b37a-f4b2dc264096>
Subscribers Text Counter <= 1.7 - Cross-Site Request Forgery to Settings Update and Cross-Site Scripting
Affected Software: Subscribers Text Counter CVE ID: CVE-2023-3356 CVSS Score: 4.3 (Medium) Researcher/s: Pallab Jyoti Borah Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a548e71f-4f36-4a29-8293-474e119f09cc>
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfenceβs highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023) appeared first on Wordfence.
Related
