Last week, there were 116 vulnerabilities disclosed in 88 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 35 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface and vulnerability API are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.
_Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published. _
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Patch Status | Number of Vulnerabilities |
---|---|
Unpatched | 68 |
Patched | 48 |
Severity Rating | Number of Vulnerabilities |
---|---|
Low Severity | 3 |
Medium Severity | 93 |
High Severity | 16 |
Critical Severity | 4 |
Vulnerability Type by CWE | Number of Vulnerabilities |
---|---|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 36 |
Cross-Site Request Forgery (CSRF) | 35 |
Missing Authorization | 22 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 6 |
Improper Input Validation | 2 |
Improper Authorization | 2 |
Authorization Bypass Through User-Controlled Key | 2 |
Authentication Bypass Using an Alternate Path or Channel | 2 |
URL Redirection to Untrusted Site ('Open Redirect') | 1 |
Improper Privilege Management | 1 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 1 |
Insufficient Verification of Data Authenticity | 1 |
Server-Side Request Forgery (SSRF) | 1 |
Use of Less Trusted Source | 1 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 1 |
Deserialization of Untrusted Data | 1 |
Improper Control of Generation of Code ('Code Injection') | 1 |
Researcher Name | Number of Vulnerabilities |
---|---|
Lana Codes | |
(Wordfence Vulnerability Researcher) | 22 |
Jonas Höbenreich | 13 |
Mika | 7 |
Rafie Muhammad | 7 |
yuyudhn | 6 |
LEE SE HYOUNG | 6 |
thiennv | 6 |
Alex Thomas | |
(Wordfence Vulnerability Researcher) | 4 |
Yuki Haruma | 3 |
Ramuel Gall | |
(Wordfence Vulnerability Researcher) | 2 |
Dave Jong | 2 |
Rafshanzani Suhada | 2 |
Nguyen Xuan Chien | 2 |
Rio Darmawan | 2 |
Dongzhu Li | 2 |
Emili Castells | 2 |
Jerome Bruandet | 2 |
Juampa Rodríguez | 1 |
Le Hong Minh | 1 |
Justiice | 1 |
Skalucy | 1 |
Elliot | 1 |
40826d | 1 |
Francesco Carlucci | 1 |
konagash | 1 |
TomS | 1 |
Hamed | 1 |
Le Ngoc Anh | 1 |
Miguel Neto | 1 |
TaeEun Lee | 1 |
Vinay Kumar | 1 |
Marco Wotschka | |
(Wordfence Vulnerability Researcher) | 1 |
Taihei Shimamine | 1 |
minhtuanact | 1 |
Mateus Machado Tesser | 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
Software Name | Software Slug |
---|---|
Ajax Pagination and Infinite Scroll | malinky-ajax-pagination |
B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More | b2bking-wholesale-for-woocommerce |
BBS e-Popup | bbs-e-popup |
Blog-in-Blog | blog-in-blog |
Brizy – Page Builder | brizy |
CRM Perks Forms – WordPress Form Builder | crm-perks-forms |
CRM and Lead Management by vcita | crm-customer-relationship-management-by-vcita |
Call Now Accessibility Button | accessibility-help-button |
Call Now Icon Animate | call-now-icon-animate |
Cart2Cart: Magento to WooCommerce Migration | cart2cart-magento-to-woocommerce-migration |
Change WooCommerce Add To Cart Button Text | change-woocommerce-add-to-cart-button-text |
Chilexpress woo oficial | chilexpress-oficial |
Complianz – GDPR/CCPA Cookie Consent | complianz-gdpr |
Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping | advanced-free-flat-shipping-woocommerce |
Constant Contact Forms | constant-contact-forms |
Contact Form Builder by vcita | contact-form-with-a-meeting-scheduler-by-vcita |
Contact Form and Calls To Action by vcita | lead-capturing-call-to-actions-by-vcita |
Custom Login Page | Temporary Users |
Directorist – WordPress Business Directory Plugin with Classified Ads Listings | directorist |
Disable WordPress Update Notifications and auto-update Email Notifications | disable-update-notifications |
Display post meta, term meta, comment meta, and user meta | display-metadata |
Donation Platform for WooCommerce: Fundraising & Donation Management | wc-donation-platform |
Download Monitor | download-monitor |
Dynamic QR Code Generator | dynamic-qr-code-generator |
Dynamic Visibility for Elementor | dynamic-visibility-for-elementor |
Event Registration Calendar By vcita | event-registration-calendar-by-vcita |
Extended Post Status | extended-post-status |
Favorites | favorites |
File Manager Advanced Shortcode WordPress | file-manager-advanced-shortcode |
Floating Action Button | floating-action-button |
Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder | formidable |
GDPR Cookie Consent Notice Box | cookie-consent-box |
Google Fonts For WordPress | free-google-fonts |
Gravityforms | gravityforms |
Headless CMS | headless-cms |
Interactive Image Map Plugin – Draw Attention | draw-attention |
JS Job Manager | js-jobs |
Jetpack – WP Security, Backup, Speed, & Growth | jetpack |
Kanban Boards for WordPress | kanban |
Kebo Twitter Feed | kebo-twitter-feed |
LH Password Changer | lh-password-changer |
LWS Hide Login | lws-hide-login |
Login Configurator | login-configurator |
Nested Pages | wp-nested-pages |
Online Booking & Scheduling Calendar for WordPress by vcita | meeting-scheduler-by-vcita |
Online Payments – Get Paid with PayPal, Square & Stripe | paypal-payment-button-by-vcita |
Page Builder with Image Map by AZEXO | page-builder-by-azexo |
Photo Gallery by 10Web – Mobile-Friendly Image Gallery | photo-gallery |
Quick/Bulk Order Form for WooCommerce | woocommerce-bulk-order-form |
ReviewX – Multi-criteria Rating & Reviews for WooCommerce | reviewx |
Social Media Share Buttons & Social Sharing Icons | ultimate-social-media-icons |
Social Share, Social Login and Social Comments Plugin – Super Socializer | super-socializer |
SpamReferrerBlock | spamreferrerblock |
TPG Redirect | tpg-redirect |
TS Webfonts for さくらのレンタルサーバ | ts-webfonts-for-sakura |
Telegram Bot & Channel | telegram-bot |
Tutor LMS – eLearning and online course solution | tutor |
Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | ultimate-member |
Uncanny Toolkit for LearnDash | uncanny-learndash-toolkit |
Unite Gallery Lite | unite-gallery-lite |
User Email Verification for WooCommerce | woo-confirmation-email |
VK Blocks | vk-blocks |
WOLF – WordPress Posts Bulk Editor and Manager Professional | bulk-editor |
WP Directory Kit | wpdirectorykit |
WP ERP | Complete HR solution with recruitment & job listings |
WP Full Auto Tags Manager | wp-full-auto-tags-manager |
WP Hide Post | wp-hide-post |
WP Inventory Manager | wp-inventory-manager |
WP Report Post | wp-report-post |
WP User Switch | wp-user-switch |
WP-Cache.com | wp-cachecom |
WP-Cirrus | wp-cirrus |
WPC Smart Wishlist for WooCommerce | woo-smart-wishlist |
Web Directory Free | web-directory-free |
WooCommerce Box Office | woocommerce-box-office |
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce | cartflows |
Woocommerce Order address Print | woocommerce-order-address-print |
WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg |
WordPress NextGen GalleryView | wordpress-nextgen-galleryview |
WordPress Online Booking and Scheduling Plugin – Bookly | bookly-responsive-appointment-booking-tool |
WordPress Social Login | wordpress-social-login |
Wordapp | wordapp |
Worthy – VG WORT Integration für WordPress | wp-worthy |
Yandex Metrica Counter | counter-yandex-metrica |
bbPress Toolkit | bbp-toolkit |
bbp style pack | bbp-style-pack |
premium-addons-pro | premium-addons-pro |
wpForo Forum | wpforo |
Software Name | Software Slug |
---|---|
HashOne | hashone |
Viral | viral |
Viral News | [viral-news](<https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/Viral News>) |
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.
Affected Software: Wordapp CVE ID: CVE-2023-2987 CVSS Score: 9.8 (Critical) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/80440bfa-4a02-4441-bbdb-52d7dd065a9d>
Affected Software: Tutor LMS – eLearning and online course solution CVE ID: CVE-2023-25700 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9dfee325-9001-4483-b3eb-846da0314529>
Affected Software: Gravityforms CVE ID: CVE-2023-28782 CVSS Score: 9.8 (Critical) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dc1e5fb7-92d0-4e7f-9b1b-15673e3b852a>
Affected Software: File Manager Advanced Shortcode WordPress CVE ID: CVE-2023-2068 CVSS Score: 9.8 (Critical) Researcher/s: Mateus Machado Tesser Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ea40d06e-672c-42db-9378-d382de5838d4>
Affected Software: Directorist – WordPress Business Directory Plugin with Classified Ads Listings CVE ID: CVE-2023-1888 CVSS Score: 8.8 (High) Researcher/s: Alex Thomas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/01943559-e05b-4dca-b322-d880b2729ee7>
Affected Software: Custom Login Page | Temporary Users | Rebrand Login | Login Captcha CVE ID: CVE-2023-2549 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/12560b8e-9c47-4f7f-ac9c-d86f17914ba3>
Affected Software: Tutor LMS – eLearning and online course solution CVE ID: CVE-2023-25800 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2a64b1ff-0d3f-42fa-bab2-4f31bb8f0476>
Affected Software: ReviewX – Multi-criteria Rating & Reviews for WooCommerce CVE ID: CVE-2023-2833 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/70e1d701-2cff-4793-9e4c-5b16a4038e8d>
Affected Software: Tutor LMS – eLearning and online course solution CVE ID: CVE-2023-25990 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7d623512-ee99-4a73-a752-ecbb6ad96b63>
Affected Software: wpForo Forum CVE ID: CVE-2023-2249 CVSS Score: 8.8 (High) Researcher/s: Hamed Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb>
Affected Software: Web Directory Free CVE ID: CVE-2023-2201 CVSS Score: 8.8 (High) Researcher/s: Marco Wotschka Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d831fa81-4714-4757-b75d-0a8f5edda910>
Affected Software: WP User Switch CVE ID: CVE-2023-2546 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e89d912d-fa7a-4fb1-8872-95fa861c21ca>
Affected Software: Custom Login Page | Temporary Users | Rebrand Login | Login Captcha CVE ID: CVE-2023-2545 CVSS Score: 8.1 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b2ab2178-7438-43ef-961e-b54d0d230f4a>
Affected Software: User Email Verification for WooCommerce CVE ID: CVE-2023-2781 CVSS Score: 8.1 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f1e31357-7fbc-414b-a4f4-53fa5f2fc715>
Affected Software: bbPress Toolkit CVE ID: CVE-2023-34032 CVSS Score: 7.2 (High) Researcher/s: thiennv Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/11305d35-07d6-4c61-a0c7-035671229f07>
Affected Software: Online Booking & Scheduling Calendar for WordPress by vcita CVE ID: CVE-2023-2298 CVSS Score: 7.2 (High) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7e6a0bf9-4767-4d4c-9a1e-adcb3c7719d9>
Affected Software: WP Report Post CVE ID: CVE-2023-34168 CVSS Score: 7.2 (High) Researcher/s: Mika Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8dae13e5-cee7-4392-af71-7d466ba6f6c4>
Affected Software: WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg CVE ID: CVE-2023-34179 CVSS Score: 7.2 (High) Researcher/s: Rafshanzani Suhada Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b4f2554d-c047-4be2-a4e6-2ae51f077376>
Affected Software: Blog-in-Blog CVE ID: CVE-2023-2435 CVSS Score: 7.2 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d53161ad-cc5f-4433-b288-a8095cdfd7db>
Affected Software: Cart2Cart: Magento to WooCommerce Migration CVE ID: CVE-2023-34379 CVSS Score: 7.1 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5d9ab83f-6d0b-4fe4-a121-87b09dcc0953>
Affected Software: Headless CMS CVE ID: CVE-2023-34186 CVSS Score: 6.5 (Medium) Researcher/s: Yuki Haruma Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2d1414f5-e705-4fd4-847b-b46d2d20943b>
Affected Software: Jetpack – WP Security, Backup, Speed, & Growth CVE ID: CVE-2023-2996 CVSS Score: 6.5 (Medium) Researcher/s: Miguel Neto Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9dfca4cb-71dc-4b2d-bcf3-0ca9f88f88df>
Affected Software: B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More CVE ID: CVE-2023-3125 CVSS Score: 6.5 (Medium) Researcher/s: Jerome Bruandet Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b3f2c4c3-73d6-4b3b-8eb3-c494f52dc183>
Affected Software: Directorist – WordPress Business Directory Plugin with Classified Ads Listings CVE ID: CVE-2023-1889 CVSS Score: 6.5 (Medium) Researcher/s: Alex Thomas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b47edd57-cac7-463f-88cc-8922f1b34612>
Affected Software: Uncanny Toolkit for LearnDash CVE ID: CVE-2023-34019 CVSS Score: 6.5 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cdaa7450-3b51-470d-8903-52fd1d4215a2>
Affected Software: Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder CVE ID: CVE Unknown CVSS Score: 6.5 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d9f060bd-029a-462e-b308-8366e82be383>
Affected Software: Contact Form Builder by vcita CVE ID: CVE-2023-2300 CVSS Score: 6.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/12ce97ba-8053-481f-bcd7-05d5e8292adb>
Affected Software/s: Event Registration Calendar By vcita, Online Payments – Get Paid with PayPal, Square & Stripe CVE ID: CVE-2023-2406 CVSS Score: 6.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1ab05954-9999-43ff-8e3c-a987e2da1956>
Affected Software: Page Builder with Image Map by AZEXO CVE ID: CVE-2023-3051 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/24486605-9324-4f19-9ca3-340d006432db>
Affected Software: WooCommerce Box Office CVE ID: CVE-2023-34004 CVSS Score: 6.4 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3ebd05d5-a65d-49df-a865-882e9d17fc0f>
Affected Software: Contact Form and Calls To Action by vcita CVE ID: CVE-2023-2302 CVSS Score: 6.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4dfc237a-9157-4da9-ba8f-9daf2ba4f20b>
Affected Software: Favorites CVE ID: CVE-2023-2304 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5bd03cd0-34f0-491c-8247-79656eba32a8>
Affected Software: Display post meta, term meta, comment meta, and user meta CVE ID: CVE-2023-1661 CVSS Score: 6.4 (Medium) Researcher/s: Francesco Carlucci Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6f90c0d8-ede6-4f24-870f-19e888238e93>
Affected Software: CRM and Lead Management by vcita CVE ID: CVE-2023-2404 CVSS Score: 6.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e26ccd06-22e0-4d91-a53a-df6ead8a8e3b>
Affected Software: Page Builder with Image Map by AZEXO CVE ID: CVE-2023-3052 CVSS Score: 6.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4e26035-ce4e-4b4b-aa3c-cd86b29b199a>
Affected Software: Chilexpress woo oficial CVE ID: CVE-2023-34176 CVSS Score: 6.1 (Medium) Researcher/s: Le Hong Minh Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0999a738-9fae-4043-99eb-ff222a7608fa>
Affected Software: CRM and Lead Management by vcita CVE ID: CVE-2023-2405 CVSS Score: 6.1 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0f75c6bf-1b93-49d5-b5fb-e59b4e67432f>
Affected Software/s: Event Registration Calendar By vcita, Online Payments – Get Paid with PayPal, Square & Stripe CVE ID: CVE-2023-2407 CVSS Score: 6.1 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/207b40fa-2062-48d6-990b-f05cbbf8fb8e>
Affected Software: Contact Form Builder by vcita CVE ID: CVE-2023-2303 CVSS Score: 6.1 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2345c972-9fd4-4709-8bde-315ab54f60e2>
Affected Software: Woocommerce Order address Print CVE ID: CVE-2023-34184 CVSS Score: 6.1 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2bbf4e86-308c-43f3-a54c-e1c6ee21260e>
Affected Software: Page Builder with Image Map by AZEXO CVE ID: CVE-2023-3055 CVSS Score: 6.1 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2efeffa2-b21a-4aa1-93b0-51c775758ab1>
Affected Software: bbp style pack CVE ID: CVE-2023-33997 CVSS Score: 6.1 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/49e82146-e8ad-4bc5-94a7-a4ae694b7039>
Affected Software: Contact Form Builder by vcita CVE ID: CVE-2023-2301 CVSS Score: 6.1 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/61c39f5f-3b17-4e4d-824e-241159a73400>
Affected Software: Social Share, Social Login and Social Comments Plugin – Super Socializer CVE ID: CVE-2023-2779 CVSS Score: 6.1 (Medium) Researcher/s: 40826d Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6257739a-cd7c-4797-882a-016a01fe84b4>
Affected Software: Dynamic QR Code Generator CVE ID: CVE-2023-34022 CVSS Score: 6.1 (Medium) Researcher/s: thiennv Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/65f30cd4-1d47-4ebe-a6de-acdb3a813c9c>
Affected Software: WP Directory Kit CVE ID: CVE-2023-2835 CVSS Score: 6.1 (Medium) Researcher/s: Dongzhu Li Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/847f1c00-0e8f-4d38-84af-fe959e2efe5c>
Affected Software: BBS e-Popup CVE ID: CVE-2023-34174 CVSS Score: 6.1 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8f715947-e379-4a05-9ab8-5d9e94ffc136>
Affected Software: premium-addons-pro CVE ID: CVE-2023-34012 CVSS Score: 6.1 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9445a54c-06b9-400a-a8ae-a58f1b968196>
Affected Software: Google Fonts For WordPress CVE ID: CVE-2023-34180 CVSS Score: 6.1 (Medium) Researcher/s: Le Ngoc Anh Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/94712f92-5045-420b-9d6d-59a4c031e998>
Affected Software: Login Configurator CVE ID: CVE-2023-34175 CVSS Score: 6.1 (Medium) Researcher/s: thiennv Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b89a1265-6e26-498c-a2b4-da12d38463c9>
Affected Software: WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting CVE ID: CVE-2023-34008 CVSS Score: 6.1 (Medium) Researcher/s: minhtuanact Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e5863e9b-3f98-41ea-97ed-26563493cffd>
Affected Software: Blog-in-Blog CVE ID: CVE-2023-2436 CVSS Score: 5.5 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5c6a88c3-18b7-470f-8014-373ead66dcfa>
Affected Software: Quick/Bulk Order Form for WooCommerce CVE ID: CVE-2023-34170 CVSS Score: 5.5 (Medium) Researcher/s: Emili Castells Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/898af9aa-72c4-46a6-afc2-76dd17672fbc>
Affected Software: Download Monitor CVE ID: CVE-2023-31219 CVSS Score: 5.5 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a03f0780-796c-41a3-8f06-04f76e0da2da>
Affected Software: JS Job Manager CVE ID: CVE-2023-31087 CVSS Score: 5.4 (Medium) Researcher/s: Yuki Haruma Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0131921b-6f60-4da1-b5d9-d44a33d35cae>
Affected Software: WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg CVE ID: CVE-2023-34178 CVSS Score: 5.4 (Medium) Researcher/s: Rafshanzani Suhada Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/22506d45-40db-47c4-91b2-ab4f49703bf9>
Affected Software: Online Booking & Scheduling Calendar for WordPress by vcita CVE ID: CVE-2023-2414 CVSS Score: 5.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3c99aab5-a995-44ae-bc14-09f73e6b22c5>
Affected Software: Dynamic Visibility for Elementor CVE ID: CVE Unknown CVSS Score: 5.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4e704333-ad88-42c9-b632-babc9d54cb13>
Affected Software: Custom Login Page | Temporary Users | Rebrand Login | Login Captcha CVE ID: CVE-2023-2547 CVSS Score: 5.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5d58a6a4-de2c-485f-a8b0-7a7d144fbf3c>
Affected Software: Online Booking & Scheduling Calendar for WordPress by vcita CVE ID: CVE-2023-2415 CVSS Score: 5.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/731cbeed-d4aa-448f-878a-8c51a3da4e18>
Affected Software: Worthy – VG WORT Integration für WordPress CVE ID: CVE-2023-24417 CVSS Score: 5.4 (Medium) Researcher/s: yuyudhn Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7717cd0f-6aac-4cb0-b27e-2517d5d7ecd9>
Affected Software: Extended Post Status CVE ID: CVE-2023-32094 CVSS Score: 5.4 (Medium) Researcher/s: TaeEun Lee Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b6369b41-d93f-4959-8fad-be69ef724b24>
Affected Software: Change WooCommerce Add To Cart Button Text CVE ID: CVE-2023-34376 CVSS Score: 5.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d47f5d90-dc7d-4500-a6e6-e585e4a5c11b>
Affected Software: Page Builder with Image Map by AZEXO CVE ID: CVE-2023-3053 CVSS Score: 5.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dd56cb73-1c40-44b1-b713-c0291832d988>
Affected Software: WordPress Social Login CVE ID: CVE-2023-34023 CVSS Score: 5.4 (Medium) Researcher/s: Nguyen Xuan Chien Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e8b03deb-4134-4dde-8545-a14977a47209>
Affected Software: Online Booking & Scheduling Calendar for WordPress by vcita CVE ID: CVE-2023-2416 CVSS Score: 5.4 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f434585c-8533-4788-b0bc-5650390c29a8>
Affected Software: Online Booking & Scheduling Calendar for WordPress by vcita CVE ID: CVE-2023-2299 CVSS Score: 5.3 (Medium) Researcher/s: Jonas Höbenreich Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4855627a-de56-49ee-b0b0-01b9735d8557>
Affected Software: WooCommerce Box Office CVE ID: CVE-2023-34003 CVSS Score: 5.3 (Medium) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8872eca8-4812-4f5f-b775-cbfab90ba2ca>
Affected Software: Call Now Accessibility Button CVE ID: CVE-2023-28933 CVSS Score: 4.4 (Medium) Researcher/s: Juampa Rodríguez Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/04df6505-46c1-4e66-a363-4ccebacb5e42>
Affected Software: Yandex Metrica Counter CVE ID: CVE-2023-34173 CVSS Score: 4.4 (Medium) Researcher/s: yuyudhn Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/173661aa-6895-41d6-8869-6abfd2eadf31>
Affected Software: Unite Gallery Lite CVE ID: CVE-2023-34183 CVSS Score: 4.4 (Medium) Researcher/s: yuyudhn Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/577d8986-edc5-445f-80cf-7a7f2cca9749>
Affected Software: SpamReferrerBlock CVE ID: CVE-2023-34372 CVSS Score: 4.4 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/692e995d-cdfc-4ab8-8a8a-5423eb7f8d15>
Affected Software: Telegram Bot & Channel CVE ID: CVE-2023-34006 CVSS Score: 4.4 (Medium) Researcher/s: yuyudhn Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6eb099c3-f6f6-4d9c-a9c7-fa1b81ce082e>
Affected Software: Kanban Boards for WordPress CVE ID: CVE-2023-34368 CVSS Score: 4.4 (Medium) Researcher/s: TomS Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7fe3e55e-7286-4d12-b24f-fce69248a446>
Affected Software: Call Now Icon Animate CVE ID: CVE-2023-34187 CVSS Score: 4.4 (Medium) Researcher/s: Rio Darmawan Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/82f5e976-2564-4f8b-96d5-cfac9945737c>
Affected Software: WordPress Social Login CVE ID: CVE-2023-34172 CVSS Score: 4.4 (Medium) Researcher/s: yuyudhn Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bc2c3bdb-65b9-4e0b-899f-bd08077bc8ba>
Affected Software: Quick/Bulk Order Form for WooCommerce CVE ID: CVE Unknown CVSS Score: 4.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d549fcd5-6808-4d7d-bf1f-df8cfa458744>
Affected Software: CRM Perks Forms – WordPress Form Builder CVE ID: CVE-2023-2836 CVSS Score: 4.4 (Medium) Researcher/s: Dongzhu Li Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/de11636b-a051-4e76-bc26-ed76f66fe0df>
Affected Software: GDPR Cookie Consent Notice Box CVE ID: CVE-2023-32294 CVSS Score: 4.4 (Medium) Researcher/s: Emili Castells Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f44b8e21-4bfd-487f-96f1-d264d335f54f>
Affected Software: TS Webfonts for さくらのレンタルサーバ CVE ID: CVE-2023-34169 CVSS Score: 4.3 (Medium) Researcher/s: yuyudhn Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/025d576b-7342-4863-ac30-f1ff0205d638>
Affected Software: WordPress NextGen GalleryView CVE ID: CVE-2023-34185 CVSS Score: 4.3 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/052ea3af-96d8-4e83-b4e7-3db30b556d0d>
Affected Software: WP Report Post CVE ID: CVE-2023-34171 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/09e28b72-55c6-4f2f-b689-a8989945651b>
Affected Software: Ajax Pagination and Infinite Scroll CVE ID: CVE-2023-34033 CVSS Score: 4.3 (Medium) Researcher/s: Justiice Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0bc7f5dd-a1eb-442d-9913-e391208e7f26>
Affected Software: VK Blocks CVE ID: CVE-2023-0583 CVSS Score: 4.3 (Medium) Researcher/s: Ramuel Gall Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/12a94f5b-bc30-4a65-b397-54488c836ec3>
Affected Software: Floating Action Button CVE ID: CVE-2023-31088 CVSS Score: 4.3 (Medium) Researcher/s: Yuki Haruma Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/14bf654e-c4f1-4267-811e-6d796c14834a>
Affected Software: Photo Gallery by 10Web – Mobile-Friendly Image Gallery CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1534f67d-cf3f-4185-9aa6-01ae5dee4f26>
Affected Software/s: Viral News, HashOne, Viral CVE ID: CVE-2023-33923 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/154a838c-f8bb-4568-b066-a78264c75eea>
Affected Software: Interactive Image Map Plugin – Draw Attention CVE ID: CVE-2023-2764 CVSS Score: 4.3 (Medium) Researcher/s: Alex Thomas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/18530601-a294-448c-a1b2-c3995f9042ac>
Affected Software: LH Password Changer CVE ID: CVE-2023-34182 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/19d08a16-51c1-4255-b0e0-01307e1783ca>
Affected Software: Social Media Share Buttons & Social Sharing Icons CVE ID: CVE-2023-34009 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1bfb5d34-738d-4842-be93-9668fceb3334>
Affected Software: Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping CVE ID: CVE-2023-34015 CVSS Score: 4.3 (Medium) Researcher/s: Skalucy Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/27b14c6e-44fe-4acb-8058-613f65b6baa4>
Affected Software: Donation Platform for WooCommerce: Fundraising & Donation Management CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3c8602ed-6c0d-4357-93e6-bab1ab38ffb2>
Affected Software: WP Hide Post CVE ID: CVE-2023-34378 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3c957f3f-fb98-49ff-b317-93b1accd0d47>
Affected Software: WP Full Auto Tags Manager CVE ID: CVE-2023-34024 CVSS Score: 4.3 (Medium) Researcher/s: Elliot Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/5bf209b8-7c12-4fc3-af7f-4fd25777caab>
Affected Software: WPC Smart Wishlist for WooCommerce CVE ID: CVE-2023-34386 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/655fc91d-5920-4214-8ef1-8191e2683f9d>
Affected Software: Disable WordPress Update Notifications and auto-update Email Notifications CVE ID: CVE-2023-34029 CVSS Score: 4.3 (Medium) Researcher/s: Rio Darmawan Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/658ba848-fbfe-4cee-b997-77bc4cae53dc>
Affected Software: Uncanny Toolkit for LearnDash CVE ID: CVE-2023-34020 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/66e5a569-1dd5-40e9-8356-d7c82c8e30ed>
Affected Software: WP-Cirrus CVE ID: CVE-2023-34181 CVSS Score: 4.3 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/710aa0fd-34e2-4f0e-b354-0722d9692410>
Affected Software: LWS Hide Login CVE ID: CVE-2023-34025 CVSS Score: 4.3 (Medium) Researcher/s: konagash Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7678b80f-3184-4979-b1f4-25cd75836010>
Affected Software: Constant Contact Forms CVE ID: CVE-2023-34387 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/85b6262c-2576-4177-a683-44464dba0978>
Affected Software: bbPress Toolkit CVE ID: CVE-2023-34031 CVSS Score: 4.3 (Medium) Researcher/s: thiennv Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8a9b2ec2-edbe-45c5-bd36-45a6101356d1>
Affected Software: WP Inventory Manager CVE ID: CVE-2023-34002 CVSS Score: 4.3 (Medium) Researcher/s: Mika Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/95986a4d-94fb-4afe-ba1e-382d6f4c550f>
Affected Software: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/97ced4ed-915b-4234-b59d-75db983f90e8>
Affected Software: WOLF – WordPress Posts Bulk Editor and Manager Professional CVE ID: CVE-2023-34028 CVSS Score: 4.3 (Medium) Researcher/s: thiennv Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/98dffc17-ac45-4ccd-ae57-96b36bd02be3>
Affected Software: Complianz – GDPR/CCPA Cookie Consent CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a92d5176-4cf0-4a31-9dcc-a2dc3259d29b>
Affected Software: VK Blocks CVE ID: CVE-2023-0584 CVSS Score: 4.3 (Medium) Researcher/s: Ramuel Gall Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b90b7f6c-df7f-48a5-b283-cf5facbd71e5>
Affected Software: B2BKing — Ultimate WooCommerce Wholesale and B2B Solution — Wholesale Order Form, Catalog Mode, Dynamic Pricing & More CVE ID: CVE-2023-3126 CVSS Score: 4.3 (Medium) Researcher/s: Jerome Bruandet Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d2e3ac14-1421-49f0-9c60-7f7d5c9d7654>
Affected Software/s: Viral News, HashOne, Viral CVE ID: CVE-2023-33923 CVSS Score: 4.3 (Medium) Researcher/s: Dave Jong Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d3543a39-ad88-40be-93b8-36ec638db4bd>
Affected Software: Kebo Twitter Feed CVE ID: CVE-2023-34384 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d56aaa20-f40c-4f99-bc38-0b14fa39a175>
Affected Software: SpamReferrerBlock CVE ID: CVE-2023-34371 CVSS Score: 4.3 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d70e9d4e-2137-411b-bc01-28388a7b2519>
Affected Software: TPG Redirect CVE ID: CVE-2023-32093 CVSS Score: 4.3 (Medium) Researcher/s: Taihei Shimamine Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d92b9c21-067b-41c3-a385-a65faa8dd0ae>
Affected Software: WP-Cache.com CVE ID: CVE-2023-34177 CVSS Score: 4.3 (Medium) Researcher/s: LEE SE HYOUNG Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e9a28625-19e4-4696-bb51-7115368120d3>
Affected Software: WordPress Online Booking and Scheduling Plugin – Bookly CVE ID: CVE-2023-1159 CVSS Score: 4 (Medium) Researcher/s: Vinay Kumar Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d4cdf774-c93b-4b94-85ba-aa56bf401873>
Affected Software: Nested Pages CVE ID: CVE-2023-2434 CVSS Score: 3.8 (Low) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8c3e61e9-3610-41b5-9820-28012dc657fd>
Affected Software: Brizy – Page Builder CVE ID: CVE-2023-2897 CVSS Score: 3.7 (Low) Researcher/s: Alex Thomas Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316>
Affected Software: WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce CVE ID: CVE Unknown CVSS Score: 2.7 (Low) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b9002f6e-4345-4908-9cb8-9841a2458eb7>
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
The post Wordfence Intelligence Weekly WordPress Vulnerability Report (May 29, 2023 to June 4, 2023) appeared first on Wordfence.