Lucene search

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 26, 2023 to July 2, 2023)

🗓️ 06 Jul 2023 12:56:58Reported by Ram GallType

Weekly WordPress Vulnerability Report. 66 disclosures in 56 Plugins, 1 Theme. Review for site protection

Reporter	Title	Published	Views	Family All 199
OpenVAS	WordPress Post SMTP Mailer/Email Log Plugin < 2.5.7 Multiple CSRF Vulnerabilities	20 Jul 202300:00	–	openvas
Cvelist	CVE-2023-32123 WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF)	13 Nov 202317:20	–	cvelist
Cvelist	CVE-2023-36520 WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR)	20 Dec 202314:18	–	cvelist
Cvelist	CVE-2022-44629 WordPress Catalyst Connect Zoho CRM Client Portal Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)	10 Aug 202309:40	–	cvelist
Cvelist	CVE-2023-36523 WordPress Email download link Plugin <= 3.7 is vulnerable to Sensitive Data Exposure	30 Nov 202315:20	–	cvelist
Cvelist	CVE-2023-36529 WordPress Houzez CRM Plugin <= 1.3.4 is vulnerable to SQL Injection	3 Nov 202316:52	–	cvelist
Cvelist	CVE-2023-34013 WordPress Poll Maker Plugin <= 4.6.2 is vulnerable to Server Side Request Forgery (SSRF)	13 Nov 202302:28	–	cvelist
Cvelist	CVE-2023-23796 WordPress Form Builder Plugin <= 1.9.9.0 is vulnerable to CSV Injection	7 Nov 202316:01	–	cvelist
Cvelist	CVE-2023-36511 WordPress WooCommerce Order Barcodes Plugin <= 1.6.4 is vulnerable to Cross Site Request Forgery (CSRF)	17 Jul 202314:19	–	cvelist
Cvelist	CVE-2023-23823 WordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerability	9 Dec 202411:31	–	cvelist

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jul 2023 12:58Current

7.6High risk

Vulners AI Score7.6

EPSS0.84569