Lucene search

K
wordfenceChloe ChamberlandWORDFENCE:F97B3B1B4589DA09E18F15014D529E8A
HistorySep 21, 2023 - 1:51 p.m.

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)

2023-09-2113:51:31
Chloe Chamberland
www.wordfence.com
18
wordfence
vulnerabilities
wordpress
plugins
themes
security
intelligence
api
webhook
firewall
protection
premium
care
response
cvss
severity
cwe
xss
csrf
authorization

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.6%

Last week, there were 55 vulnerabilities disclosed in 46 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 15 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.

Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to make the internet more secure. That is why the Wordfence Intelligence user interface, vulnerability API and webhook notifications are completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report.

_Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published. _


New Firewall Rules Deployed Last Week

The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.

The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:

Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.


Total Unpatched & Patched Vulnerabilities Last Week

Patch Status Number of Vulnerabilities
Unpatched 16
Patched 39

Total Vulnerabilities by CVSS Severity Last Week

Severity Rating Number of Vulnerabilities
Low Severity 0
Medium Severity 37
High Severity 16
Critical Severity 2

Total Vulnerabilities by CWE Type Last Week

Vulnerability Type by CWE Number of Vulnerabilities
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 18
Cross-Site Request Forgery (CSRF) 7
Missing Authorization 6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') 5
Deserialization of Untrusted Data 5
Information Exposure 4
Authorization Bypass Through User-Controlled Key 3
Server-Side Request Forgery (SSRF) 2
Improper Control of Generation of Code ('Code Injection') 1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') 1
Incorrect Privilege Assignment 1
Improper Authorization 1
Unverified Password Change 1

Researchers That Contributed to WordPress Security Last Week

Researcher Name Number of Vulnerabilities
Lana Codes
(Wordfence Vulnerability Researcher) 20
foobar7 5
Marco Wotschka
(Wordfence Vulnerability Researcher) 5
Yan&Co ApS 2
Vladislav Pokrovsky 2
Chloe Chamberland
(Wordfence Vulnerability Researcher) 1
Nguyen Anh Tien 1
Do Xuan Trung 1
osama-hamad 1
Rafie Muhammad 1
Dmitrii Ignatyev 1
Alex Thomas
(Wordfence Vulnerability Researcher) 1
teo23mal 1
David Anderson 1
Pablo Sanchez 1

Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and obtain a CVE ID through this form. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.


WordPress Plugins with Reported Vulnerabilities Last Week

Software Name Software Slug
10Web Map Builder for Google Maps wd-google-maps
Allow PHP in Posts and Pages allow-php-in-posts-and-pages
Awesome Weather Widget awesome-weather
BAN Users ban-users
Booking Calendar booking
Booking calendar, Appointment Booking System booking-calendar
Booster for WooCommerce woocommerce-jetpack
Checkout Field Editor woocommerce-checkout-field-editor
Comments – wpDiscuz wpdiscuz
Crayon Syntax Highlighter crayon-syntax-highlighter
DoLogin Security dologin
Dropbox Folder Share dropbox-folder-share
Enable Media Replace enable-media-replace
Essential Addons for Elementor essential-addons-for-elementor-lite
Essential Blocks Pro essential-blocks-pro
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates essential-blocks
Feeds for YouTube (YouTube video, channel, and gallery plugin) feeds-for-youtube
File Manager Pro – Filester filester
Google Maps Plugin by Intergeo intergeo-maps
Horizontal scrolling announcement horizontal-scrolling-announcement
JQuery Accordion Menu Widget jquery-vertical-accordion-menu
Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation zero-bs-crm
Leyka leyka
Login with phone number login-with-phone-number
MapPress Maps for WordPress mappress-google-maps-for-wordpress
Migration, Backup, Staging – WPvivid wpvivid-backuprestore
MultiVendorX – MultiVendor Marketplace Solution For WooCommerce dc-woocommerce-multi-vendor
Page Builder: Pagelayer – Drag and Drop website builder pagelayer
Photospace Responsive Gallery photospace-responsive
PowerPress Podcasting plugin by Blubrry powerpress
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress quiz-master-next
Read More & Accordion expand-maker
ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF shortpixel-image-optimiser
Simplr Registration Form Plus+ simplr-registration-form
Slimstat Analytics wp-slimstat
Testimonial Slider Shortcode testimonial-slider-shortcode
WP Customer Reviews wp-customer-reviews
WP User Control wp-user-control
WS Facebook Like Box Widget ws-facebook-likebox
Welcart e-Commerce usc-e-shop
WooCommerce woocommerce
WooCommerce Beta Tester woocommerce-beta-tester
WooCommerce CVR Payment Gateway woocommerce-cvr-payment-gateway
WooCommerce EAN Payment Gateway woocommerce-ean-payment-gateway
WooCommerce Subscription woocommerce-subscriptions
WordPress File Upload wp-file-upload
woocommerce-checkout-field-editor woocommerce-checkout-field-editor

Vulnerability Details

Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you should’ve already been notified if your site was affected by any of these vulnerabilities.

Allow PHP in Posts and Pages <= 3.0.4 - Authenticated (Subscriber+) Remote Code Execution via Shortcode

Affected Software: Allow PHP in Posts and Pages CVE ID: CVE-2023-4994 CVSS Score: 9.9 (Critical) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3d8b4bb6-3715-40c1-8140-7fcf874ccec3&gt;


Dropbox Folder Share <= 1.9.7 - Unauthenticated Local File Inclusion

Affected Software: Dropbox Folder Share CVE ID: CVE-2023-4488 CVSS Score: 9.8 (Critical) Researcher/s: Marco Wotschka Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/647a2f27-092a-4db1-932d-87ae8c2efcca&gt;


Slimstat Analytics <= 5.0.9 - Authenticated (Contributor+) Blind SQL Injection via Shortcode

Affected Software: Slimstat Analytics CVE ID: CVE-2023-4598 CVSS Score: 8.8 (High) Researcher/s: Chloe Chamberland, Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/07c0f5a5-3455-4f06-b481-f4d678309c50&gt;


Welcart e-Commerce <= 2.8.21 - Authenticated(level_5+) SQL Injection via get_logs

Affected Software: Welcart e-Commerce CVE ID: CVE Unknown CVSS Score: 8.8 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/35dadb9c-f0c6-4b74-bb31-5e9d504b3db5&gt;


Simplr Registration Form Plus+ <= 2.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password Change

Affected Software: Simplr Registration Form Plus+ CVE ID: CVE-2023-4213 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6ddf0452-3afe-4ada-bccc-30c818968a81&gt;


Login with phone number <= 1.4.8 - Cross-Site Request Forgery to User Password Change

Affected Software: Login with phone number CVE ID: CVE-2023-4916 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/71083db7-377b-47a1-ac8b-83d8974a2654&gt;


Essential Addons for Elementor <= 5.8.8 - Authenticated (Contributor+) Privilege Escalation

Affected Software: Essential Addons for Elementor CVE ID: CVE-2023-41955 CVSS Score: 8.8 (High) Researcher/s: Rafie Muhammad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8c13701e-424d-462f-b152-4dc5ad3ef197&gt;


BAN Users <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Settings Update & Privilege Escalation

Affected Software: BAN Users CVE ID: CVE-2023-4153 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/af6bd2db-47a4-4381-a881-d5f97a159f8d&gt;


Horizontal scrolling announcement <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode

Affected Software: Horizontal scrolling announcement CVE ID: CVE-2023-4999 CVSS Score: 8.8 (High) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/bf50922a-58a6-4ca4-80b7-cafb37b87216&gt;


File Manager Pro – Filester - <= 1.7.6 - Cross-Site Request Forgery to Arbitrary File Rename

Affected Software: File Manager Pro – Filester CVE ID: CVE-2023-4827 CVSS Score: 8.8 (High) Researcher/s: Dmitrii Ignatyev Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cfbc7af2-1e2c-4aaf-b73c-870f7519aff1&gt;


MultiVendorX <= 4.0.25 - Improper Authorization on REST Routes via 'save_settings_permission'

Affected Software: MultiVendorX – MultiVendor Marketplace Solution For WooCommerce CVE ID: CVE Unknown CVSS Score: 8.6 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/afd9046c-5b6a-411e-8e66-ff1ba60d7f9d&gt;


WPvivid Backup Plugin <= 0.9.90 - Missing Authorization via 'start_staging' and 'get_staging_progress'

Affected Software: Migration, Backup, Staging – WPvivid CVE ID: CVE-2023-41243 CVSS Score: 8.3 (High) Researcher/s: Nguyen Anh Tien Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/28e723ee-e99a-4ec4-b492-bfba04d27fd0&gt;


Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via products

Affected Software/s: Essential Blocks Pro, Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates CVE ID: CVE-2023-4402 CVSS Score: 8.1 (High) Researcher/s: Marco Wotschka Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/1ede7a25-9bb2-408e-b7fb-e5bd4f594351&gt;


Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries

Affected Software/s: Essential Blocks Pro, Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates CVE ID: CVE-2023-4386 CVSS Score: 8.1 (High) Researcher/s: Marco Wotschka Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/af468f83-d6ad-474c-bf7f-c4eeb6df1b54&gt;


Read More & Accordion <= 3.2.2 - Authenticated (Administrator+) PHP Object Injection

Affected Software: Read More & Accordion CVE ID: CVE-2023-3392 CVSS Score: 7.2 (High) Researcher/s: Do Xuan Trung Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/73ab9f95-05cc-47fc-bfcb-1787f6f80789&gt;


Booking calendar, Appointment Booking System <= 3.2.8 - Multiple Authenticated(Editor+) SQL Injection

Affected Software: Booking calendar, Appointment Booking System CVE ID: CVE Unknown CVSS Score: 7.2 (High) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a02f4fc4-42ca-4f8e-9c28-bfa69644e7b6&gt;


Dropbox Folder Share <= 1.9.7 - Unauthenticated Server-Side Request Forgery via 'link'

Affected Software: Dropbox Folder Share CVE ID: CVE-2023-3025 CVSS Score: 7.2 (High) Researcher/s: Alex Thomas Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d62bd2bd-db01-479f-89e4-8031d69a912f&gt;


WooCommerce Beta Tester < 2.2.4 - Authenticated (Administrator+) SQL Injection

Affected Software: WooCommerce Beta Tester CVE ID: CVE Unknown CVSS Score: 7.2 (High) Researcher/s: teo23mal Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d6cbec61-cbe8-44a6-8cc8-8603393ed6b0&gt;


Enable Media Replace <= 4.1.2 - Authenticated(Editor+) PHP Object Injection

Affected Software: Enable Media Replace CVE ID: CVE Unknown CVSS Score: 6.6 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/6e7e6445-c1c5-48a8-a76d-819f2db1efc2&gt;


ShortPixel Image Optimizer <= 5.4.1 - Authenticated(Editor+) PHP Object Injection

Affected Software: ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF CVE ID: CVE Unknown CVSS Score: 6.6 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9f23bf62-6008-4a9c-a7ae-a2e513699684&gt;


Booking Calendar <= 9.7.3 - Unauthenticated Stored Cross-Site Scripting

Affected Software: Booking Calendar CVE ID: CVE-2023-4620 CVSS Score: 6.5 (Medium) Researcher/s: Pablo Sanchez Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f883823f-c225-4cd2-a0f6-39013476ed83&gt;


Testimonial Slider Shortcode <= 1.1.8 - Authenticated (Contributor+) Cross-Site Scripting Vulnerability via Shortcode

Affected Software: Testimonial Slider Shortcode CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/30cb1b8c-84ce-4401-9c30-775efb257fe6&gt;


Feeds for YouTube <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Feeds for YouTube (YouTube video, channel, and gallery plugin) CVE ID: CVE-2023-4841 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/376e2638-a873-4142-ad7d-067ae3333709&gt;


Awesome Weather Widget <= 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Awesome Weather Widget CVE ID: CVE-2023-4944 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3bf77988-370b-437f-83a0-18a147e3e087&gt;


Crayon Syntax Highlighter <= 2.8.4 - Authenticated (Contributor+) Server Side Request Forgery

Affected Software: Crayon Syntax Highlighter CVE ID: CVE-2023-4893 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/527f75f1-6361-4e16-8ae4-d38ca4589811&gt;


WS Facebook Like Box Widget <= 5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: WS Facebook Like Box Widget CVE ID: CVE-2023-4963 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/8bebc229-9d15-439f-a8df-f68455bc5193&gt;


Booster for WooCommerce <= 7.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Booster for WooCommerce CVE ID: CVE-2023-4945 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/981639a3-63c4-4b3f-827f-4d770bd44806&gt;


PowerPress <= 11.0.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via Media URL

Affected Software: PowerPress Podcasting plugin by Blubrry CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ae8c888e-46ed-468f-a5d5-74a7f9d01a36&gt;


JQuery Accordion Menu Widget <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: JQuery Accordion Menu Widget CVE ID: CVE-2023-4890 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b0cf3015-cdc9-4ac9-82f3-e9b4d1203e22&gt;


MapPress Maps for WordPress <= 2.88.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: MapPress Maps for WordPress CVE ID: CVE-2023-4840 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28&gt;


Google Maps Plugin by Intergeo <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Google Maps Plugin by Intergeo CVE ID: CVE-2023-4887 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/cb6d11ad-0983-4a4b-b52b-824eae8b8e3c&gt;


Horizontal scrolling announcement <= 9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Affected Software: Horizontal scrolling announcement CVE ID: CVE-2023-5001 CVSS Score: 6.4 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/d4f60e8c-2745-4930-9101-914bd73c6e1c&gt;


Jetpack CRM <= 5.5.0 - Authenticated (Client+) Stored Cross-Site Scripting

Affected Software: Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: foobar7 Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e1dbd0e2-8c6c-4127-b37c-269af3b7f71c&gt;


PageLayer <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Affected Software: Page Builder: Pagelayer – Drag and Drop website builder CVE ID: CVE Unknown CVSS Score: 6.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/e34b6ae5-1370-4058-95dd-5686978ca45b&gt;


WooCommerce <= 7.8.2 - Sensitive Information Exposure

Affected Software: WooCommerce CVE ID: CVE Unknown CVSS Score: 5.3 (Medium) Researcher/s: osama-hamad Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/7b2d1879-c337-41c9-9f47-f9c2fe8e5928&gt;


wpDiscuz <= 7.6.3 - Insecure Direct Object Reference to Post Rating Increase/Decrease

Affected Software: Comments – wpDiscuz CVE ID: CVE-2023-3998 CVSS Score: 5.3 (Medium) Researcher/s: Vladislav Pokrovsky Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/9d09bdab-ffab-44cc-bba2-821b21a8e343&gt;


wpDiscuz <= 7.6.3 - Insecure Direct Object Reference to Comment Rating Increase/Decrease

Affected Software: Comments – wpDiscuz CVE ID: CVE-2023-3869 CVSS Score: 5.3 (Medium) Researcher/s: Vladislav Pokrovsky Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b30ac1b0-eae2-4194-bf8e-ae73b4236965&gt;


Leyka <= 3.30.3 - Authenticated (Subscriber+) Sensitive Information Exposure

Affected Software: Leyka CVE ID: CVE-2023-4917 CVSS Score: 5.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/dcd24b90-94ff-4625-8e3e-9c90e38683f9&gt;


WP User Control <= 1.5.3 - Insecure Password Reset Mechanism

Affected Software: WP User Control CVE ID: CVE-2023-4915 CVSS Score: 5.3 (Medium) Researcher/s: Lana Codes Patch Status: Unpatched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f4ca1736-7b99-49db-9367-586dbc14df41&gt;


WooCommerce <= 7.0.0 - Authenticated(Shop Manager+) Sensitive Information Exposure

Affected Software: WooCommerce CVE ID: CVE Unknown CVSS Score: 4.9 (Medium) Researcher/s: David Anderson Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f1efcff5-3af6-4c44-9654-b917523419aa&gt;


WordPress File Upload <= 4.23.2 - Authenticated(Administrator+) Stored Cross-Site Scripting

Affected Software: WordPress File Upload CVE ID: CVE Unknown CVSS Score: 4.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/0e1915d9-8ea9-4ab2-9746-3c49bc0bd7c8&gt;


Jetpack CRM <= 5.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation CVE ID: CVE Unknown CVSS Score: 4.4 (Medium) Researcher/s: foobar7 Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/32f2fc21-165c-483f-ab81-48d8f221e4be&gt;


Photospace Responsive <= 2.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: Photospace Responsive Gallery CVE ID: CVE-2023-4271 CVSS Score: 4.4 (Medium) Researcher/s: Marco Wotschka Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/3bc98896-6ff9-40de-ace2-2ca331c2a44a&gt;


Migration, Backup, Staging – WPvivid <= 0.9.90 - Authenticated(Administrator+) Stored Cross-Site Scripting

Affected Software: Migration, Backup, Staging – WPvivid CVE ID: CVE Unknown CVSS Score: 4.4 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/b6d3ede8-465e-4588-b8ef-36bcd1850ec3&gt;


WP Customer Reviews <= 3.6.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

Affected Software: WP Customer Reviews CVE ID: CVE-2023-4648 CVSS Score: 4.4 (Medium) Researcher/s: Marco Wotschka Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f81950be-de32-4fa1-94fe-42667414fe2d&gt;


WooCommerce Subscription < 4.6.0 - Cross-Site Request Forgery

Affected Software: WooCommerce Subscription CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: foobar7 Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/08a98c08-cddc-4bc3-bc07-15d084070abd&gt;


DoLogin Security <= 3.7 - Missing Authorization on Dashboard Widget

Affected Software: DoLogin Security CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/24e2b96c-665f-4616-ac99-1a2b1b0a9ccd&gt;


WooCommerce EAN Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) EAN Update

Affected Software: WooCommerce EAN Payment Gateway CVE ID: CVE-2023-4947 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes, Yan&Co ApS Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/2760b183-3c15-4f0e-b72f-7c0333f9d4b6&gt;


Quiz And Survey Master <= 8.1.15 - Cross-Site Request Forgery via 'display_results'

Affected Software: Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/32173d38-7f85-4e0c-9b4c-38bee2783d77&gt;


10Web Map Builder for Google Maps <= 1.0.73 - Cross-Site Request Forgery to Notice Dismissal

Affected Software: 10Web Map Builder for Google Maps CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/4be81ba0-c678-4234-b63e-da9813817bef&gt;


10Web Map Builder for Google Maps <= 1.0.73 - Missing Authorization to Notice Dismissal

Affected Software: 10Web Map Builder for Google Maps CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: Unknown Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/63666c16-9f68-4a27-b163-4c25f0a7589e&gt;


Checkout Field Editor (Premium) < 1.7.5 - Cross-Site Request Forgery

Affected Software: woocommerce-checkout-field-editor CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: foobar7 Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4647210-ba7e-4233-83d6-12572213f5fb&gt;


Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode

Affected Software: Booster for WooCommerce CVE ID: CVE-2023-4796 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/a4cd49b2-ff93-4582-906b-b690d8472c38&gt;


Checkout Field Editor <= 1.7.4 - Cross-Site Request Forgery to Checkout Fields Update

Affected Software: Checkout Field Editor CVE ID: CVE Unknown CVSS Score: 4.3 (Medium) Researcher/s: foobar7 Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/ad430706-749f-4582-af07-6c543b8d5aad&gt;


WooCommerce CVR Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) CVR Update

Affected Software: WooCommerce CVR Payment Gateway CVE ID: CVE-2023-4948 CVSS Score: 4.3 (Medium) Researcher/s: Lana Codes, Yan&Co ApS Patch Status: Patched Vulnerability Details: <https://wordfence.com/threat-intel/vulnerabilities/id/f72ba0e2-a9c4-43b0-a01f-185554090162&gt;


As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.

This database is continuously updated, maintained, and populated by Wordfence’s highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us using our CVE Request form, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.

Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.

The post Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023) appeared first on Wordfence.

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.6%