This Week’s Watch Out Wednesday shows the latest WordPress vulnerabilities including WP Tabs, Video.js, Post Grid, and more!
Plugin: Joli Table Of Contents
Vulnerability: Cross Site Request Forgery (CSRF) on Reset Settings vulnerability
Patched Version: 2.0.0
Recommended Action: Update the WordPress Joli Table Of Contents plugin to the latest available version (at least 2.0.0).
Plugin: WP Social Widget
Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 2.2.4
Recommended Action: Update the WordPress WP Social Widget plugin to the latest available version (at least 2.2.4).
Plugin: Post Grid, Post Carousel, & List Category Posts – by Smart Post Show
Vulnerability: CSRF Bypass / Unauthorised AJAX Calls vulnerability
Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 2.4.19
Recommended Action: Update the WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show plugin to the latest available version (at least 2.4.19).
Plugin: WP Tabs
Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 2.1.17
Recommended Action: Update the WordPress WP Tabs plugin to the latest available version (at least 2.1.17).
Plugin: CPO Companion
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 1.1.0
Recommended Action: Update the WordPress CPO Companion plugin to the latest available version (at least 1.1.0).
Plugin: News & Blog Designer Pack – WordPress Blog Plugin
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 3.3
Recommended Action: Update the WordPress News & Blog Designer Pack – WordPress Blog Plugin plugin to the latest available version (at least 3.3).
Plugin: Posts List Designer by Category – List Category Posts Or Recent Posts
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 3.2
Recommended Action: Update the WordPress Posts List Designer by Category – List Category Posts Or Recent Posts plugin to the latest available version (at least 3.2).
Plugin: YouTube Channel
Vulnerability: Missing Authorization vulnerability
Patched Version: 3.23.0
Recommended Action: Update the WordPress YouTube Channel plugin to the latest available version (at least 3.23.0).
Plugin: Custom User Profile Fields
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 1.8.1
Recommended Action: Update the WordPress Custom User Profile Fields plugin to the latest available version (at least 1.8.1).
Plugin: Contextual Related Posts
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attribute vulnerability
Patched Version: 3.3.1
Recommended Action: Update the WordPress Contextual Related Posts plugin to the latest available version (at least 3.3.1).
Plugin: Social Warfare
Vulnerability: Cross-Site Request Forgery vulnerability
Vulnerability: Missing Authorization vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of December 29, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Simple File Downloader
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of December 27, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: CPO Companion
Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Patched Version: 1.1.0
Recommended Action: Update the WordPress CPO Companion plugin to the latest available version (at least 1.1.0).
Plugin: WP Extended Search
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: 2.1.2
Recommended Action: Update the WordPress WP Extended Search plugin to the latest available version (at least 2.1.2).
Plugin: Swifty Page Manager
Vulnerability: Page Creation/Deletion via CSRF vulnerability
Vulnerability: Admin+ Stored XSS vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of December 10, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Widgets for Google Reviews
Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 9.8
Recommended Action: Update the WordPress Widgets for Google Reviews plugin to the latest available version (at least 9.8).
Plugin: CC Child Pages
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 1.43
Recommended Action: Update the WordPress CC Child Pages plugin to the latest available version (at least 1.43).
Plugin: WooCommerce Eway Gateway
Vulnerability: Insecure Direct Object Reference vulnerability
Patched Version: 3.5.1
Recommended Action: Update the WordPress WooCommerce Eway Gateway plugin to the latest available version (at least 3.5.1).
Plugin: WordPress Restaurant Menu – Food Ordering System
Vulnerability:
Patched Version: 2.3.6
Recommended Action: Update the WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin to the latest available version (at least 2.3.6).
Plugin: JetWidgets For Elementor
Vulnerability: WordPress JetWidgets for Elementor plugin <= 1.0.12 -Cross-Site Request Forgery to Settings Update vulnerability Patched Version: None Recommended Action: Deactivate and delete. This plugin has been closed as of January 3, 2023 and is not available for download. This closure is temporary, pending a full review.
Plugin: My Tickets
Vulnerability: Cross-Site Request Forgery vulnerability
Patched Version: 1.9.11
Recommended Action: Update the WordPress My Tickets plugin to the latest available version (at least 1.9.11).
Plugin: GigPress
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: 2.3.28
Recommended Action: Update the WordPress GigPress plugin to the latest available version (at least 2.3.28).
Plugin: Product Slider and Carousel with Category for WooCommerce
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of January 3, 2023 and is not available for download. This closure is temporary, pending a full review.
Plugin: Video Sidebar Widgets
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of December 28, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: List Pages Shortcode
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of January 3, 2023 and is not available for download. This closure is temporary, pending a full review.
Plugin: Video.js – HTML5 Video Player for WordPress
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of December 28, 2022 and is not available for download. This closure is temporary, pending a full review.
Plugin: Embed PDF
Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: None
Recommended Action: Deactivate and delete. This plugin has been closed as of January 3, 2023 and is not available for download. This closure is temporary, pending a full review.
Plugin: RSS Feed Retriever
Vulnerability: CSRF to Authenticated Plugin Settings Change vulnerability
Vulnerability: Authenticated Plugin Settings Change vulnerability
Patched Version: 1.6.8
Recommended Action: Update the WordPress RSS Feed Retriever plugin to the latest available version (at least 1.6.8).
Plugin: Blog Designer – Post and Widget
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 2.4.1
Recommended Action: Update the WordPress Blog Designer – Post and Widget plugin to the latest available version (at least 2.4.1).
Plugin: Post Category Image With Grid and Slider
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 1.4.8
Recommended Action: Update the WordPress Post Category Image With Grid and Slider plugin to the latest available version (at least 1.4.8).
Plugin: Show-Hide / Collapse-Expand
Vulnerability: Authenticated Settings Update vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: WordPress Meta Data and Taxonomies Filter (MDTF)
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 1.3.1
Recommended Action: Update the WordPress Meta Data and Taxonomies Filter (MDTF) plugin to the latest available version (at least 1.3.1).
Plugin: Twitter Cards Meta
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: Show-Hide / Collapse-Expand
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: Lightbox Photo Gallery
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 0.9.5
Recommended Action: Update the WordPress Lightbox Photo Gallery plugin to the latest available version (at least 0.9.5).
Plugin: Youtube Channel Gallery
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: Membership For WooCommerce
Vulnerability: Unauth. Arbitrary File Upload vulnerability
Patched Version: 2.1.7
Recommended Action: Update the WordPress Membership For WooCommerce plugin to the latest available version (at least 2.1.7).
Plugin: RSS Aggregator by Feedzy
Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 4.1.1
Recommended Action: Update the WordPress RSS Aggregator by Feedzy plugin to the latest available version (at least 4.1.1).
Plugin: WooCommerce Chained Products
Vulnerability: Limited Unauthenticated Settings Update vulnerability
Patched Version: 2.12.0
Recommended Action: Update the WordPress WooCommerce Chained Products plugin to the latest available version (at least 2.12.0).
Plugin: FL3R FeelBox
Vulnerability: Settings Update via CSRF to Stored XSS Vulnerability
Vulnerability: Moods Reset via CSRF Vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: Logaster Logo Generator
Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: None
Recommended Action: No patched version available.
Plugin: Easy Pricing Tables
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 3.2.3
Recommended Action: Update the WordPress Easy Pricing Tables plugin to the latest available version (at least 3.2.3).
Plugin: AAWP
Vulnerability: Unsafe URL Handling vulnerability
Patched Version: 3.12.3
Recommended Action: Update the WordPress AAWP plugin to the latest available version (at least 3.12.3).
Plugin: Themify Shortcodes
Vulnerability: Contributor+ Stored XSS via Shortcode vulnerability
Patched Version: 2.0.8
Recommended Action: Update the WordPress Themify Shortcodes plugin to the latest available version (at least 2.0.8).
Plugin: Revive Old Posts
Vulnerability: Admin+ PHP Object Injection vulnerability
Patched Version: 9.0.11
Recommended Action: Update the WordPress Revive Old Posts plugin to the latest available version (at least 9.0.11).
Plugin: My Calendar
Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 3.3.25
Recommended Action: Update the WordPress My Calendar plugin to the latest available version (at least 3.3.25).
***
Check out the WoW Archive for past Watch Out Wednesday posts.
0 Comments