This Week’s Watch Out Wednesday shows the latest WordPress vulnerabilities including Gravity Forms, WooCommerce Payments, Restrict Content and more!

Plugin: Gravity Forms

Vulnerability: Reflected XSS vulnerability
Patched Version: 2.7.5
Recommended Action: Update the WordPress Gravity Forms plugin to the latest available version (at least 2.7.5).

Plugin: MainWP Child

Vulnerability: Information Disclosure via Back-Up Files vulnerability
Patched Version: 4.4.1.2
Recommended Action: Update the WordPress MainWP Child plugin to the latest available version (at least 4.4.1.2).

Plugin: InventoryPress

Vulnerability: Author+ Stored XSS vulnerability
Patched Version: None
Recommended Action: No patched version available.

Plugin: Lana Shortcodes

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Patched Version: 1.2.0
Recommended Action: Update the WordPress Lana Shortcodes plugin to the latest available version (at least 1.2.0).

Plugin: ProfilePress

Vulnerability: Reflected Cross-Site Scripting via error message vulnerability
Patched Version: 4.11.0
Recommended Action: Update the WordPress ProfilePress plugin to the latest available version (at least 4.11.0).

Plugin: Restrict Content

Vulnerability: Missing Authorization to Notice Dismissal vulnerability
Patched Version: 3.2.3
Recommended Action: Update the WordPress Restrict Content plugin to the latest available version (at least 3.2.3).

Plugin: Restrict Content

Vulnerability: Reflected Cross-Site Scripting vulnerability
Patched Version: 3.2.3
Recommended Action: Update the WordPress Restrict Content plugin to the latest available version (at least 3.2.3).

Plugin: WP Mail Logging

Vulnerability: Missing Authorization to Notice Dismissal vulnerability
Patched Version: 1.12.0
Recommended Action: Update the WordPress WP Mail Logging plugin to the latest available version (at least 1.12.0).

Plugin: Lana Text to Image

Vulnerability: Auth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: 1.1.0
Recommended Action: Update the WordPress Lana Text to Image plugin to the latest available version (at least 1.1.0).

Plugin: BBS e-Popup

Vulnerability: Broken Access Control vulnerability
Patched Version: None
Recommended Action: No patched version is available.

Plugin: MaxButtons

Vulnerability: Cross Site Scripting (XSS) vulnerability
Patched Version: 9.6
Recommended Action: Update the WordPress MaxButtons plugin to the latest available version (at least 9.6).

Plugin: Balkon

Vulnerability: Reflected Cross Site Scripting (XSS) vulnerability
Patched Version: 1.3.3
Recommended Action: Update the WordPress Balkon theme to the latest available version (at least 1.3.3).

Plugin: PostX – Gutenberg Blocks for Post Grid

Vulnerability: Cross Site Scripting (XSS) vulnerability
Patched Version: 2.9.10
Recommended Action: Update the WordPress PostX – Gutenberg Blocks for Post Grid plugin to the latest available version (at least 2.9.10).

Plugin: Contact Form to DB by BestWebSoft

Vulnerability: SQL Injection vulnerability
Patched Version: 1.7.2
Recommended Action: Update the WordPress Contact Form to DB by BestWebSoft plugin to the latest available version (at least 1.7.2).

Plugin: OOPSpam Anti-Spam

Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 1.1.45
Recommended Action: Update the WordPress OOPSpam Anti-Spam plugin to the latest available version (at least 1.1.45).

Plugin: Five Star Restaurant Reservations

Vulnerability: Reflected Cross Site Scripting (XSS) vulnerability
Patched Version: 2.6.8
Recommended Action: Update the WordPress Five Star Restaurant Reservations plugin to the latest available version (at least 2.6.8).

Plugin: Contact Form by WD

Vulnerability: Admin+ SQLi vulnerability
Patched Version: None
Recommended Action: No patched version available.

Plugin: Mail Queue

Vulnerability: Unauthenticated Stored Cross-Site Scripting via Email Subject vulnerability
Patched Version: 1.2
Recommended Action: Update the WordPress Mail Queue plugin to the latest available version (at least 1.2).

Plugin: WP Ticket Customer Service Software & Support Ticket System

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Patched Version: 5.13
Recommended Action: Update the WordPress WP Ticket Customer Service Software & Support Ticket System plugin to the latest available version (at least 5.13).

Plugin: Abandoned Cart Pro

Vulnerability: Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: 7.13.0
Recommended Action: Update the WordPress Abandoned Cart Pro plugin to the latest available version (at least 7.13.0).

Plugin: Abandoned Cart Lite for WooCommerce

Vulnerability: Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: 5.2.0
Recommended Action: Update the WordPress Abandoned Cart Lite for WooCommerce plugin to the latest available version (at least 5.2.0).

Plugin: Colibri Page Builder

Vulnerability: Auth. SQL Injection (SQLi) vulnerability
Patched Version: 1.0.229
Recommended Action: Update the WordPress Colibri Page Builder plugin to the latest available version (at least 1.0.229).

Plugin: Metform Elementor Contact Form Builder

Vulnerability: Cross-Site Request Forgery via permalink_setup vulnerability
Patched Version: 3.3.3
Recommended Action: Update the WordPress Metform Elementor Contact Form Builder plugin to the latest available version (at least 3.3.3).

Plugin: Gallery Metabox

Vulnerability: Missing Authorization via gallery_remove vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of May 30, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: About Me 3000 widget

Vulnerability: Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of June 8, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Gallery Metabox

Vulnerability: Missing Authorization vulnerability
Patched Version: None
Recommended Action: No patched version available. This plugin has been closed as of May 30, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Quick Post Duplicator

Vulnerability: Authenticated (Contributor+) SQL Injection via post_id vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of June 1, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Booking Calendar Contact Form

Vulnerability: Cross Site Scripting (XSS)
Patched Version: 1.2.41
Recommended Action: Update the WordPress Booking Calendar Contact Form plugin to the latest available version (at least 1.2.41).

Plugin: Ultimate Member

Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 2.6.1
Recommended Action: Update the WordPress Ultimate Member plugin to the latest available version (at least 2.6.1).

Plugin: CHP Ads Block Detector

Vulnerability: Broken Access Control vulnerability
Patched Version: 3.9.8
Recommended Action: Update the WordPress CHP Ads Block Detector plugin to the latest available version (at least 3.9.8).

Plugin: MyCurator Content Curation

Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 3.75
Recommended Action: Update the WordPress MyCurator Content Curation plugin to the latest available version (at least 3.75).

Plugin: Spam protection, AntiSpam, FireWall by CleanTalk

Vulnerability: Broken Access Control vulnerability
Patched Version: 6.11
Recommended Action: Update the WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin to the latest available version (at least 6.11).

Plugin: Ninja Forms

Vulnerability: Arbitrary File Deletion vulnerability
Patched Version: 3.6.25
Recommended Action: Update the WordPress Ninja Forms plugin to the latest available version (at least 3.6.25).

Plugin: ReDi Restaurant Reservation

Vulnerability: Broken Access Control vulnerability
Patched Version: 23.0212
Recommended Action: Update the WordPress ReDi Restaurant Reservation plugin to the latest available version (at least 23.0212).

Plugin: teachPress

Vulnerability: Cross Site Scripting (XSS) vulnerability
Patched Version: 9.0.3
Recommended Action: Update the WordPress teachPress plugin to the latest available version (at least 9.0.3).

Plugin: Event Manager for WooCommerce

Vulnerability: Cross Site Scripting (XSS) vulnerability
Patched Version: 3.9.6
Recommended Action: Update the WordPress Event Manager for WooCommerce plugin to the latest available version (at least 3.9.6).

Plugin: Protect WP Admin

Vulnerability: Unauthenticated Protection Bypass vulnerability
Patched Version: 4.0
Recommended Action: Update the WordPress Protect WP Admin plugin to the latest available version (at least 4.0).

Plugin: Tutor LMS

Vulnerability: Unauthenticated Access to Tutor LMS Lesson Resources via REST API vulnerability
Patched Version: 2.2.1
Recommended Action: Update the WordPress Tutor LMS plugin to the latest available version (at least 2.2.1).

Plugin: Ninja Forms Google Sheet Connector

Vulnerability: Reflected XSS vulnerability
Patched Version: 1.2.7
Recommended Action: Update the WordPress Ninja Forms Google Sheet Connector plugin to the latest available version (at least 1.2.7).

Plugin: Elementor Forms Google Sheet Connector

Vulnerability: Reflected XSS vulnerability
Patched Version: 1.0.7
Recommended Action: Update the WordPress Elementor Forms Google Sheet Connector plugin to the latest available version (at least 1.0.7).

Plugin: WPForms Google Sheet Connector

Vulnerability: Reflected XSS vulnerability
Patched Version: 3.4.6
Recommended Action: Update the WordPress WPForms Google Sheet Connector plugin to the latest available version (at least 3.4.6).

Plugin: CF7 Google Sheets Connector Pro

Vulnerability: Reflected XSS vulnerability
Patched Version: None
Recommended Action: No known patch

Plugin: CF7 Google Sheets Connector

Vulnerability: Reflected XSS vulnerability
Patched Version: 5.0.2
Recommended Action: Update the WordPress CF7 Google Sheets Connector plugin to the latest available version (at least 5.0.2).

Plugin: ND Shortcodes For Visual Composer

Vulnerability: Subscriber+ LFI vulnerability
Patched Version: 7.0
Recommended Action: Update the WordPress ND Shortcodes For Visual Composer plugin to the latest available version (at least 7.0).

Plugin: wpForo Forum

Vulnerability: Authenticated (Subscriber+) Local File Include, Server-Side Request Forgery, and PHAR Deserialization via file_get_contents vulnerability
Patched Version: 2.1.8
Recommended Action: Update the WordPress wpForo Forum plugin to the latest available version (at least 2.1.8).

Plugin: Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin

Vulnerability: Reflected XSS vulnerability
Patched Version: 1.9.9
Recommended Action: Update the WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin plugin to the latest available version (at least 1.9.9).

Plugin: FormCraft

Vulnerability: Auth. SQL Injection (SQLi) vulnerability
Patched Version: 3.9.7
Recommended Action: Update the WordPress FormCraft plugin to the latest available version (at least 3.9.7).

Plugin: Custom 404 Pro

Vulnerability: Multiple SQL Injection vulnerability
Patched Version: 3.8.1
Recommended Action: Update the WordPress Custom 404 Pro plugin to the latest available version (at least 3.8.1).

Plugin: KiviCare

Vulnerability: Reflected Cross-Site Scripting vulnerability
Vulnerability: Subscriber+ Sensitive Information Disclosure vulnerability
Vulnerability: Subscriber+ Unauthorised AJAX Calls vulnerability
Vulnerability: Multiple CSRF vulnerability
Patched Version: 3.2.1
Recommended Action: Update the WordPress KiviCare plugin to the latest available version (at least 3.2.1).

Plugin: Afterpay Gateway for WooCommerce

Vulnerability: Admin+ SQL Injection vulnerability
Patched Version: 1.12.4
Recommended Action: Update the WordPress Afterpay Gateway for WooCommerce plugin to the latest available version (at least 1.12.4).

Plugin: USM Premium

Vulnerability: Admin+ Stored XSS vulnerability
Patched Version: 16.3
Recommended Action: Update the WordPress USM Premium plugin to the latest available version (at least 16.3).

Plugin: User Email Verification for WooCommerce

Vulnerability: Authentication bypass via weak token generation vulnerability
Patched Version: None
Recommended Action: No patched version available.

Plugin: Bookly

Vulnerability: Admin+ Stored Cross-Site Scripting via service titles vulnerability
Patched Version: 21.8
Recommended Action: Update the WordPress Bookly plugin to the latest available version (at least 21.8).

Plugin: WP Directory Kit

Vulnerability: Unauthenticated Local File Inclusion vulnerability
Patched Version: 1.2.4
Recommended Action: Update the WordPress WP Directory Kit plugin to the latest available version (at least 1.2.4).

Plugin: File Uploader

Vulnerability: Admin+ Path Traversal vulnerability
Patched Version: 4.19.2
Recommended Action: Update the WordPress File Uploader plugin to the latest available version (at least 4.19.2).

Plugin: Go Pricing

Vulnerability: WordPress Go Pricing – WordPress Responsive Pricing Tables plugin <= 3.3.19 - Broken Access Control vulnerability Patched Version: 3.4 Recommended Action: Update the WordPress Go Pricing plugin to the latest available version (at least 3.4).

Plugin: Go Pricing

Vulnerability: WordPress Go Pricing – WordPress Responsive Pricing Tables plugin < 3.4 - Contributor+ Stored XSS vulnerability Patched Version: 3.4 Recommended Action: Update the WordPress Go Pricing plugin to the latest available version (at least 3.4).

Plugin: Icegram

Vulnerability: Reflected XSS vulnerability
Patched Version: 3.1.12
Recommended Action: Update the WordPress Icegram plugin to the latest available version (at least 3.1.12).

Plugin: WP Activity Log

Vulnerability: Subscriber+ Information Leak vulnerability
Patched Version: 4.5.2
Recommended Action: Update the WordPress WP Activity Log plugin to the latest available version (at least 4.5.2).

Plugin: PixelYourSite PRO

Vulnerability: Admin+ Stored Cross-Site Scripting vulnerability
Patched Version: 9.6.2
Recommended Action: Update the WordPress PixelYourSite – Your smart PIXEL (TAG) Manager plugin to the latest available version (at least 9.6.2).

Plugin: Photo Gallery by Ays

Vulnerability: Reflected XSS vulnerability
Patched Version: 5.1.7
Recommended Action: Update the WordPress Photo Gallery by Ays plugin to the latest available version (at least 5.1.7).

Plugin: Contact Form Email

Vulnerability: Unauthenticated Stored Cross-Site Scripting vulnerability
Patched Version: 1.3.38
Recommended Action: Update the WordPress Contact Form Email plugin to the latest available version (at least 1.3.38).

Plugin: Quiz Maker

Vulnerability: Reflected XSS vulnerability
Patched Version: 6.4.2.7
Recommended Action: Update the WordPress Quiz Maker plugin to the latest available version (at least 6.4.2.7).

Plugin: Survey Maker

Vulnerability: Reflected XSS vulnerability
Patched Version: 3.4.7
Recommended Action: Update the WordPress Survey Maker plugin to the latest available version (at least 3.4.7).

Plugin: ConvertKit

Vulnerability: Reflected XSS vulnerability
Patched Version: 2.2.1
Recommended Action: Update the WordPress ConvertKit plugin to the latest available version (at least 2.2.1).

Plugin: EventON

Vulnerability: Unauthenticated Event Access vulnerability
Vulnerability: Unauthenticated Post Access via IDOR vulnerability
Patched Version: 2.1.2
Recommended Action: Update the WordPress EventON plugin to the latest available version (at least 2.1.2).

Plugin: Float menu

Vulnerability: Admin+ Stored Cross-Site Scripting vulnerability
Patched Version: 5.0.3
Recommended Action: Update the WordPress Float menu plugin to the latest available version (at least 5.0.3).

Plugin: Simple Iframe

Vulnerability: Contributor+ Stored XSS vulnerability
Patched Version: 1.2.0
Recommended Action: Update the WordPress Simple Iframe plugin to the latest available version (at least 1.2.0).

Plugin: Defa Online Image Protector

Vulnerability: Auth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of June 1, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Buy Me a Coffee

Vulnerability: Auth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: 3.7
Recommended Action: Update the WordPress Buy Me a Coffee plugin to the latest available version (at least 3.7).

Plugin: AN_GradeBook

Vulnerability: Auth. Cross-Site Scripting (XSS) vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of June 1, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: PrePost SEO

Vulnerability: Auth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of May 30, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Enable SVG Uploads

Vulnerability: Auth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: None
Recommended Action: No patched version available.

Plugin: Greeklish-permalink

Vulnerability: Unauth. Post Slug Update vulnerability
Patched Version: None
Recommended Action: No patched version is available. This plugin has been closed as of May 30, 2023 and is not available for download. This closure is temporary, pending a full review.

Plugin: Mailtree Log Mail

Vulnerability: Unauth. Stored Cross-Site Scripting (XSS) vulnerability
Patched Version: 1.0.1
Recommended Action: Update the WordPress Mailtree Log Mail plugin to the latest available version (at least 1.0.1).

Plugin: Potent Donations for WooCommerce

Vulnerability: Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 1.1.10
Recommended Action: Update the WordPress Potent Donations for WooCommerce plugin to the latest available version (at least 1.1.10).

Plugin: BookIt

Vulnerability: Authentication Bypass Vulnerability
Patched Version: 2.3.8
Recommended Action: Update the WordPress BookIt plugin to the latest available version (at least 2.3.8).

Plugin: JS Help Desk – Best Help Desk & Support Plugin

Vulnerability: IDOR Leading To Ticket Deletion vulnerability
Patched Version: None
Recommended Action: No patched version is available. No reply from the vendor.

Plugin: WP Cookie Notice for GDPR, CCPA & ePrivacy Consent

Vulnerability: CSV Injection vulnerability
Patched Version: None
Recommended Action: No patched version is available. No reply from the vendor.

Plugin: WooCommerce Subscriptions

Vulnerability: Insecure Direct Object References (IDOR) vulnerability
Patched Version: 5.1.3
Recommended Action: Update the WordPress WooCommerce Subscriptions plugin to the latest available version (at least 5.1.3).

Plugin: WooCommerce Payments

Vulnerability: SQL Injection vulnerability
Vulnerability: Insecure Direct Object References (IDOR) vulnerability
Patched Version: 5.9.1
Recommended Action: Update the WordPress WooCommerce Payments plugin to the latest available version (at least 5.9.1).

Plugin: Complianz – GDPR/CCPA Cookie Consent

Vulnerability: CSRF lead to Site Wide Cross Site Scripting (XSS) vulnerability
Patched Version: 6.4.5
Recommended Action: Update the WordPress Complianz – GDPR/CCPA Cookie Consent plugin to the latest available version (at least 6.4.5).

Plugin: Complianz Premium

Vulnerability: CSRF to Site Wide Cross Site Scripting (XSS) vulnerability
Vulnerability: Multiple Cross Site Request Forgery (CSRF) vulnerability
Patched Version: 6.4.8
Recommended Action: Update the WordPress Complianz Premium plugin to the latest available version (at least 6.4.8).

***
Check out the WoW Archive for past Watch Out Wednesday posts.