WordPress Vulnerability Report — April 3, 2024

In this report, 255 new vulnerabilities have been publicly disclosed. Security patches for 175 of these plugins and 3 themes are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With No Fix/Patch Available

Woot! No unpatched themes this week!

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.
  • Rehub

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).

  • Shortcodes and extra features for Phlox theme
  • Easy Social Feed – Social Photos Gallery – Post Feed – Like Box
  • PDF Viewer for Elementor
  • GetResponse for WordPress
  • Better Elementor Addons
  • Yoo Slider
  • Responsive flipbook
  • WP Twitter Mega Fan Box Widget
  • Sponsors
  • WP-Eggdrop
  • Broken Images
  • Popup Cart Lite for WooCommerce
  • Woocommerce Social Media Share Buttons
  • WooCommerce Bookings Calendar
  • Whizzy
  • Weekly Class Schedule
  • 10Web Map Builder for Google Maps
  • User Rights Access Manager
  • Ultimate Social Comments – Email Notification & Lazy Load
  • Sticky Anything
  • Thumbs Rating
  • Tax Rate Upload
  • Spin 360 deg and 3D Model Viewer
  • SpiderFAQ
  • Special Box for Content
  • SP Project & Document Manager
  • Social Author Bio
  • Lightbox slider – Responsive Lightbox Gallery
  • Shortcode Addons
  • SEO Title Tag
  • Prenotazioni
  • Post-Plugin Library
  • Pocket News Generator
  • Platinum SEO
  • pageMash > Page Management
  • Oxygen Builder
  • OpenID
  • News Wall
  • New Order Notification for Woocommerce
  • Lordicon Animated Icons
  • Kanban Boards for WordPress
  • Mighty Classic Pros And Cons
  • IP Blocker Lite
  • iFlyChat – WordPress Chat
  • HeartThis
  • Header Image Slider
  • Responsive Image Gallery, Gallery Album
  • Filter Custom Fields & Taxonomies Light
  • WP ERP
  • EnvíaloSimple
  • DX-Watermark
  • Hacklog Down As PDF
  • DD Rating
  • Custom Field Bulk Editor
  • Convert Post Types
  • Contact Forms by Cimatti
  • Contact Form 7 Newsletter
  • Comic Easel
  • Christmas Greetings
  • Chauffeur Taxi Booking System for WordPress
  • Change default login logo,url and title
  • CGC Maintenance Mode
  • Carousel Anything For WPBakery Page Builder
  • Button
  • Breakdance
  • Appointment Calendar
  • All In One Redirection
  • AI Twitter Feeds (Twitter widget & shortcode)
  • Aesop Story Engine
  • AdsPlace’r – Ad Manager, Inserter, AdSense Ads
  • Add Shortcodes Actions And Filters

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Essential Addons for ElementorAll-In-One Security (AIOS)
  • ElementsKit Elementor addons
  • Ninja Forms Contact Form
  • Forminator – Contact Form, Payment Form & Custom Form Builder
  • Page Builder Gutenberg Blocks – CoBlocks
  • Gutenberg Blocks by Kadence Blocks – Page Builder Features
  • MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor
  • Newsletter – Send awesome emails from WordPress
  • Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE
  • CMP – Coming Soon & Maintenance Plugin by NiteoThemes
  • Jeg Elementor Kit
  • Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
  • WooCommerce Cart Abandonment Recovery
  • Elementor Addon Elements
  • Element Pack Elementor Addons
  • Beaver Builder – WordPress Page Builder
  • Colibri Page Builder
  • Download Monitor
  • Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
  • Genesis Blocks
  • List category posts
  • Meta Tag Manager
  • Page Builder: Pagelayer – Drag and Drop website builder
  • Pods – Custom Content Types and Fields
  • PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)
  • Social Icons Widget & Block by WPZOOM
  • Stackable – Page Builder Gutenberg Blocks
  • Template Kit – Import
  • WooCommerce Multilingual & Multicurrency with WPML
  • HUSKY – Products Filter Professional for WooCommerce
  • WP Chat App
  • Events Manager – Calendar, Bookings, Tickets, and more!
  • Sydney Toolbox
  • VoldGrid Easy SEO – Simple and Effective SEO
  • Media Library Assistant
  • Export and Import Users and Customers
  • underConstruction
  • FOX – Currency Switcher Professional for WooCommerce
  • WP-Members Membership Plugin
  • WordPress Infinite Scroll – Ajax Load More
  • Bold Page Builder
  • Hubbub Lite – Fast, Reliable Social Sharing Buttons
  • WPFront User Role Editor
  • Email Newsletter, Marketing, Email Automation and CRM
  • Klarna Payments for WooCommerce
  • Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks
  • SecuPress Free — WordPress Security
  • Pz-LinkCard
  • Themify – WooCommerce Product Filter
  • Ultimate Addons for Beaver Builder – Lite
  • BEAR – Bulk Editor and Products Manager Professional for WooCommerce
  • Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content
  • Easy Appointments
  • Ecwid Ecommerce Shopping Cart
  • MP3 Audio Player for Music, Radio & Podcast by Sonaar
  • My Calendar
  • ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization
  • weForms – Easy Drag & Drop Contact Form Builder For WordPress
  • WordPress File Upload
  • Awesome Support – WordPress HelpDesk & Support Plugin
  • Booking Package
  • Favorites
  • GamiPress
  • LWS Optimize
  • Mailster WordPress Newsletter Plugin Compatibility Tester
  • Mang Board WP
  • MasterStudy LMS WordPress Plugin – for Online Courses and Education
  • Author Box, Guest Author and Co-Authors for Your Posts – Molongui
  • Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages
  • SellKit – Funnel builder and checkout optimizer
    Simple Revisions Delete
  • VS Contact Form
  • WP Travel Engine
  • Media Library Folders
  • WP Hotel Booking
    WP SMS – Messaging & SMS Notification
  • Collect.chat – Chatbot ??
  • Finale Lite – Sales Countdown Timer & Discount for WooCommerce
    Hash Elements
  • ProfileGrid – User Profiles, Memberships, Groups and Communities
  • The Plus Blocks for Block Editor | Gutenberg
  • wp-forecast
  • Announce from the Dashboard
  • Better Elementor Addons
  • MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution
  • JCH Optimize
  • Nelio Content – Best Editorial Calendar & Social Media Scheduling
  • Salon booking system
  • Sliced Invoices – WordPress Invoice Plugin
  • Beaver Builder Addons by WPZOOM
  • Booking Activities
  • Paid Memberships Pro – Mailchimp Add On
  • B Slider – Slider for your block editor
  • Slugs Manager: De
  • lete Old Permalinks from WordPress Database
  • Custom WooCommerce Checkout Fields Editor
  • Builderall Builder for WordPress
  • CubeWP – All-in-One Dynamic Content FrameworkLandingi Landing PagesMove Addons for Elementor
  • Spiffy Calendar
  • Themify Event Post
  • Product Sort and Display for WooCommerce
  • CRM Perks Forms – WordPress Form Builder
  • Layouts for Elementor
  • WP Responsive Tabs horizontal vertical and accordion Tabs
  • RT Easy Builder – Advanced addons for Elementor
  • WP Express Checkout (Accept PayPal Payments Easily)WPC Badge Management for WooCommerce
  • WordPress Page Builder – Zion Builder
  • AI WP WriterAnnouncement & Notification Banner – Bulletin
  • Geo Controller
  • Church Admin
  • Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition
  • Creative Addons for Elementor
  • WPCS – WordPress Currency Switcher Professional
  • Easy Form Builder
  • Falang multilanguage for WordPress
  • FG PrestaShop to WooCommerce
  • A WordPress Testimonial PluginWeb Icons
  • OSS Aliyun
  • Paid Memberships Pro – Payfast Gateway Add On
  • Print Page block – Print the entire page or Section
  • OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer)
  • Tainacan
  • Tumult Hype Animations
  • Webinar and Video Conference with Jitsi Meet
  • WholesaleX – WooCommerce Wholesale Plugin
  • Sharkdropship Dropshipping & Affiliate for for AliExpress
  • WordPress CRM Plugin – WP-CRM System
  • MDTF – Meta Data and Taxonomies Filter
  • Creative Image Slider – Responsive Slider Plugin
  • YITH WooCommerce Account Funds Premium
  • WP Cost Estimation & Payment Forms Builder
  • Wholesale For WooCommerce
  • Slider by Supsystic
  • REHub Framework
  • Limit Attempts by BestWebSoft
  • LayerSlider
  • WP ERP
  • Calendarista Basic Edition

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.