Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — February 14, 2024

In this report, 146 new vulnerabilities have been publicly disclosed. Security patches for 118 of these plugins and 1 theme are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.
  • Blocksy

Themes With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the theme.
  • Brooklyn

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).

  • Malware Scanner
  • Multi Step Form
  • Comments Like Dislike
  • PJ News Ticker
  • TinyMCE
  • TinyMCE Advanced Professsional
  • Formats and Styles
  • WP Contact Form
  • Before After Image Slider WP
  • Content Cards
  • MyWaze
  • PB oEmbed HTML5 Audio – with Cache Support
  • Canto
  • Buttons Shortcode and Widget
  • Coupon Referral Program
  • GigPress
  • Honeypot for WP Comment
  • MoveTo
  • Payment Forms for Paystack
  • SMTP Mail
  • VK Poster Group
  • Pexels: Free Stock Photos
  • Basic Log Viewer
  • Easy Forms for Mailchimp

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Elementor Website Builder – More than Just a Page Builder
  • Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
  • All-In-One Security (AIOS) – Security and Firewall
  • Broken Link Checker
  • Meta Box – WordPress Custom Fields Framework
  • WP Shortcodes Plugin — Shortcodes Ultimate
  • SiteOrigin Widgets Bundle
  • Admin Menu Editor
  • Royal Elementor Addons and Templates
  • Backuply – Backup, Restore, Migrate and Clone
  • InfiniteWP Client
  • Popup Builder – Create highly converting, mobile friendly marketing popups.
  • AMP for WP – Accelerated Mobile Pages
  • Elementor Addon Elements
  • Advanced Database Cleaner
  • Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider)
  • Content Views – Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode)
  • Custom Twitter Feeds – A Tweets Widget or X Feed Widget
  • Insert PHP Code Snippet
  • Login Lockdown – Protect Login Form
  • Minimal Coming Soon – Coming Soon Page
  • PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)
  • Defender Security – Malware Scanner, Login Security & Firewall
  • Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions
  • Matomo Analytics – Ethical Stats. Powerful Insights
  • Elementor Addons by Livemesh
  • WP Booking Calendar
  • Customer Reviews for WooCommerce
  • Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline)
  • RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging
  • AI Engine
  • Bold Page Builder
  • Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy)
  • RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube
  • Video Feeds Aggregator
  • Internal Link Juicer: SEO Auto Linker for WordPress
  • MapPress Maps for WordPress
  • Shariff Wrapper
  • Booster for WooCommerce
  • WP Recipe Maker
  • Shield Security – Smart Bot Blocking & Intrusion Prevention Security
  • Starbox – the Author Box for Humans
  • WP 404 Auto Redirect to Similar Post
  • WP Editor
  • Apollo13 Framework Extensions
  • Gutenberg Block Editor Toolkit – EditorsKit
  • PPWP – Password Protect Pages
  • All 404 Pages Redirect to Homepage
  • Maspik – Spam Blacklist
  • Quiz Maker
  • NextMove Lite – Thank You Page for WooCommerce
  • Awesome Support – WordPress HelpDesk & Support Plugin
  • Passster – Password Protect Pages and Content
  • Directorist – WordPress Business Directory Plugin with Classified Ads Listings
  • Link Library
  • NEX-Forms – Ultimate Form Builder – Contact forms and much more
  • Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced)
  • Wonder Slider Lite
  • Woocommerce Vietnam Checkout
  • Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin
  • Product Labels For Woocommerce (Sale Badges)
  • Analytics Insights – Google Analytics Dashboard for WordPress
  • WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc
  • Themify Builder
  • Podlove Podcast Publisher
  • Contact Form 7 Connector
  • Advanced Forms for ACF
  • Paytium: Mollie payment forms & donations
  • Podlove Subscribe button
  • SKT Page Builder
  • Doofinder WP & WooCommerce Search
  • EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin (easy docs, knowledgebase)
  • ImageRecycle pdf & image compression
  • Simple Page Access Restriction
  • Anonymous Restricted Content
  • Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress
  • Polls CP
  • GD Rating System
  • Frontend File Manager Plugin
  • TNC PDF viewer
  • Sunshine Photo Cart: Free Client Galleries for Photographers
  • WP Club Manager – WordPress Sports Club Plugin
  • Ultimate Reviews
  • Portugal CTT Tracking for WooCommerce
  • Web3 – Crypto wallet Login & NFT token gating
  • LearnDash LMS
  • WP Media folder

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.