Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — February 21, 2024

In this report, 96 new vulnerabilities have been publicly disclosed. Security patches for 75 of these plugins and 1 theme are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.
  • Bricks Builder

Themes With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the theme.

  • None

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).

  • Featured Image from URL (FIFU)
  • Malware Scanner
  • Multi Step Form
  • Comments Like Dislike
  • PJ News Ticker
  • TinyMCE and TinyMCE Advanced Professsional Formats and Styles
  • MyWaze
  • PB oEmbed HTML5 Audio – with Cache Support
  • 2.9 Canto
  • GigPress
  • MoveTo
  • Oliver POS
  • postMash – custom post order
  • Sitepact’s Contact Form 7 Extension For Klaviyo
  • Widgets Controller
  • Pexels: Free Stock Photos
  • Easy Forms for Mailchimp

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
  • Ocean Extra
  • Premium Addons for Elementor
  • Broken Link Checker
  • WP Shortcodes Plugin — Shortcodes Ultimate
  • SiteOrigin Widgets Bundle
  • Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease
  • Popup Builder – Create highly converting, mobile friendly marketing popups
  • WP Activity Log
  • Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
  • Best WordPress Gallery Plugin – FooGallery
  • Login Lockdown – Protect Login Form
  • Page scroll to id
  • PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)
  • Schema & Structured Data for WP & AMP
  • Defender Security – Malware Scanner, Login Security & Firewall
  • EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube
  • Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor
  • Email Encoder – Protect Email Addresses and Phone Numbers
  • Elementor Addons by Livemesh
  • Simple Share Buttons Adder
  • Microsoft Clarity
  • Bold Page Builder
  • MapPress Maps for WordPress
  • Booster for WooCommerce
  • WP Maintenance
  • Custom Field Template
  • WP Editor
  • Maspik – Spam Blacklist
  • My Private Site
  • My Calendar
  • Analytics Insights – Google Analytics Dashboard for WordPress
  • Directorist – WordPress Business Directory Plugin with Classified Ads Listings
  • Link Library
  • MasterStudy LMS WordPress Plugin – for Online Courses and Education
  • NEX-Forms – Ultimate Form Builder – Contact forms and much more
  • Paid Membership Subscriptions – Effortless Memberships, Recurring
  • Payments & Content Restriction
  • Smart Manager – WooCommerce Bulk Edit Products, Orders, Coupons, Any WordPress Post Type (Advanced)
  • WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc
  • Coming Soon Maintenance Mode
  • Community by PeepSo – Social Network, Membership, Registration, User Profiles
  • WP Testimonials
  • Piraeus Bank WooCommerce Payment Gateway
  • WPify Woo Czech
  • Paytium: Mollie payment forms & donations
  • SKT Page Builder
  • Doofinder WP & WooCommerce Search
  • EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin (easy docs, knowledgebase)
  • InstaWP Connect – 1-click WP Staging & Migration
  • SMTP Mail
  • GD Rating System
  • Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages
  • Frontend File Manager Plugin
  • TNC PDF viewer
  • Sunshine Photo Cart: Free Client Galleries for Photographers
  • Peach Payments Gateway
  • Ultimate Reviews
  • Action Network
  • Web3 – Crypto wallet Login & NFT token gating
  • Cwicly
  • WooCommerce Easy Checkout Field Editor, Fees & Discounts
  • WP Media folder
  • WP Setup Wizard

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.