Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — February 28, 2024

In this report, 73 new vulnerabilities have been publicly disclosed. Security patches for 25 of these plugins and 2 themes are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.
  • Colibri WP
  • Socialdriver

Themes With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the theme.

  • None

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).

  • Addon Library
  • Admin side data storage for Contact Form 7
  • Adsmonetizer
  • BeePress
  • Configure SMTP
  • Download Media
  • Duitku Payment Gateway
  • Fontific | Google Fonts
  • Gestpay for WooCommerce
  • Marketo Forms and Tracking
  • Media Alt Renamer
  • WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit
  • PayU India
  • Play.ht
  • postMash – custom post order
  • Rolo Slider
  • Slivery Extender
  • SoundCloud Shortcode
  • Tabs Shortcode and Widget
  • Tainacan
  • User Shortcodes Plus
  • Watermark RELOADED

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Premium Addons for Elementor
  • BackWPup – WordPress Backup Plugin
  • Page Builder: Pagelayer – Drag and Drop website builder
  • Orbit Fox by ThemeIsle
  • Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
  • User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds
  • Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
  • Elementor Addon Elements
  • Colibri Page Builder
  • Brizy – Page Builder
  • Event Tickets and Registration
  • Sydney Toolbox
  • Enhanced Text Widget
  • NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor
  • WP Dashboard Notes
  • Restrict User Access – Ultimate Membership & Content Protection
  • WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce
  • YML for Yandex Market
  • Smart Forms – when you need more than just a contact form
  • Maintenance Page
  • SMS Alert Order Notifications – WooCommerce
  • Thank You Page Customizer for WooCommerce – Increase Your Sales
  • Spiffy Calendar
  • Academy LMS – eLearning and online course solution for WordPress
  • Archivist – Custom Archive Templates
  • Comments Extra Fields For Post,Pages and CPT
  • KODO Qiniu
  • Backup
  • Elementor Pro
  • JobSearch
  • WP Social Widget

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.