Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — January 24, 2024

In this report, 88 new vulnerabilities have been publicly disclosed. Security patches for 29 of these plugins and one theme are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • ColorMag

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).
  • Ninja Tables – Best Data Table Plugin for WordPress
  • Booking for Appointments and Events Calendar – Amelia
  • Contact Form builder with drag & drop for WordPress – Kali Forms
  • PDF Viewer & 3D PDF Flipbook – DearPDF
  • Browser Theme Color
  • FreshMail For WordPress
  • Albo Pretorio Online
  • CBX Map for Google Map & OpenStreetMap
  • Posts List Designer by Category – List Category Posts Or Recent Posts
  • 12 Step Meeting List
  • WP To Do
  • BA Plus
  • Better Anchor Links
  • CformsII
  • Custom Dashboard Widgets
  • Delhivery Logistics Courier
  • enigma chart.js
  • Frontpage Manager
  • Image Tag Manager
  • lasTunes
  • Post views Stats
  • SimpleMap Store Locator
  • Splashscreen
  • Unlimited Addons for WPBakery Page Builder
  • WP Smart Editor

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.
  • Advanced Custom Fields (ACF)
  • Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders
  • Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms
  • Migration, Backup, Staging – WPvivid
  • PDF Invoices & Packing Slips for WooCommerce
  • Photo Gallery by 10Web – Mobile-Friendly Image Gallery
  • Orbit Fox by ThemeIsle
  • Burst Statistics – Privacy-Friendly Analytics for WordPress
  • FileBird – WordPress Media Library Folders & File Manager
  • GiveWP – Donation Plugin and Fundraising Platform
  • Schema & Structured Data for WP & AMP
  • Product Import Export for WooCommerce
  • Import and export users and customers
  • VK Block Patterns
  • Advanced Woo Search
  • Booking for Appointments and Events Calendar – Amelia
  • Getwid – Gutenberg Blocks
  • User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
  • Photo Gallery, Images, Slider in Rbs Image Gallery
  • Simple Membership
  • WP Recipe Maker
  • Shield Security – Smart Bot Blocking & Intrusion Prevention Security
  • IP2Location Country Blocker
  • Asgaros Forum
  • Cryptocurrency Widgets – Price Ticker & Coins List
  • Author Box, Guest Author and Co-Authors for Your Posts – Molongui
  • Stripe Payment Plugin for WooCommerce
  • Portfolio & Image Gallery for WordPress | PowerFolio
  • BP Profile Search
  • HD Quiz
  • WOLF – WordPress Posts Bulk Editor and Manager Professional
  • ChatBot with AI
  • Slider by Supsystic
  • FastDup – Fastest WordPress Migration & Duplicator
  • Formzu WP
  • WP-Lister Lite for eBay
  • WP Spell Check
  • WPZOOM Shortcodes
  • InstaWP Connect – 1-click WP Staging & Migration
  • Display custom fields in the frontend – Post and User Profile Fields
  • Stock Locations for WooCommerce
  • GeneratePress Premium
  • PeepSo Core: Photos
  • SalesKing
  • WooCommerce Subscriptions
  • WPForms Pro

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.