WordPress Vulnerability Report — June 12, 2024

In this report, 228 new vulnerabilities have been publicly disclosed affecting 217 plugins and 11 themes.  Security patches for  157 of these plugins are available as of the publishing of this report.

Along with poor user account security, vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

No vulnerabilities identified – yea!

WordPress Themes

Themes With No Fix/Patch Available

All themes patched – yea!

Themes With A Fix/Patch Available

Disclosed vulnerability(ies) have been patched. You should update to the latest version.

  • Blocksy
  • Bloglo
  • Event
  • Formula
  • Idyllic
  • Pixgraphy
  • Responsive
  • Rife Free
  • Eduma
  • Radcliffe 2

WordPress Plugins

Plugins With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the plugin(s).

  • Woody code snippets
  • Album and Image Gallery plus Lightbox
  • Insert or Embed Articulate Content into WordPress
  • KiviCare
  • Weather Widget Pro
  • Admin Notices Manager
  • Authorize.net Payment Gateway For WooCommerce
  • Boostify Header Footer Builder for Elementor
  • BuddyPress Cover
  • BuddyForms
  • BuddyPress Members Only
  • Clever Addons for Elementor
  • Easy Social Like Box
  • Under Construction / Maintenance Mode from Acurax
  • Contact Form Builder, Contact Widget
  • Cowidgets – Elementor Addons
  • Custom Dash
  • Download Attachments
  • EasyAzon
  • ElementsReady Addons for Elementor
  • Essential Real Estate
  • Fluid Notification Bar
  • Frontend Registration – Contact Form 7
  • FS Product Inquiry
  • Responsive Image Gallery, Gallery Album
  • Google CSE
  • Insert Post Ads
  • MJ Update History
  • Nafeza Prayer Time
  • Netgsm
  • Ovic Importer
  • prettyPhoto
  • Restrict for Elementor
  • Rotating Tweets
  • SellKit
  • Simple COD Fees for WooCommerce
  • Simple Image Popup Shortcode
  • Social Link Pages
  • Social Login Lite For WooCommerce
  • Startklar Elementor Addons
  • Stellissimo Text Box
  • Strategery Migrations
    TemplatesNext OnePager
  • The Moneytizer
  • Themesflat Addons For Elementor
  • Tooltip CK
  • Upload Fields for WPForms
  • Upunzipper
  • Claudio Sanches
  • WooCommerce Dropshipping
  • WP-DB-Table-Editor
  • SC filechecker
  • WP-Recall
  • WP Translate
  • WPUpper Share Buttons
  • Easy Forms for Mailchimp

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Advanced Custom Fields (ACF)
  • Essential Addons for Elementor
  • WPS Hide Login
  • TablePress – Tables in WordPress made easy
  • WP Shortcodes Plugin — Shortcodes Ultimate
  • SiteOrigin Widgets Bundle
  • Newsletter – Send awesome emails from WordPress
  • Royal Elementor Addons and Templates
  • WP Reset – Most Advanced WordPress Reset Tool
  • Photo Gallery by 10Web – Mobile-Friendly Image Gallery
  • Qi Addons For Elementor
  • Unlimited Elements For Elementor
  • Prime Slider – Addons For Elementor
  • Colibri Page Builder
  • Download Manager
  • GiveWP – Donation Plugin and Fundraising Platform
  • Newsletter, SMTP, Email marketing and Subscribe forms by Brevo
  • Minimal Coming Soon – Coming Soon Page
  • WP Mobile Menu – The Mobile-Friendly Responsive Menu
  • Strong Testimonials
  • The Plus Addons for Elementor
  • GDPR/CCPA Cookie Consent Banner
  • Widget Options
  • WP Force SSL & HTTPS SSL Redirect
  • Email Subscribers by Icegram Express
  • EmbedPress
  • Any Documents in Gutenberg & Elementor
  • LearnPress – WordPress LMS Plugin
  • The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid
  • Brizy – Page Builder
  • Tutor LMS – eLearning and online course solution
  • Comments – wpDiscuz
  • Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages
  • Clever Fox
  • Sina Extension for Elementor
  • CF7 Google Sheets Connector
  • Custom Field Template
  • Login/Signup Popup
  • Qi Blocks
  • Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
  • Analytify
  •  
  • WP jQuery Lightbox
  • Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
  • SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything!
  • Visualizer: Tables and Charts Manager for WordPress
  • WooCommerce Tools
  • YITH WooCommerce Tab Manager
  • Bosa Elementor Addons and Templates for WooCommerce
  • Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content
  • Envo Extra
  • One Page Express Companion
  • Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme
  • Product Addons & Fields for WooCommerce
  • WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing
  • Advanced Woo Labels – Product Labels for WooCommerce
  • Awesome Support – WordPress HelpDesk & Support Plugin
  • Countdown, Coming Soon, Maintenance – Countdown & Clock
  • LA-Studio Element Kit for Elementor
  • LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes
  • Link Library
  • Open Graph
  • Sensei LMS – Online Courses, Quizzes, & Learning
  • Weaver Xtreme Theme Support
  • YITH WooCommerce Product Add-Ons
  • BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library
  • Database Cleaner: Clean, Optimize & Repair
  • Materialis Companion
  • ElasticPress
  • YITH Custom Login
  • Five Star Restaurant Menu and Food Ordering
  • ProfileGrid – User Profiles, Groups and Communities
  • WS Form LITE – Drag & Drop Contact Form Builder for WordPress
  • MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution
  • Integrate Google Drive
  • Magical Addons For Elementor
  • Pure Chat – Live Chat & More!
  • Testimonial Carousel For Elementor
  • Wbcom Designs – Custom Font Uploader
  • Album Gallery – WordPress Gallery
  • Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery
    Podlove Web Player
  • Salon Booking System
  • Shopping Cart & eCommerce Store
  • le.App — Android and iOS Mobile Application
  • Debug Log Manager
  • Kenta Blocks – Responsive Blocks and block templates library
  • Tickera – WordPress Event Ticketing
  • Auto Coupons for WooCommerce
  • Media Slider – Photo Slider, Video Slider, Link Slider, Carousal Slideshow
  • Mollie Forms
  • Newsletters
  • PropertyHive
  • Simple Ajax Chat – Add a Fast, Secure Chat Box
  • Slider Responsive Slideshow – Image slider, Gallery slideshow
    Cards for Beaver Builder
  • Leyka
  • GDPR CCPA Compliance & Cookie Consent Banner
  • Active Products Tables for WooCommerce
  • Block for Font Awesome
  • Kognetiks Chatbot for WordPress
  • Contact Form to DB by BestWebSoft
    Copymatic – AI Content Writer & Generator
  • Dashboard To-Do List
  • Emergency Password Reset
  • Event Tickets with Ticket Scanner
  • Extra Product Options for WooCommerce
  • GamiPress – Link
  • Heateor Social Login WordPress
  • HT Feed
  • Market Exporter
  • Recurring PayPal Donations
  • Save as PDF Plugin by Pdfcrowd
  • SKT Addons for Elementor
  • BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages
  • WP Docs
  • WP Flow Plus
  • WP Time Slots Booking Form
  • 12 Step Meeting List
  • MelaPress Login Security
  • Gutenberg Blocks and Page Layouts – Attire Blocks
  • Music Store – WordPress eCommerce
  • Advanced Custom Fields PRO
  • ARForms
  • Boostify Header Footer Builder for Elementor
  • Buddyboss Platform
  • Essential Addons for Elementor Pro
  • Widget Options – Extended
  • GP Premium
  • Otter Blocks PRO
  • MegaMenu
  • tagDiv Composer
  • Checkout Field Editor for WooCommerce (Pro)
  • Sensei Pro (WC Paid Courses)
  • WP eMember
  • WP Visitors Tracker
  • WPvivid Backup for MainWP
  • WS Form Pro

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.