WordPress Vulnerability Report — March 13, 2024

In this report, 70new vulnerabilities have been publicly disclosed. Security patches for 55 of these plugins and 2 themes are available as of the publishing of this report.

Vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates!

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

Woot! No new core vulnerabilities were disclosed this week.

WordPress Themes

Themes With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Blocksy
  • Total

Themes With No Fix/Patch Available

None – Yea!

WordPress Plugins

Plugins With No Fix/Patch Available

The vulnerability(ies) have not been patched. You should deactivate the plugin(s).

  • HT Easy GA4 – Google Analytics WordPress Plugin
  • Auto Refresh Single Page
  • Blue Triad EZAnalytics
  • Change Memory Limit
  • Build & Control Block Patterns
  • Droit Elementor Addons
  • FeedWordPress
  • Maintenance Mode by helderk
  • Master Slider
  • Page Builder Sandwich – Front-End Page Builder
  • Vimeography: Vimeo Video Gallery WordPress Plugin

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • File Manager
  • SiteOrigin Widgets Bundle
  • Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder
  • Happy Addons for Elementor
  • Metform Elementor Contact Form Builder
  • Royal Elementor Addons and Templates
  • Page Builder: Pagelayer – Drag and Drop website builder
  • Orbit Fox by ThemeIsle
  • Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin
  • Colibri Page Builder
  • Social Sharing Plugin – Sassy Social Share
  • The Plus Addons for Elementor
  • WP Chat App
  • EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & ElementorEvent Tickets and Registration
  • Database for Contact Form 7, WPforms, Elementor forms
  • User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin
  • WP-Members Membership Plugin
  • Simple Membership
  • Booster for WooCommerce
  • Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin
  • MasterStudy LMS WordPress Plugin – for Online Courses and Education
    SportsPress – Sports Club & League Manager
  • Product Carousel Slider & Grid Ultimate for WooCommerce
  • JM Twitter Cards
  • Ultimate Bootstrap Elements for Elementor
  • WPKoi Templates for Elementor
  • Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo Grid
    Auto Affiliate Links
  • EventPrime – Events Calendar, Bookings and Tickets
  • Profile Box Shortcode And Widget
  • Password Protected Store for WooCommerce
  • WooCommerce Add to Cart Custom Redirect
  • affiliate-toolkit – WordPress Affiliate Plugin
  • Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget
  • Simple Restrict
  • Easy!Appointments
  • Booster Elite for WooCommerce
  • BuddyForms
  • Digits
  • Events Tickets Plus
  • Mollie Forms
  • Restaurant Reservations
  • Otter Blocks PRO
  • Premium Addons PRO
  • File Manager Pro

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.