Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — May 01, 2024

In this report, 259 new vulnerabilities have been publicly disclosed. Security patches for 269 plugins and themes are available as of the publishing of this report.

Along with poor user account security, vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

No vulnerabilities identified – yea!

WordPress Themes

Themes With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the theme(s).

  • UDesign
  • XStore

Themes With A Fix/Patch Available

Disclosed vulnerability(ies) have been patched. You should update to the latest version.

  • Accountra
  • Althea WP
  • Blocksy
  • Brite
  • Colibri WP
  • ColorNews
  • Elevate WP
  • Financio
  • Hugo WP
  • Intrace
  • Pathway
  • Photology
  • Royal Elementor Kit
  • Startupzy
  • Teluro
  • Travey
  • Vertice
  • Virtue
  • WP Portfolio
  • Zeever

WordPress Plugins

Plugins With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the plugin(s).

  • Auto Featured Image
  • FameTheme Demo Importer
  • Piotnet Addons For Elementor
  • AGCA – Custom Dashboard & Login Page
  • Serious Slider
  • Meks Smart Social Widget
  • Xserver Migrator
  • Annual Archive
  • rtMedia for WordPress, BuddyPress and bbPress
  • ClickCease Click Fraud Protection
  • Democracy Poll
  • Login Logout Register Menu
  • Meks ThemeForest Smart Widget
  • Print-O-Matic
  • Smart Recent Posts Widget
  • CM Tooltip Glossary
  • Customify Site Library
  • WordPress Ad Widget
  • PopupAlly
  • Pretty Google Calendar
  • Fan Page Widget by ThemeNcode
  • Filterable Portfolio
  • Share This Image
  • Smart Maintenance Mode
  • ENL Newsletter
  • Advanced Search
  • Advanced Most Recent Posts Mod
  • Advanced Post List
  • AJAX Login and Registration modal popup + inline form
  • Element Pack Pro
  • CF7 File Download
  • Client Dash
  • Contact Form 7 Extension For Mailchimp
  • CPO Companion
  • Crelly Slider
  • Easy Set Favicon
  • Embed Google Fonts
  • XStore Core
  • Giphypress
  • GWP-Histats
  • JW Player for WordPress
  • MF Gig Calendar
  • Mini Loops
  • Opal Widgets For Elementor
  • CodeBard’s Patron Button and Widgets for Patreon
  • MailCrypt
  • Piotnet Addons For Elementor Pro
  • Progressive WordPress (PWA)
  • Realtyna Organic IDX plugin
  • Recencio Book Reviews
  • Regenerate post permalink
  • School Management Pro
  • Shortcode Addons
  • Sliding Widgets
  • Social Share Buttons by Supsystic
  • Solid Affiliate
  • SP Project & Document
  • Manager
  • Sticky Anything
  • WidgetKit
  • WZone
  • WP GDPR Compliance
  • WP Masquerade
  • WP Page Post Widget Clone
  • WTI Like Post
  • XforWooCommerce

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • All in One SEO – Best WordPress SEO Plugin
  • Essential Addons for Elementor
  • Rank Math SEO with AI Best SEO Tools
  • ElementsKit Elementor addons and Templates Library
  • Popup Builder by OptinMonster
  • Premium Addons for Elementor
  • Spectra
  • Contact Form 7 Database Addon – CFDB7
  • WP Shortcodes Plugin
  • Happy Addons for Elementor
  • Duplicate Post
  • MetForm
  • Royal Elementor Addons and Templates
  • PDF Invoices & Packing Slips for WooCommerce
  • Call Now Button
  • Floating Chat Widget
  • Instant Images
  • Jeg Elementor Kit
  • Photo Gallery by 10Web
  • Qi Addons For Elementor
  • YITH WooCommerce Compare
  • Elementor Addon Elements
  • BackUpWordPress
  • Colibri Page Builder
  • Content Views
  • FileOrganizer
  • Table Rate Shipping Method for WooCommerce by Flexible Shipping
  • HT Mega
  • Hummingbird
  • Social Sharing Plugin
  • Schema & Structured Data for WP & AMP
  • Strong Testimonials
  • Social Media Share Buttons & Social Sharing Icons
  • WP Chat App
  • Paid Memberships Pro
  • VK Block Patterns
  • WP STAGING WordPress Backup Plugin – Migration Backup Restore
  • Backup Migration
  • Import and export users and customers
  • MainWP Child Reports
  • Tutor LMS
  • WP SMTP
  • WP ULike
  • Comments – wpDiscuz
  • Database for Contact Form 7, WPforms, Elementor forms
  • Media Cleaner: Clean your WordPress!
  • Export and Import Users and Customers
  • Blog2Social: Social Media Auto Post & Scheduler
  • Exclusive Addons for Elementor
  • Getwid – Gutenberg Blocks
  • FOX – Currency Switcher Professional for WooCommerce
  • WP-Members Membership Plugin
  • Enhanced Text Widget
  • Form Maker by 10Web
  • Collapse-O-Matic
  • Quick Featured Images
  • Simple Membership
  • Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates)
  • Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks
  • Simply Static
  • Print Invoice & Delivery Notes for WooCommerce
  • Analytify
  • AGCA
  • Popup Box
  • FV Flowplayer Video Player
  • Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
  • Timetable and Event Schedule by MotoPress
  • Social Sharing Plugin – Social Warfare
  • VOD Infomaniak
  • WP Google Review Slider
  • Hide Dashboard Notifications
  • Appointment Hour Booking – WordPress Booking Plugin
  • Payment Gateway Based Fees and Discounts for WooCommerce
  • Data Tables Generator by Supsystic
  • Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery
  • Pricing Table by Supsystic
  • Giveaways and Contests by RafflePress
  • Rate My Post – Star Rating Plugin by FeedbackWP
  • Secure Copy Content Protection and Content Locking
  • Social Share Icons & Social Share Buttons
  • Video Conferencing with Zoom
  • Product Addons & Fields for WooCommerce
  • Brevo for WooCommerce
  • WPZOOM Addons for Elementor (Templates, Widgets)
  • Advanced Floating Content Lite
  • Better Messages
  • rtMedia for WordPress, BuddyPress and bbPress
  • Classified Listing
  • Directorist
  • Elespare
  • Email Customizer for WooCommerce | Drag and Drop Email Templates
  • Builder
  • GamiPress
  • GeoDirectory
  • SSL Mixed Content Fix
  • List Custom Taxonomy Widget
  • Page Builder: Live Composer
  • myCred
  • Paid Membership Subscriptions
  • Pop-up
  • Five Star Restaurant Reservations
  • ReviewX
  • RomethemeKit For Elementor
  • Send PDF for Contact Form 7
  • Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media
  • Plugin by Social Snap
  • Ultimate Posts Widget
  • Easy Accept Payments via PayPal
  • WP Datepicker
  • SchedulePress
  • WP Travel Engine – Best Travel Booking WordPress Plugin
  • Arconix FAQ
  • FG Joomla to WordPress
  • RomethemeForm For Elementor
  • Smart Forms
  • WP LinkedIn Auto Publish
  • WordPress Backup & Migration
  • ARMember
  • Maintenance Mode
  • WPC Composite Products for WooCommerce
  • ProfileGrid
  • The Plus Blocks for Block Editor | Gutenberg
  • Better Elementor Addons
  • Easy Property Listings
  • Image Slider
  • Integrate Google Drive
  • Print My Blog
  • Radio Player
  • Arconix Shortcodes
  • Assistant – Every Day Productivity Apps
  • Podlove Podcast Publisher
  • Salon booking system
  • Ultimate 410 Gone Status Code
  • Advanced Local Pickup for WooCommerce
  • Embed Google Photos album
  • Import WP – Export and Import CSV and XML files to WordPress
  • Tickera – WordPress Event Ticketing
  • VikRentCar Car Rental Management System
  • WP ADA Compliance Check Basic
  • WP Fusion Lite – Marketing Automation and CRM Integration for WordPress
  • Coupon & Discount Code Reveal Button
  • Debug Log Manager
  • Newsletters
  • PropertyHive
  • Vision – Image Map Builder
  • Widget Post Slider
  • WP-Lister Lite for eBay
  • WP-Recall
  • Accessibility Widget
  • Advanced Testimonial Carousel for Elementor
  • All-in-one Like Widget
  • Knowledge Base documentation & wiki plugin – BasePress Docs
  • CookieHub – Cookie Consent Banner (DSGVO, CCPA, RGPD and GDPR compliance)
  • Custom field finder
  • RSS Redirect & Feedburner Alternative
  • InstaWP Connect – 1-click WP Staging & Migration
  • iPages Flipbook For WordPress
  • The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library)
  • User Meta – User Profile Builder and User management plugin
  • SuperFaktura WooCommerce
  • Academy LMS – eLearning and online course solution for WordPress
  • ActiveDEMAND
  • Admin Bar Editor – Hide Toolbar by User Roles
  • AI Post Generator | AutoWriter
  • AppPresser – Mobile App Framework
  • Booking Ultra Pro Appointments Booking Calendar Plugin
  • Post Form
  • Photos and Files Contest Gallery
  • ChatBot Conversational Forms
  • Culqi
  • EPROLO Dropshipping
  • USPS Shipping for WooCommerce – Live Rates
  • Headline Analyzer
  • KB Support – WordPress Help Desk and Knowledge Base
  • Login with phone number
  • BizPrint – Print WooCommerce Order Receipts, Invoices, Labels & More
  • Radio Station by netmix® – Manage and play your Show Schedule in WordPress!
  • Reviews Plus
  • Save as PDF Plugin by Pdfcrowd
  • Seers | GDPR & CCPA Cookie Consent & Compliance
  • Image Optimizer, Resizer and CDN – Sirv
  • StreamWeasels Twitch Integration
  • Poll | Vote | Contest – Best Poll Plugin for WordPress
  • Vitepos – Point of sale (POS) plugin for WooCommerce
  • WP Club Manager – WordPress Sports Club Plugin
  • WP GoToWebinar
  • MDTF – Meta Data and Taxonomies Filter
  • WP Time Slots Booking Form
  • WPCal.io – Easy Meeting Scheduler
  • WPPizza – A Restaurant Plugin
  • Frontend Dashboard
  • Leaky Paywall
  • Olive One Click Demo Import
  • SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy
  • Barcode Scanner and Inventory manager. POS (Point of Sale)
  • Slash Admin
  • Car Dealer (Dealership) and Vehicle sales
  • ShortPixel Critical CSS
  • Admin and Customer Messages After Order for WooCommerce: OrderConvo
  • SSU – WordPress Amazon S3 & Wasabi Smart File Uploads Plugin
  • Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media
  • Build 5 Star Reviews on Google Reviews, Yelp, Facebook… easily and risk-free | RRatingg
  • Better Comments
  • Header Footer Code Manager Pro
  • ARForms
  • ARForms Form Builder
  • Digital Publications by Supsystic
  • ElementsKit Pro
  • Fancy Product Designer
  • Interactive World Maps
  • Max Addons Pro for Bricks
  • WooCommerce Shipping Label
  • WooCommerce Customers Manager
  • WP Media Category Management
  • Wp Staging Pro

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.