Digital Chicks People Focused Tech Powered Logo

WordPress Vulnerability Report — May 08, 2024

In this report, 219 new vulnerabilities have been publicly disclosed affecting 211 plugins and 8 themes.  Security patches for  135 of these plugins and themes are availableas of the publishing of this report.

Along with poor user account security, vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

No vulnerabilities identified – yea!

WordPress Themes

Themes With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the theme(s).

  • Adventure Journal
  • Unique

Themes With A Fix/Patch Available

Disclosed vulnerability(ies) have been patched. You should update to the latest version.

  • Blocksy
  • Edge
  • Freesia Empire
  • Pliska
  • Raindrops
  • Restaurant and Cafe

WordPress Plugins

Plugins With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the plugin(s).

  • Gutenberg Blocks with AI by Kadence WP
  • All-in-One Video Gallery
  • Xserver Migrator
  • Booster Extension
  • rtMedia for WordPress, BuddyPress and bbPress
  • Democracy Poll
  • Responsive Contact Form Builder & Lead Generation Plugin
  • Login Logout Register Menu
  • Print-O-Matic
  • All-in-One Addons for Elementor – WidgetKit
  • WP Post Author
  • EventON
  • Eleblog – Elementor Blog And Magazine Addons
  • Share This Image
  • Simple Image Popup
  • Admin Page Spider
  • Post Grid Master
  • Viet Nam Affiliate
  • 5280 Bootstrap Modal Contact Form
  • Print Barcode Labels for your WooCommerce products/orders
  • AA Cash Calculator
  • ACF Front End Editor
  • ACF On-The-Go
  • AJAX Login and Registration modal popup + inline form
  • AnnounceKit
  • Archives Calendar Widget
  • AWSOM News Announcement
  • BlogLentor
  • Brozzme Scroll Top
  • Calendar
  • canvasio3D Light
  • Configure Login Timeout
  • Corona Virus (COVID-19) Banner & Live Data
  • CPO Companion
  • Crelly Slider
  • Different Menu in Different Pages
  • Easy Restaurant Table Booking
  • Event Management Tickets Booking
  • Fancy Elementor Flipbox
  • Elementor ImageBox
  • Featured Content Gallery
  • Forty Four – 404 Plugin for WordPress
  • WP Front User Submit / Front Editor
  • GDPR Compliance
  • Giphypress
  • Google Document Embedder
  • Google Typography
  • Comments Evolved for WordPress
  • GWP-Histats
  • Inline Google Spreadsheet Viewer
  • MF Gig Calendar
  • Min and Max Purchase for WooCommerce
  • Mini Loops
  • Grid Gallery
  • Photo Gallery
  • CodeBard’s Patron Button and Widgets for Patreon
  • PB MailCrypt
  • Perfect Pullquotes
  • Pk Favicon Manager
  • Progressive WordPress (PWA)
  • QuickieBar
  • Realtyna Organic IDX plugin
  • School Management Pro
  • Sliding Widgets
  • Social Share Buttons by Supsystic
  • SP Project & Document Manager
  • Subway – Private Site Option
  • SVS Pricing Tables
  • Swift Framework
  • TT Custom Post Type Creator
  • TweetScroll Widget
  • Viet Affiliate LinkWoo
  • Total Sales
  • WP etracker
  • WP Favorite Posts
  • WPCS (WordPress Custom Search)
  • WTI Like Post
  • ZD YouTube FLV Player

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Yoast SEO
  • Contact Form by WPForms
  • All in One SEO
  • Essential Addons for Elementor
  • Rank Math SEO with AI Best SEO Tools
  • ElementsKit Elementor addons and Templates Library
  • Premium Addons for Elementor
  • Spectra – WordPress Gutenberg Blocks
  • Contact Form 7 Database Addon – CFDB7
  • WP Shortcodes Plugin
  • SEOPress
  • Jeg Elementor Kit
  • Qi Addons For Elementor
  • Supreme Modules Lite
  • Elementor Addon Elements
  • BackUpWordPress
  • BuddyPress
  • Content Views
  • The Plus Addons for Elementor
  • ShopLentor
  • The Post Grid – Shortcode
  • MailerLite
  • Sydney Toolbox
  • Tutor LMS
  • WP ULike
  • Folders
  • 3D FlipBook
  • Media Cleaner
  • Drag and Drop Multiple File Upload – Contact Form 7
  • Exclusive Addons for Elementor
  • Getwid – Gutenberg Blocks
  • Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
  • Image Hover Effects
  • Photo Gallery, Images, Slider in Rbs Image Gallery
  • Simple Membership
  • Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms
  • Booster for WooCommerce
  • WP Recipe Maker
  • Sina Extension for Elementor
  • Analytify – Google Analytics Dashboard For WordPress
  • WP Video Lightbox
  • Popup Box – Best WordPress Popup Plugin
  • Float menu – awesome floating side menu
  • Gutenverse – Gutenberg Blocks – Page Builder for Site Editor
  • Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
  • Timetable and Event Schedule by MotoPress
  • LeadConnector
  • ClickCease Click Fraud Protection
  • RegistrationMagic – User Registration Plugin with Custom Registration Forms
  • Directorist – WordPress Business Directory Plugin with Classified Ads Listings
  • EAN for WooCommerce
  • GamiPress
  • LA-Studio Element Kit for Elementor
  • Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
  • MasterStudy LMS WordPress Plugin – for Online Courses and Education
  • Modal Window – create popup modal window
  • WordPress Header Builder Plugin – Pearl
  • ReviewX – Multi-criteria Rating & Reviews for WooCommerce
  • RomethemeKit For Elementor
  • Simple Basic Contact Form
  • Thim Elementor Kit
  • Web Push Notifications – Webpushr
  • Alt Text AI
  • Smart Forms
  • ARMember
  • WP ERP | Complete HR solution with recruitment & job listings
  • WooCommerce CRM & Accounting
  • WordPress Affiliates Plugin
  • WPC Composite Products for WooCommerce
  • Customer Email Verification for WooCommerce
  • iPanorama 360
  • Shipment Tracking, Tracking, and Order Tracking for WooCommerce
  • Sticky Button
  • Button Generator
  • Print My Blog – Print, PDF, & eBook Converter WordPress Plugin
  • Side Menu Lite
  • Edwiser Bridge
  • ElementsReady Addons for Elementor
  • Testimonial Slider
  • WPify Woo Czech
  • Popup Box – new WordPress popup plugin
  • Startklar Elementor Addons
  • Auto Affiliate Links
  • Custom WooCommerce Checkout Fields Editor
  • Debug Log Manager
  • Mihdan: Yandex Turbo Feed
  • Herd Effects – fake notifications and social proof plugin
  • PropertyHive
  • iPages Flipbook For WordPress
  • JW Player for WordPress
  • Masteriyo LMS
  • Video Gallery
  • Table Plugin for WordPress with Google Sheets Integration
  • Ultimate Under Construction
  • Where Did You Hear About Us Checkout Field for WooCommerce
  • Follow Us Badges
  • Academy LMS
  • Admin Bar Editor
  • Post Grid Master
  • ChatBot Conversational Forms
  • Counter Box – WordPress plugin for countdown, timer, counter
  • Login with phone number
  • Mooberry Book Manager
  • SimpleShop
  • MDTF – Meta Data and Taxonomies Filter
  • Barcode Scanner and Inventory manager. POS (Point of Sale
  • Wow Skype Buttons
  • Last Viewed Posts by WPBeginner
  • Hostel
  • Tabellen von
  • Breakdance
  • ConvertPlus
  • Cost Calculator Builder Pro
  • Digital Publications by Supsystic
  • Elementor Pro
  • Fancy Product Designer
  • Gravity Forms Unique ID
  • Mhr Post Ticker
  • Slider Revolution
  • WooCommerce AWeber Newsletter Subscription

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for website management and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.