Wordfence Intelligence Weekly WordPress Vulnerability Report (November 10, 2025 to November 16, 2025)
đą Calling all Vulnerability Researchers and Bug Bounty Hunters! đą
đ The LFInder Challenge: Refine your LFI hunting skills with an expanded scope. Now through November 24, 2025, all LFI vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of researcher tier, AND earn a 30% bonus on all Local File Inclusion vulnerability submissions not already increased by another promotion.
Last week, there were 131 vulnerabilities disclosed in 120 WordPress Plugins and 3 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 58 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected.
Our mission with Wordfence Intelligence is to make valuable vulnerability information easily accessible to everyone, like the WordPress community, so individuals and organizations alike can utilize that data to implement layered security, aligning with our overarching mission to secure WordPress with defense in depth strategies. That is why the Wordfence Intelligence user interface, vulnerability API, webhook integration, and Wordfence CLI Vulnerability Scanner are all completely free to access and utilize both personally and commercially, and why we are running this weekly vulnerability report. As the world’s leading quality vulnerability database provider for WordPress, site owners can rest assured knowing Wordfence has their back.
Enterprises, Hosting Providers, and even Individuals can use the Wordfence CLI Vulnerability Scanner to run regular vulnerability scans across the sites they protect. Or alternatively, utilize the vulnerability Database API to receive a complete dump of our database of over 29,000 vulnerabilities and then utilize the webhook integration to stay on top of the newest vulnerabilities added in real-time, as well as any updates made to the database, all for free.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
New Firewall Rules Deployed Last Week
The Wordfence Threat Intelligence Team reviews each vulnerability to determine impact and severity, along with assessing the likelihood of exploitation, to verify that the Wordfence Firewall provides sufficient protection.
The team rolled out enhanced protection via firewall rules for the following vulnerabilities in real-time to our Premium, Care, and Response customers last week:
-
- WAF-RULE-874 – Data redacted while we work with the vendor on a patch.
- Gravity Forms <= 2.9.21.1 – Unauthenticated Arbitrary File Upload via Legacy Chunked Upload
Wordfence Premium, Care, and Response customers received this protection immediately, while users still running the free version of Wordfence will receive this enhanced protection after a 30 day delay.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
|---|---|
| Patched | 77 |
| Unpatched | 54 |
Total Vulnerabilities by CVSS Severity Last Week
| Severity Rating | Number of Vulnerabilities |
|---|---|
| Medium Severity | 110 |
| High Severity | 16 |
| Critical Severity | 5 |
Total Vulnerabilities by CWE Type Last Week
| Vulnerability Type by CWE | Number of Vulnerabilities |
|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 46 |
| Missing Authorization | 29 |
| Cross-Site Request Forgery (CSRF) | 9 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | 8 |
| Authorization Bypass Through User-Controlled Key | 7 |
| Exposure of Sensitive Information to an Unauthorized Actor | 5 |
| Improper Control of Generation of Code ('Code Injection') | 4 |
| Improper Privilege Management | 4 |
| External Control of File Name or Path | 2 |
| Improper Authorization | 2 |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) | 2 |
| Unrestricted Upload of File with Dangerous Type | 2 |
| Client-Side Enforcement of Server-Side Security | 1 |
| Deserialization of Untrusted Data | 1 |
| Exposure of Private Personal Information to an Unauthorized Actor | 1 |
| Improper Access Control | 1 |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') | 1 |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | 1 |
| Insecure Storage of Sensitive Information | 1 |
| Insertion of Sensitive Information into Externally-Accessible File or Directory | 1 |
| Missing Authentication for Critical Function | 1 |
| URL Redirection to Untrusted Site ('Open Redirect') | 1 |
| Use of Insufficiently Random Values | 1 |
Researchers That Contributed to WordPress Security Last Week
| Researcher Name | Number of Vulnerabilities |
|---|---|
| 15 | |
| 12 | |
| 8 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Are you a security researcher who would like to be featured in our weekly vulnerability report? You can responsibly disclose your WordPress vulnerability discoveries to us and earn a bounty on in-scope vulnerabilities through our Bug Bounty Program. Responsibly disclosing your vulnerability discoveries to us will also get your name added on the Wordfence Intelligence leaderboard along with being mentioned in our weekly vulnerability report.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| 0 Day Analytics | 0-day-analytics |
| AI Engine â The Chatbot, AI Framework & MCP for WordPress | ai-engine |
| All in One SEO â Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic | all-in-one-seo-pack |
| Alt Text Generator AI â Auto Generate & Bulk Update Alt Texts For Images | alt-text-generator |
| Appointment Booking Calendar | appointment-booking-calendar |
| Asgaros Forum | asgaros-forum |
| Astra Security Suite â Firewall & Malware Scan | getastra |
| Authors List | authors-list |
| Auto Amazon Links â Amazon Associates Affiliate Plugin | amazon-auto-links |
| Blocksy Companion | blocksy-companion |
| Booking Calendar | booking |
| Booking for Appointments and Events Calendar â Amelia | ameliabooking |
| Bookit â Booking & Appointment Calendar | bookit |
| Chart Expert | chart-expert |
| ChatHelp â Click to Chat Button, WooCommerce Chat to Order & Floating Chat Form | chat-help |
| Classified Listing â AI-Powered Classified ads & Business Directory | classified-listing |
| Comment Edit Core â Simple Comment Editing | simple-comment-editing |
| Contact Form Email | contact-form-to-email |
| Contest Gallery â Upload & Vote Photos, Media, Sell with PayPal & Stripe | contest-gallery |
| Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed | quicq |
| Coon Google Maps | coon-google-maps |
| Crypto Tool | crypto |
| CTL Arcade Lite | ctl-arcade-lite |
| Custom Fields Account Registration For WooCommerce | custom-fields-account-registration-for-woocommerce |
| Data Tables Generator by Supsystic | data-tables-generator-by-supsystic |
| db-access | db-access |
| Debug Tool | debug-tool |
| Document Pro Elementor â Documentation & Knowledge Base | document-pro-elementor |
| donation | donation |
| Double the Donation â A workplace giving tool | double-the-donation |
| Easy Email Subscription | email-subscription-with-secure-captcha |
| EasyCommerce â WordPress Ecommerce Plugin with AI Shopping Agent, Content Writer & Image Generator | easycommerce |
| Elastic Theme Editor | elastic-theme-editor |
| Envira Gallery â Image Photo Gallery, Albums, Video Gallery, Slideshows & More | envira-gallery-lite |
| Eventbee Ticketing Widget | eventbee-ticketing-widget |
| Featured Image | featured-image |
| Find Unused Images | find-unused-images |
| Five9 Live Chat | five9 |
| Fleet Manager | fleet |
| Flickr Show | wp-flickrshow |
| GeoDirectory â WP Business Directory Plugin and Classified Listings Directory | geodirectory |
| Geopost | geopost |
| GitHub Gist Shortcode Plugin | github-gist-shortcode |
| Holiday class post calendar | holiday-class-post-calendar |
| Hydra Booking â Appointment Scheduling & Booking Calendar | hydra-booking |
| Include Fussball.de Widgets | include-fussball-de-widgets |
| Jeba Cute forkit | jeba-cute-forkit |
| LifterLMS â WP LMS for eLearning, Online Courses, & Quizzes | lifterlms |
| Live Photos on WordPress | live-photos |
| MembershipWorks â Membership, Events & Directory | memberfindme |
| Mementor Core | mementor-core |
| Modula Image Gallery â Photo Grid & Video Gallery | modula-best-grid-gallery |
| Multi Location Marker | add-multiple-marker |
| My Geo Posts Free | my-geo-posts-free |
| Ninja Countdown | Fastest Countdown Builder | ninja-countdown |
| Nonaki â Drag and Drop Email Template builder and Newsletter plugin for WordPress | nonaki-email-template-customizer |
| Online Booking & Scheduling Calendar for WordPress by vcita | meeting-scheduler-by-vcita |
| Page Builder: Pagelayer â Drag and Drop website builder | pagelayer |
| Passster â Password Protect Pages and Content | content-protector |
| Payment Plugins Braintree For WooCommerce | woo-payment-gateway |
| Paypal Donation Shortcode | paypal-donation-shortcode |
| PDF Builder for WooCommerce. Create invoices,packing slips and more | woo-pdf-invoice-builder |
| Poll Maker by AYS â Versus Polls, Anonymous Polls, Image Polls | poll-maker |
| Post Blocks & Tools | bnm-blocks |
| Precise Columns | precise-columns |
| Preload Current Images | preload-current-images |
| Private Google Calendars | private-google-calendars |
| Progress Bar Blocks for Gutenberg | progressmatify-blocks |
| Project Manager â AI Powered Project Management, Task Management, Kanban Board & Time Tracker | wedevs-project-manager |
| Qi Blocks | qi-blocks |
| RandomQuotr | randomquotr |
| Save as PDF Button | save-as-pdf |
| School Management System â WPSchoolPress | wpschoolpress |
| Select Core | select-core |
| Seriously Simple Podcasting | seriously-simple-podcasting |
| Share to Google Classroom | share-to-google-classroom |
| Shelf Planner Inventory Management for WooCommerce | shelf-planner |
| Shopkeeper Extender | shopkeeper-extender |
| Simple Donate | simple-donate |
| Skip to Timestamp | skip-to-timestamp |
| SKT Skill Bar | skt-skill-bar |
| Slippy Slider â Responsive Touch Navigation Slider | slippy-slider-responsive-touch-navigation-slider |
| SNORDIAN's H5PxAPIkatchu | h5pxapikatchu |
| Specific Content For Mobile â Customize the mobile version without redirections | specific-content-for-mobile |
| Squirrels Auto Inventory | squirrels-auto-inventory |
| Stars Testimonials â Responsive Reviews & Star Ratings | stars-testimonials-with-slider-and-masonry-grid |
| Stylish Cost Calculator â Quote Generator, Lead Gen & Price Estimator | stylish-cost-calculator |
| SureForms â Drag & Drop Contact Form & Form Builder, Payment Form, Survey, Quiz & Calculator | sureforms |
| Survey Maker by AYS | survey-maker |
| The Total Book Project | the-total-book-project |
| Theater for WordPress | theatre |
| Thumbnail Slider With Lightbox | wp-responsive-slider-with-lightbox |
| Timetable and Event Schedule by MotoPress | mp-timetable |
| TNC Toolbox: Web Performance | tnc-toolbox |
| Twitter Feed | ot-twitter-feed |
| Ungapped Widgets | ungapped-widgets |
| USB Qr Code Scanner For Woocommerce | usb-qr-code-scanner-for-woocommerce |
| Welcart e-Commerce | usc-e-shop |
| Wishlist and Save for later for Woocommerce | aco-wishlist-for-woocommerce |
| Wisly | wisly |
| Woffice Core | woffice-core |
| Woocommerce â Products By Custom Tax | woocommerce-products-by-custom-tax |
| WooMulti | woomulti |
| WordPress Content Flipper | wp-flipper |
| WP All Import â Drag & Drop Import for CSV, XML, Excel & Google Sheets | wp-all-import |
| WP BBCode | wp-bbcode |
| WP Bootstrap Tabs | wp-bootstrap-tabs |
| WP Count Down Timer | wp-count-down-timer |
| WP Custom Admin Login Page Logo | wp-custom-login-page-logo |
| WP Google Review Slider | wp-google-places-review-slider |
| WP Plugin Manager â Deactivate plugins per page | wp-plugin-manager |
| WP Social Ninja â Embed Social Feeds, User Reviews & Chat Widgets | wp-social-reviews |
| WP Ultimate CSV Importer â WordPress Import & Export for CSV, XML & Excel | wp-ultimate-csv-importer |
| WP YouTube Lyte | wp-youtube-lyte |
| WP-Iconics | wp-iconics |
| WP-OAuth | wp-oauth |
| WP-Walla | wp-walla |
| WPFunnels â Funnel Builder for WooCommerce with Checkout & One Click Upsell | wpfunnels |
| WP移èĄć°çšăă©ă°ă€ăł for CPI | cpi-wp-migration |
| YSlider | yslider |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
|---|---|
| Angel â Fashion Model Agency WordPress CMS Theme | angel |
| Lobo - WordPress Portfolio for Freelancers & Agencies | lobo |
| photography | photography |
Vulnerability Details
Please note that if you run the Wordfence plugin on your WordPress site, with the scanner enabled, you shouldâve already been notified if your site was affected by any of these vulnerabilities. If you’d like to receive real-time notifications whenever a vulnerability is added to the Wordfence Intelligence Vulnerability Database, check out our Slack and HTTP Webhook Integration, which is completely free to utilize.
Affected Software
TNC Toolbox: Web Performance [tnc-toolbox]
Researcher
Affected Software
Debug Tool [debug-tool]
Researcher
Affected Software
Researcher
Affected Software
Holiday class post calendar [holiday-class-post-calendar]
Researcher
Affected Software
WP移èĄć°çšăă©ă°ă€ăł for CPI [cpi-wp-migration]
Researcher
Blocksy Companion <= 2.1.19 - Authenticated (Author+) Arbitrary File Upload via SVG Upload Bypass
8.8
Affected Software
Blocksy Companion [blocksy-companion]
Researcher
Affected Software
Custom Fields Account Registration For WooCommerce [custom-fields-account-registration-for-woocommerce]
Researcher
Affected Software
Elastic Theme Editor [elastic-theme-editor]
Researcher
Affected Software
Researcher
Affected Software
Researcher
Affected Software
Mementor Core [mementor-core]
Researcher
Affected Software
Researcher
Affected Software
WooMulti [woomulti]
Researcher
Affected Software
Auto Amazon Links â Amazon Associates Affiliate Plugin [amazon-auto-links]
Researcher
Affected Software
Researcher
Affected Software
Booking for Appointments and Events Calendar â Amelia [ameliabooking]
Researcher
Affected Software
Payment Plugins Braintree For WooCommerce [woo-payment-gateway]
Researcher
Affected Software
Select Core [select-core]
Researcher
Affected Software
Easy Email Subscription [email-subscription-with-secure-captcha]
Researcher
SNORDIAN's H5PxAPIkatchu <= 0.4.17 - Unauthenticated Stored Cross-Site Scripting via insert_data
7.2
Affected Software
SNORDIAN's H5PxAPIkatchu [h5pxapikatchu]
Researcher
Affected Software
Researcher
Affected Software
Authors List [authors-list]
Researcher
Affected Software
Data Tables Generator by Supsystic [data-tables-generator-by-supsystic]
Researcher
Affected Software
Specific Content For Mobile â Customize the mobile version without redirections [specific-content-for-mobile]
Researcher
WP Project Manager <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator'
6.5
Affected Software
Project Manager â AI Powered Project Management, Task Management, Kanban Board & Time Tracker [wedevs-project-manager]
Researcher
Affected Software
Affected Software
Booking Calendar [booking]
Researcher
Affected Software
Chart Expert [chart-expert]
Researcher
Coon Google Maps <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
Affected Software
Coon Google Maps [coon-google-maps]
Researcher
Affected Software
Eventbee Ticketing Widget [eventbee-ticketing-widget]
Researcher
Affected Software
Five9 Live Chat [five9]
Researcher
Affected Software
Flickr Show [wp-flickrshow]
Researcher
Affected Software
Geopost [geopost]
Researcher
Affected Software
GitHub Gist Shortcode Plugin [github-gist-shortcode]
Researcher
Affected Software
Include Fussball.de Widgets [include-fussball-de-widgets]
Researchers
Jeba Cute forkit <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
Affected Software
Jeba Cute forkit [jeba-cute-forkit]
Researcher
Affected Software
Live Photos on WordPress [live-photos]
Researcher
Affected Software
Post Blocks & Tools [bnm-blocks]
Researcher
Affected Software
My Geo Posts Free [my-geo-posts-free]
Researcher
Affected Software
Nonaki â Drag and Drop Email Template builder and Newsletter plugin for WordPress [nonaki-email-template-customizer]
Researcher
Affected Software
Paypal Donation Shortcode [paypal-donation-shortcode]
Researcher
Affected Software
Precise Columns [precise-columns]
Researcher
Affected Software
Preload Current Images [preload-current-images]
Researcher
Affected Software
Save as PDF Button [save-as-pdf]
Researcher
Affected Software
Select Core [select-core]
Researcher
Affected Software
Share to Google Classroom [share-to-google-classroom]
Researcher
Affected Software
Shopkeeper Extender [shopkeeper-extender]
Researcher
Affected Software
Simple Donate [simple-donate]
Researcher
Skip to Timestamp <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
Affected Software
Skip to Timestamp [skip-to-timestamp]
Researcher
Affected Software
SKT Skill Bar [skt-skill-bar]
Researcher
Affected Software
Stars Testimonials â Responsive Reviews & Star Ratings [stars-testimonials-with-slider-and-masonry-grid]
Researcher
Affected Software
Stylish Cost Calculator â Quote Generator, Lead Gen & Price Estimator [stylish-cost-calculator]
Researcher
Affected Software
Thumbnail Slider With Lightbox [wp-responsive-slider-with-lightbox]
Researcher
Affected Software
Twitter Feed [ot-twitter-feed]
Researcher
Affected Software
Ungapped Widgets [ungapped-widgets]
Researcher
Affected Software
Woocommerce â Products By Custom Tax [woocommerce-products-by-custom-tax]
Researcher
Affected Software
WordPress Content Flipper [wp-flipper]
Researcher
Affected Software
WP BBCode [wp-bbcode]
Researcher
WP Bootstrap Tabs <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
6.4
Affected Software
WP Bootstrap Tabs [wp-bootstrap-tabs]
Researcher
Affected Software
WP Count Down Timer [wp-count-down-timer]
Researcher
Affected Software
WP-Iconics [wp-iconics]
Researcher
Affected Software
photography [photography]
Researcher
Affected Software
WP-OAuth [wp-oauth]
Researcher
Affected Software
RandomQuotr [randomquotr]
Researchers
Affected Software
Progress Bar Blocks for Gutenberg [progressmatify-blocks]
Researcher
Affected Software
Slippy Slider â Responsive Touch Navigation Slider [slippy-slider-responsive-touch-navigation-slider]
Researcher
Affected Software
The Total Book Project [the-total-book-project]
Researcher
Affected Software
Multi Location Marker [add-multiple-marker]
Researcher
Affected Software
Researcher
Affected Software
Researcher
Affected Software
Comment Edit Core â Simple Comment Editing [simple-comment-editing]
Researcher
Affected Software
Researcher
Affected Software
Crypto Tool [crypto]
Researcher
Affected Software
Crypto Tool [crypto]
Researcher
Affected Software
Document Pro Elementor â Documentation & Knowledge Base [document-pro-elementor]
Researcher
Find Unused Images <= 1.0.7 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
5.3
Affected Software
Find Unused Images [find-unused-images]
Researcher
Affected Software
Hydra Booking â Appointment Scheduling & Booking Calendar [hydra-booking]
Researcher
Affected Software
Hydra Booking â Appointment Scheduling & Booking Calendar [hydra-booking]
Researcher
Affected Software
Passster â Password Protect Pages and Content [content-protector]
Researcher
Affected Software
Shelf Planner Inventory Management for WooCommerce [shelf-planner]
Researcher
Affected Software
Shelf Planner Inventory Management for WooCommerce [shelf-planner]
Researcher
Affected Software
WP Social Ninja â Embed Social Feeds, User Reviews & Chat Widgets [wp-social-reviews]
Researcher
Affected Software
Researcher
Affected Software
Survey Maker by AYS [survey-maker]
Researcher
Affected Software
Survey Maker by AYS [survey-maker]
Researcher
Affected Software
Theater for WordPress [theatre]
Researcher
Affected Software
Timetable and Event Schedule by MotoPress [mp-timetable]
Researcher
Affected Software
Welcart e-Commerce [usc-e-shop]
Researcher
Affected Software
Wisly [wisly]
Researcher
Affected Software
Woffice Core [woffice-core]
Researcher
Affected Software
Researcher
Affected Software
0 Day Analytics [0-day-analytics]
Researcher
Affected Software
donation [donation]
Researcher
Affected Software
Double the Donation â A workplace giving tool [double-the-donation]
Researchers
Affected Software
Researcher
School Management System â WPSchoolPress <= 2.2.23 - Authenticated (Administrator+) SQL Injection
4.9
Affected Software
School Management System â WPSchoolPress [wpschoolpress]
Researcher
Affected Software
WP YouTube Lyte [wp-youtube-lyte]
Researcher
Affected Software
Featured Image [featured-image]
Researcher
Affected Software
Fleet Manager [fleet]
Researchers
Affected Software
MembershipWorks â Membership, Events & Directory [memberfindme]
Researcher
Affected Software
Squirrels Auto Inventory [squirrels-auto-inventory]
Researcher
Affected Software
All in One SEO â Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic [all-in-one-seo-pack]
Researcher
Affected Software
Alt Text Generator AI â Auto Generate & Bulk Update Alt Texts For Images [alt-text-generator]
Researcher
Affected Software
Appointment Booking Calendar [appointment-booking-calendar]
Researcher
Affected Software
Asgaros Forum [asgaros-forum]
Researcher
Affected Software
Classified Listing â AI-Powered Classified ads & Business Directory [classified-listing]
Researcher
Affected Software
Contact Form Email [contact-form-to-email]
Researcher
Affected Software
Researcher
Affected Software
CTL Arcade Lite [ctl-arcade-lite]
Researcher
Affected Software
db-access [db-access]
Researcher
Affected Software
Envira Gallery â Image Photo Gallery, Albums, Video Gallery, Slideshows & More [envira-gallery-lite]
Researcher
Affected Software
Researcher
Affected Software
WP Google Review Slider [wp-google-places-review-slider]
Researcher
Affected Software
Modula Image Gallery â Photo Grid & Video Gallery [modula-best-grid-gallery]
Researcher
Affected Software
Researcher
Affected Software
Ninja Countdown | Fastest Countdown Builder [ninja-countdown]
Researcher
Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5.5 - Cross-Site Request Forgery
4.3
Affected Software
Online Booking & Scheduling Calendar for WordPress by vcita [meeting-scheduler-by-vcita]
Researcher
Affected Software
Online Booking & Scheduling Calendar for WordPress by vcita [meeting-scheduler-by-vcita]
Researcher
Affected Software
Researcher
Affected Software
WP Plugin Manager â Deactivate plugins per page [wp-plugin-manager]
Researcher
Affected Software
Private Google Calendars [private-google-calendars]
Researcher
Affected Software
Qi Blocks [qi-blocks]
Researcher
Affected Software
Seriously Simple Podcasting [seriously-simple-podcasting]
Researcher
Affected Software
Survey Maker by AYS [survey-maker]
Researcher
Affected Software
USB Qr Code Scanner For Woocommerce [usb-qr-code-scanner-for-woocommerce]
Researcher
Affected Software
Wishlist and Save for later for Woocommerce [aco-wishlist-for-woocommerce]
Researcher
Affected Software
PDF Builder for WooCommerce. Create invoices,packing slips and more [woo-pdf-invoice-builder]
Researcher
Affected Software
WP Custom Admin Login Page Logo [wp-custom-login-page-logo]
Researcher
Affected Software
WP Ultimate CSV Importer â WordPress Import & Export for CSV, XML & Excel [wp-ultimate-csv-importer]
Researcher
As a reminder, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence.
This database is continuously updated, maintained, and populated by Wordfenceâs highly credentialed and experienced vulnerability researchers through in-house vulnerability research, vulnerability researchers submitting directly to us through our Bug Bounty Program, and by monitoring varying sources to capture all publicly available WordPress vulnerability information and adding additional context where we can.
Click here to sign-up for our mailing list to receive weekly vulnerability reports like this and important WordPress Security reports in your inbox the moment they are published.
Comments