Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVE	CVE-2023-33999
CVSS	Medium (6.1)
Publicly Published	July 18, 2023
Last Updated	October 21, 2024
Researcher	Rafie Muhammad

Description

The Freemius SDK for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘fs_request_get’ function in versions up to, and including, 2.5.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

References

www.wordfence.com

758 affected software package

Software Type	Plugin
Software Slug	yet-another-stars-rating (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.2, or a newer patched version
Affected Version	1.4.4 - 3.4.1
Patched Version	3.4.2
Software Type	Plugin
Software Slug	events-addon-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.3, or a newer patched version
Affected Version	1.8.4 - 2.0.2
Patched Version	2.0.3
Software Type	Plugin
Software Slug	woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.4.1, or a newer patched version
Affected Version	1.8 - 2.1.4
Patched Version	2.1.4.1
Software Type	Plugin
Software Slug	reader-mode (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	awesome-social-icons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0 - 2.0
Patched Version
Software Type	Plugin
Software Slug	acf-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.10, or a newer patched version
Affected Version	1.0.0 - 2.6.9
Patched Version	2.6.10
Software Type	Plugin
Software Slug	ultimeter (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.3, or a newer patched version
Affected Version	<= 2.8.2
Patched Version	2.8.3
Software Type	Plugin
Software Slug	past-events-extension (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	easy-order-view (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	pootle-page-builder (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.0 - 5.7.1
Patched Version
Software Type	Plugin
Software Slug	easy-call-now-button (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.5 - 1.0.5
Patched Version
Software Type	Theme
Software Slug	bootstrap-fitness (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.6, or a newer patched version
Affected Version	1.0.5 - 1.0.5
Patched Version	1.0.6
Software Type	Plugin
Software Slug	guest-author-affiliate (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.6, or a newer patched version
Affected Version	1.1.4 - 1.1.4
Patched Version	1.1.6
Software Type	Plugin
Software Slug	local-delivery-drivers-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.0, or a newer patched version
Affected Version	1.0.0 - 1.8.9
Patched Version	1.9.0
Software Type	Plugin
Software Slug	ultimate-gutenberg (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.5.1
Patched Version
Software Type	Plugin
Software Slug	sv-media-library (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	required-taxonomies (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.8, or a newer patched version
Affected Version	<= 1.1.7
Patched Version	1.1.8
Software Type	Plugin
Software Slug	featured-products-first-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.6, or a newer patched version
Affected Version	1.0 - 1.9.5
Patched Version	1.9.6
Software Type	Plugin
Software Slug	ssl-zen (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.5.3, or a newer patched version
Affected Version	<= 4.5.2
Patched Version	4.5.3
Software Type	Plugin
Software Slug	check-zipcode (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	nova-poshta-ttn (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.47, or a newer patched version
Affected Version	<= 1.7.46
Patched Version	1.7.47
Software Type	Plugin
Software Slug	streak-crm-for-gmail-integration-for-contact-form-7 (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.9, or a newer patched version
Affected Version	<= 1.0.8
Patched Version	1.0.9
Software Type	Plugin
Software Slug	5-stars-rating-funnel (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.63, or a newer patched version
Affected Version	<= 1.2.62
Patched Version	1.2.63
Software Type	Plugin
Software Slug	simple-author-box (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4, or a newer patched version
Affected Version	<= 2.3.22
Patched Version	2.4
Software Type	Plugin
Software Slug	kenta-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.4, or a newer patched version
Affected Version	1.0.0 - 1.3.3
Patched Version	1.3.4
Software Type	Plugin
Software Slug	dancepress-trwa (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.6.2, or a newer patched version
Affected Version	1.181106 - 2.4.5
Patched Version	2.4.6.2
Software Type	Plugin
Software Slug	embed-docs (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.1, or a newer patched version
Affected Version	2.0.1 - 3.0.0
Patched Version	3.0.1
Software Type	Plugin
Software Slug	woo-advanced-product-size-chart (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.3.1, or a newer patched version
Affected Version	2.0.1 - 2.4.3
Patched Version	2.4.3.1
Software Type	Plugin
Software Slug	section-slider (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.0.0 - 0.0.0
Patched Version
Software Type	Plugin
Software Slug	wp-my-admin-bar (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	3.0.0 - 3.1.0
Patched Version
Software Type	Theme
Software Slug	patch-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.8, or a newer patched version
Affected Version	<= 1.0.7
Patched Version	1.0.8
Software Type	Plugin
Software Slug	setka-editor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.9.1 - 2.1.19
Patched Version
Software Type	Plugin
Software Slug	olivewp-companion (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.1.2
Patched Version
Software Type	Plugin
Software Slug	easy-prayer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.2
Patched Version
Software Type	Plugin
Software Slug	contact-form-7-skins (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.1, or a newer patched version
Affected Version	<= 2.1
Patched Version	2.1.1
Software Type	Plugin
Software Slug	exportfeed-for-woocommerce-product-to-etsy (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.2.0, or a newer patched version
Affected Version	<= 5.1.2
Patched Version	5.2.0
Software Type	Plugin
Software Slug	auto-terms-of-service-and-privacy-policy (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	<= 1.8.2
Patched Version	2.0.0
Software Type	Plugin
Software Slug	raise-prices-with-sales-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3.1
Patched Version
Software Type	Plugin
Software Slug	server-info (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.5.1 - 2.5.3
Patched Version
Software Type	Plugin
Software Slug	ai-image-generator (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	wp-google-places-review-slider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 12.6, or a newer patched version
Affected Version	11.2 - 12.5
Patched Version	12.6
Software Type	Plugin
Software Slug	pagemanager (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.9
Patched Version
Software Type	Plugin
Software Slug	simple-cart-solution (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.2
Patched Version
Software Type	Plugin
Software Slug	page-visit-counter (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	6.0 - 6.0.8
Patched Version
Software Type	Plugin
Software Slug	add-fields-to-checkout-page-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.0, or a newer patched version
Affected Version	1.2.7 - 1.2.9
Patched Version	1.3.0
Software Type	Plugin
Software Slug	dracula-dark-mode (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.1, or a newer patched version
Affected Version	1.0.0 - 1.0.0
Patched Version	1.0.1
Software Type	Plugin
Software Slug	tori-ajax (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.0 - 2.0.2
Patched Version
Software Type	Plugin
Software Slug	search-console (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.2, or a newer patched version
Affected Version	<= 2.1.1
Patched Version	2.1.2
Software Type	Plugin
Software Slug	scrollbar-customizer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.5.0
Patched Version
Software Type	Theme
Software Slug	julia-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.7
Patched Version	1.1.0
Software Type	Plugin
Software Slug	wp-rest-filter (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4.0 - 1.4.3
Patched Version
Software Type	Plugin
Software Slug	panorama (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.9, or a newer patched version
Affected Version	<= 1.0.8
Patched Version	1.0.9
Software Type	Plugin
Software Slug	bulk-attachment-download (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.7, or a newer patched version
Affected Version	1.2.1 - 1.3.6
Patched Version	1.3.7
Software Type	Plugin
Software Slug	autosave-net (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.3.0 - 1.3.4
Patched Version
Software Type	Plugin
Software Slug	resermy (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	premmerce-woocommerce-wholesale-pricing (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.10, or a newer patched version
Affected Version	1.0 - 1.1.9
Patched Version	1.1.10
Software Type	Plugin
Software Slug	wep-demo-import (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.4, or a newer patched version
Affected Version	<= 1.0.3
Patched Version	1.0.4
Software Type	Plugin
Software Slug	content-hubs (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.6 - 1.0.8
Patched Version
Software Type	Plugin
Software Slug	better-captcha-gravity-forms (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 0.5.2
Patched Version
Software Type	Plugin
Software Slug	woocommerce-product-payments (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.7, or a newer patched version
Affected Version	3.0.0 - 3.2.6
Patched Version	3.2.7
Software Type	Plugin
Software Slug	hqtheme-extra (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.6 - 1.0.19
Patched Version
Software Type	Plugin
Software Slug	mobile-pages (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	woocommerce-eu-vat-assistant (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.2.230718, or a newer patched version
Affected Version	2.0.19.210629 - 2.0.42.230503
Patched Version	2.1.2.230718
Software Type	Plugin
Software Slug	gutenslider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.10.2, or a newer patched version
Affected Version	2.6.3 - 5.10.1
Patched Version	5.10.2
Software Type	Plugin
Software Slug	moose-elementor-kit (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	child-support-calculator (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 2.0.1.2
Patched Version
Software Type	Plugin
Software Slug	gs-behance-portfolio (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.2, or a newer patched version
Affected Version	3.0.0 - 3.0.1
Patched Version	3.0.2
Software Type	Plugin
Software Slug	multilevel-referral-plugin-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.23, or a newer patched version
Affected Version	2.22 - 2.22
Patched Version	2.23
Software Type	Plugin
Software Slug	mega-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.3, or a newer patched version
Affected Version	<= 1.1.2
Patched Version	1.1.3
Software Type	Plugin
Software Slug	surbma-magyar-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2022.0.3, or a newer patched version
Affected Version	<= 30.3.0
Patched Version	2022.0.3
Software Type	Plugin
Software Slug	checkbox (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.8.5, or a newer patched version
Affected Version	<= 0.8.3
Patched Version	0.8.5
Software Type	Plugin
Software Slug	kvoucher (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	pramadillo-activecampaign-email-preference-center (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.12, or a newer patched version
Affected Version	1.0.0 - 2.0.11
Patched Version	2.0.12
Software Type	Plugin
Software Slug	custom-welcome-guide (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.9, or a newer patched version
Affected Version	<= 1.0.8
Patched Version	1.0.9
Software Type	Plugin
Software Slug	yt-player (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.2, or a newer patched version
Affected Version	<= 1.5.1
Patched Version	1.5.2
Software Type	Plugin
Software Slug	product-layouts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.4, or a newer patched version
Affected Version	1.0.2 - 1.1.3
Patched Version	1.1.4
Software Type	Plugin
Software Slug	staggs (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.2, or a newer patched version
Affected Version	1.1.0 - 1.4.1
Patched Version	1.4.2
Software Type	Plugin
Software Slug	wpmm-memory-meter (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.1, or a newer patched version
Affected Version	1.0.0 - 1.3.0
Patched Version	1.3.1
Software Type	Plugin
Software Slug	wp-signals (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	<= 1.0.1
Patched Version	2.0.0
Software Type	Plugin
Software Slug	enhanced-catalog-images-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	flexible-faqs (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.5.5 - 0.5.11
Patched Version
Software Type	Theme
Software Slug	videoblog (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.3, or a newer patched version
Affected Version	<= 1.3.2
Patched Version	1.3.3
Software Type	Plugin
Software Slug	error-log-monitor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.7, or a newer patched version
Affected Version	1.6 - 1.7.6
Patched Version	1.7.7
Software Type	Plugin
Software Slug	premmerce-woocommerce-multi-currency (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.5, or a newer patched version
Affected Version	2.0 - 2.3.4
Patched Version	2.3.5
Software Type	Plugin
Software Slug	where-did-they-go-from-here (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.0, or a newer patched version
Affected Version	<= 2.0.1
Patched Version	2.1.0
Software Type	Plugin
Software Slug	booking-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 4.3.1
Patched Version
Software Type	Plugin
Software Slug	wp-event-partners (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.2.5
Patched Version
Software Type	Plugin
Software Slug	woosquare (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2.9, or a newer patched version
Affected Version	1.5 - 4.2.8
Patched Version	4.2.9
Software Type	Plugin
Software Slug	unlimited-theme-addons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.9
Patched Version
Software Type	Plugin
Software Slug	buddyforms-remote (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	<= 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	startend-subscription-add-on-for-gravityforms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.6, or a newer patched version
Affected Version	<= 4.0.6
Patched Version	4.0.6
Software Type	Theme
Software Slug	corporate-event (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.1, or a newer patched version
Affected Version	<= 1.0.0
Patched Version	1.0.1
Software Type	Plugin
Software Slug	add-expires-headers (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.0, or a newer patched version
Affected Version	2.0 - 2.7.3
Patched Version	2.8.0
Software Type	Plugin
Software Slug	forcefield (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.7, or a newer patched version
Affected Version	1.0.1 - 1.0.6
Patched Version	1.0.7
Software Type	Plugin
Software Slug	featured-image-toolkit (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	woo-conditional-discount-rules-for-checkout (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.3.1, or a newer patched version
Affected Version	2.0.0 - 2.3.3
Patched Version	2.3.3.1
Software Type	Plugin
Software Slug	bp-better-messages (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.18, or a newer patched version
Affected Version	1.9.10.72 - 2.1.17
Patched Version	2.1.18
Software Type	Plugin
Software Slug	ajax-add-to-cart-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	cf7-grid-and-styler-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.2, or a newer patched version
Affected Version	1.0.2 - 1.4.2
Patched Version	1.5.2
Software Type	Plugin
Software Slug	prime-affiliate-links (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	audio-text (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	yummy-recipes (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.2.0
Patched Version
Software Type	Plugin
Software Slug	protect-uploads-with-login-page (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4 - 1.8
Patched Version
Software Type	Plugin
Software Slug	atlas-knowledge-base (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 6.0
Patched Version
Software Type	Plugin
Software Slug	wp-advance-comment (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.3 - 0.3
Patched Version
Software Type	Plugin
Software Slug	remove-duplicate-posts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3, or a newer patched version
Affected Version	<= 1.2.1
Patched Version	1.3
Software Type	Plugin
Software Slug	simple-sitemap (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.5.10, or a newer patched version
Affected Version	3.2 - 3.5.9
Patched Version	3.5.10
Software Type	Plugin
Software Slug	menukaart (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4, or a newer patched version
Affected Version	<= 1.3
Patched Version	1.4
Software Type	Plugin
Software Slug	wp-private-media (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	jobwp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0, or a newer patched version
Affected Version	<= 1.9
Patched Version	2.0
Software Type	Plugin
Software Slug	super-video-player (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.13, or a newer patched version
Affected Version	<= 2.6.12
Patched Version	2.6.13
Software Type	Plugin
Software Slug	wp-books-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.5.4, or a newer patched version
Affected Version	<= 4.5.3
Patched Version	4.5.4
Software Type	Plugin
Software Slug	1-click-close-store (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.1.0
Patched Version
Software Type	Plugin
Software Slug	free-shipping-label (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.11, or a newer patched version
Affected Version	2.5.0 - 2.6.9
Patched Version	2.6.11
Software Type	Plugin
Software Slug	ajax-search-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.25.0, or a newer patched version
Affected Version	1.1.7 - 1.24.0
Patched Version	1.25.0
Software Type	Plugin
Software Slug	tag-groups (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	1.18.3 - 1.44.3.1
Patched Version	2.0.0
Software Type	Plugin
Software Slug	devices (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	buddyforms-ultimate-member (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.8, or a newer patched version
Affected Version	<= 1.3.7
Patched Version	1.3.8
Software Type	Plugin
Software Slug	delivery-drivers-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.9, or a newer patched version
Affected Version	1.0.3 - 1.1.8
Patched Version	1.1.9
Software Type	Theme
Software Slug	consultpress-lite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.2.3
Patched Version
Software Type	Plugin
Software Slug	cf7-styler-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.3, or a newer patched version
Affected Version	<= 1.3.2
Patched Version	1.3.3
Software Type	Plugin
Software Slug	moceansms-order-sms-notification-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.3.12 - 1.4.8
Patched Version
Software Type	Plugin
Software Slug	zip-codes-redirect (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.1.2, or a newer patched version
Affected Version	1.0.1 - 5.1.1
Patched Version	5.1.2
Software Type	Plugin
Software Slug	guestofy-restaurant-reservations (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.2.4
Patched Version
Software Type	Plugin
Software Slug	flight-search-widget-blocks (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.0
Patched Version
Software Type	Plugin
Software Slug	cf7-constant-contact-fields-mapping (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	free-product-sample (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.1, or a newer patched version
Affected Version	1.0.0 - 1.2.0
Patched Version	1.2.1
Software Type	Plugin
Software Slug	bookit (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.0, or a newer patched version
Affected Version	<= 2.3.9
Patched Version	2.4.0
Software Type	Plugin
Software Slug	redirect-404-error-page-to-homepage-or-custom-page (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8.1, or a newer patched version
Affected Version	<= 1.8.0
Patched Version	1.8.1
Software Type	Plugin
Software Slug	ethereumico (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.4, or a newer patched version
Affected Version	2.0.0 - 2.4.3
Patched Version	2.4.4
Software Type	Plugin
Software Slug	tec-subscriber-addons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.0.2
Patched Version
Software Type	Plugin
Software Slug	rt-easy-builder-advanced-addons-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9, or a newer patched version
Affected Version	<= 1.8
Patched Version	1.9
Software Type	Plugin
Software Slug	wp-contact-slider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.9, or a newer patched version
Affected Version	<= 2.4.8
Patched Version	2.4.9
Software Type	Plugin
Software Slug	purple-xmls-google-product-feed-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.3.5, or a newer patched version
Affected Version	<= 3.2.3.4
Patched Version	3.2.3.5
Software Type	Plugin
Software Slug	woocommerce-country-based-payments (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.4, or a newer patched version
Affected Version	1.2.0 - 1.4.3
Patched Version	1.4.4
Software Type	Plugin
Software Slug	fast-index (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.6
Patched Version
Software Type	Plugin
Software Slug	filr-protection (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.3, or a newer patched version
Affected Version	<= 1.2.2.9
Patched Version	1.2.3
Software Type	Theme
Software Slug	elasta (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.9, or a newer patched version
Affected Version	1.0.4 - 1.0.8
Patched Version	1.0.9
Software Type	Plugin
Software Slug	interactive-geo-maps (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.1, or a newer patched version
Affected Version	1.0.5 - 1.5.11
Patched Version	1.6.1
Software Type	Plugin
Software Slug	animate-everything (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3.2
Patched Version
Software Type	Plugin
Software Slug	2mb-autocode (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.6, or a newer patched version
Affected Version	<= 1.2.5
Patched Version	1.2.6
Software Type	Plugin
Software Slug	publishpress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.5, or a newer patched version
Affected Version	1.3.0 - 1.9.4
Patched Version	1.9.5
Software Type	Plugin
Software Slug	activity-log-mainwp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	<= 1.7.1
Patched Version	2.0.0
Software Type	Plugin
Software Slug	connected-sermons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2.1
Patched Version
Software Type	Plugin
Software Slug	bulk-edit-user-profiles-in-spreadsheet (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.25, or a newer patched version
Affected Version	1.0.1 - 1.5.23
Patched Version	1.5.25
Software Type	Plugin
Software Slug	responsive-accordion-tabs (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.1
Patched Version
Software Type	Plugin
Software Slug	yandex-money-button (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.4.0
Patched Version
Software Type	Plugin
Software Slug	fb-account-kit-login (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.4 - 1.2.3
Patched Version
Software Type	Plugin
Software Slug	affiliate-advantage (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	moceanapi-abandoned-carts (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.2.0
Patched Version
Software Type	Plugin
Software Slug	bulk-woocommerce-category-creator (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.3
Patched Version
Software Type	Plugin
Software Slug	wp-cloud-server (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	1.3.0 - 1.3.0
Patched Version	2.0.0
Software Type	Plugin
Software Slug	pickup-and-delivery-from-customer-locations-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	spice-post-slider (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.9
Patched Version
Software Type	Plugin
Software Slug	wp-awesome-faq (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	4.1.5 - 4.1.8
Patched Version
Software Type	Plugin
Software Slug	rss-chimp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.5, or a newer patched version
Affected Version	1.0 - 1.2.3
Patched Version	1.2.5
Software Type	Plugin
Software Slug	addons-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 7.9.1, or a newer patched version
Affected Version	2.0.1 - 7.7.1
Patched Version	7.9.1
Software Type	Plugin
Software Slug	premmerce-woocommerce-pinterest (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.2.3
Patched Version
Software Type	Plugin
Software Slug	wc-place-order-without-payment (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5, or a newer patched version
Affected Version	<= 2.4
Patched Version	2.5
Software Type	Plugin
Software Slug	super-transactional-emails-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.3 - 1.2.4
Patched Version
Software Type	Plugin
Software Slug	buddyforms-attach-posts-to-groups-extension (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.3, or a newer patched version
Affected Version	<= 1.2.2
Patched Version	1.2.3
Software Type	Plugin
Software Slug	my-instagram-feed (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.2, or a newer patched version
Affected Version	1.0.0 - 3.1.1
Patched Version	3.1.2
Software Type	Plugin
Software Slug	disable-dashboard-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.9, or a newer patched version
Affected Version	3.0.0 - 3.2.8
Patched Version	3.2.9
Software Type	Plugin
Software Slug	ultimate-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.2, or a newer patched version
Affected Version	<= 2.5.1
Patched Version	2.5.2
Software Type	Plugin
Software Slug	wp-radio (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.7 - 3.1.9
Patched Version
Software Type	Plugin
Software Slug	bng-gateway-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.6.10
Patched Version
Software Type	Plugin
Software Slug	business-profile-reviews (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	book-press (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2.4
Patched Version
Software Type	Plugin
Software Slug	qyrr-code (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4, or a newer patched version
Affected Version	1.2 - 1.3
Patched Version	1.4
Software Type	Plugin
Software Slug	website-testimonials (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.1.1, or a newer patched version
Affected Version	6.1.0 - 6.1.0
Patched Version	6.1.1
Software Type	Plugin
Software Slug	salt-shaker (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.2, or a newer patched version
Affected Version	1.4.1 - 1.4.1
Patched Version	1.4.2
Software Type	Plugin
Software Slug	phraseanet-client (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.3.11
Patched Version
Software Type	Plugin
Software Slug	funnelforms-free (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.3.8.5, or a newer patched version
Affected Version	3.2.9 - 3.3.8.4
Patched Version	3.3.8.5
Software Type	Plugin
Software Slug	web-disrupt-funnelmentals (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2.6
Patched Version
Software Type	Plugin
Software Slug	blockspare (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.5, or a newer patched version
Affected Version	<= 2.6.4
Patched Version	2.6.5
Software Type	Plugin
Software Slug	forms-to-zapier (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.12, or a newer patched version
Affected Version	<= 1.1.11
Patched Version	1.1.12
Software Type	Plugin
Software Slug	buddyforms-hierarchical-posts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.4, or a newer patched version
Affected Version	<= 1.1.3
Patched Version	1.1.4
Software Type	Plugin
Software Slug	multiple-pages-generator-by-porthas (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.0, or a newer patched version
Affected Version	<= 2.8.12
Patched Version	3.0.0
Software Type	Plugin
Software Slug	ti-woocommerce-wishlist (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.0, or a newer patched version
Affected Version	<= 1.6.2
Patched Version	1.7.0
Software Type	Theme
Software Slug	bingopress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.15, or a newer patched version
Affected Version	<= 1.2.14
Patched Version	1.2.15
Software Type	Plugin
Software Slug	gfirem-fields (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.7
Patched Version
Software Type	Theme
Software Slug	yuki (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.8, or a newer patched version
Affected Version	1.0.0 - 1.3.7
Patched Version	1.3.8
Software Type	Plugin
Software Slug	woo-coupon-usage (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.5.1.3, or a newer patched version
Affected Version	<= 5.5.1.2
Patched Version	5.5.1.3
Software Type	Plugin
Software Slug	wp-conditional-post-restrictions (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.0.0 - 1.2.1
Patched Version	1.2.2
Software Type	Plugin
Software Slug	wp-attest (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.7.4
Patched Version
Software Type	Plugin
Software Slug	acf-frontend-form-element (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.8.0, or a newer patched version
Affected Version	<= 3.7.11
Patched Version	3.8.0
Software Type	Plugin
Software Slug	different-home-for-logged-in-logged-out (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.4, or a newer patched version
Affected Version	1.1.0 - 1.3.3
Patched Version	1.3.4
Software Type	Plugin
Software Slug	giveasap (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.46.1, or a newer patched version
Affected Version	<= 2.46.0
Patched Version	2.46.1
Software Type	Plugin
Software Slug	enjoy-instagram-instagram-responsive-images-gallery-and-carousel (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.2.1, or a newer patched version
Affected Version	<= 6.2.0
Patched Version	6.2.1
Software Type	Plugin
Software Slug	wptools-masonry-gallery-posts-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.5.1, or a newer patched version
Affected Version	3.0.0 - 3.5.0
Patched Version	3.5.1
Software Type	Plugin
Software Slug	tk-event-weather (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.6.6
Patched Version
Software Type	Theme
Software Slug	one-page-conference (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.9
Patched Version	1.1.0
Software Type	Plugin
Software Slug	edd-tab-manager (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3.1
Patched Version
Software Type	Plugin
Software Slug	animated-svg (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.2.0
Patched Version
Software Type	Plugin
Software Slug	woo-ukrposhta (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.6.18
Patched Version
Software Type	Plugin
Software Slug	download-magnet (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.1.0 - 1.2.0
Patched Version	1.2.2
Software Type	Plugin
Software Slug	annasta-woocommerce-product-filters (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.5, or a newer patched version
Affected Version	1.0.5 - 1.6.3
Patched Version	1.6.5
Software Type	Plugin
Software Slug	wp-lead-stream (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.2
Patched Version
Software Type	Plugin
Software Slug	custom-product-type-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.3, or a newer patched version
Affected Version	1.0.0 - 1.2.2
Patched Version	1.2.3
Software Type	Theme
Software Slug	lifestyle-magazine (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 10.2.1, or a newer patched version
Affected Version	10.2.0 - 10.2.0
Patched Version	10.2.1
Software Type	Plugin
Software Slug	the-events-calendar (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.16.4.1, or a newer patched version
Affected Version	4.9.0 - 5.16.4
Patched Version	5.16.4.1
Software Type	Plugin
Software Slug	email-tracker (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.3.9, or a newer patched version
Affected Version	<= 5.3.8
Patched Version	5.3.9
Software Type	Plugin
Software Slug	block-styler-for-gravity-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.3.0, or a newer patched version
Affected Version	5.0.0 - 6.2.1
Patched Version	6.3.0
Software Type	Plugin
Software Slug	custom-page-templates-by-vegacorp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.14, or a newer patched version
Affected Version	1.0.0 - 1.1.13
Patched Version	1.1.14
Software Type	Plugin
Software Slug	wc-product-customer-list (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.5, or a newer patched version
Affected Version	2.6.7 - 3.1.4
Patched Version	3.1.5
Software Type	Theme
Software Slug	wp-moose (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.0.1 - 1.0.6
Patched Version
Software Type	Plugin
Software Slug	gs-team-members (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.2, or a newer patched version
Affected Version	1.8 - 2.2.1
Patched Version	2.2.2
Software Type	Plugin
Software Slug	demomentsomtres-mailchimp-immediate-send (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.9 - 3.201704251244
Patched Version
Software Type	Plugin
Software Slug	floating-links (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.6.1, or a newer patched version
Affected Version	3.4.0 - 3.6.0
Patched Version	3.6.1
Software Type	Theme
Software Slug	travel-tour (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.0, or a newer patched version
Affected Version	<= 1.2.0
Patched Version	1.2.0
Software Type	Plugin
Software Slug	south-pole-the-offset-movement (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3.2
Patched Version
Software Type	Plugin
Software Slug	demomentsomtres-mailchimp-subscribe (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0 - 3.201706150908
Patched Version
Software Type	Plugin
Software Slug	hire-me-widget (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	<= 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	a-staff (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2 - 1.2.2
Patched Version
Software Type	Plugin
Software Slug	littlebot-invoices (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.6.7
Patched Version
Software Type	Plugin
Software Slug	genealogical-tree (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.2.0.8
Patched Version
Software Type	Plugin
Software Slug	new-order-popup (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.1.0
Patched Version
Software Type	Plugin
Software Slug	cozy-addons (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.4, or a newer patched version
Affected Version	<= 1.2.3
Patched Version	1.2.4
Software Type	Plugin
Software Slug	automatic-youtube-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.3, or a newer patched version
Affected Version	<= 2.3.2
Patched Version	2.3.3
Software Type	Plugin
Software Slug	wc-thanks-redirect (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.0, or a newer patched version
Affected Version	<= 3.1
Patched Version	4.0.0
Software Type	Plugin
Software Slug	tablepress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.5, or a newer patched version
Affected Version	2.0 - 2.1.4
Patched Version	2.1.5
Software Type	Plugin
Software Slug	easy-marijuana-age-verify (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.2, or a newer patched version
Affected Version	<= 1.5.1
Patched Version	1.5.2
Software Type	Plugin
Software Slug	woocommerce-upcoming-product (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.5.9.2
Patched Version
Software Type	Plugin
Software Slug	simple-blueprint-installer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	<= 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	frontend-admin (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.8.0, or a newer patched version
Affected Version	<= 3.7.11
Patched Version	3.8.0
Software Type	Plugin
Software Slug	fullworks-directory (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	sv-tracking-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	wp-easy-pay (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2, or a newer patched version
Affected Version	<= 4.1
Patched Version	4.2
Software Type	Theme
Software Slug	chained (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 2.0.0
Patched Version
Software Type	Plugin
Software Slug	seo-checklist (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	masterstudy-lms-learning-management-system (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.0, or a newer patched version
Affected Version	<= 2.7.9
Patched Version	2.8.0
Software Type	Plugin
Software Slug	bdthemes-prime-slider-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.8.3, or a newer patched version
Affected Version	<= 3.8.2
Patched Version	3.8.3
Software Type	Plugin
Software Slug	buddyforms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.3, or a newer patched version
Affected Version	<= 2.8.2
Patched Version	2.8.3
Software Type	Plugin
Software Slug	wp-tools-divi-product-carousel (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.1, or a newer patched version
Affected Version	1.0.0 - 1.5.0
Patched Version	1.5.1
Software Type	Plugin
Software Slug	front-editor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.4, or a newer patched version
Affected Version	3.0.0 - 4.0.0
Patched Version	4.0.4
Software Type	Plugin
Software Slug	stackable-ultimate-gutenberg-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.9.1, or a newer patched version
Affected Version	0.1 - 3.9.0
Patched Version	3.9.1
Software Type	Theme
Software Slug	travel-agency-booking (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.6 - 1.0.6
Patched Version
Software Type	Plugin
Software Slug	spice-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3, or a newer patched version
Affected Version	0.3 - 1.2.1
Patched Version	1.3
Software Type	Plugin
Software Slug	slp-gravity-forms-locations (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	5.5.1 - 6.1.1
Patched Version
Software Type	Plugin
Software Slug	five-star-ratings-shortcode (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.48, or a newer patched version
Affected Version	1.0.0 - 1.2.47
Patched Version	1.2.48
Software Type	Plugin
Software Slug	advanced-nocaptcha-recaptcha (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 7.0.6, or a newer patched version
Affected Version	<= 7.0.5
Patched Version	7.0.6
Software Type	Plugin
Software Slug	demomentsomtres-wp-export (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 20200610, or a newer patched version
Affected Version	<= 2.5
Patched Version	20200610
Software Type	Plugin
Software Slug	premmerce-woocommerce-wishlist (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.10, or a newer patched version
Affected Version	1.0 - 1.1.9
Patched Version	1.1.10
Software Type	Plugin
Software Slug	salon-booking-system (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 8.4.9, or a newer patched version
Affected Version	<= 8.4.8
Patched Version	8.4.9
Software Type	Plugin
Software Slug	delivery-and-pickup-scheduling-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.12, or a newer patched version
Affected Version	<= 1.0.10
Patched Version	1.0.12
Software Type	Plugin
Software Slug	surbma-gdpr-proof-google-analytics (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 17.8.2, or a newer patched version
Affected Version	3.0 - 17.7.0
Patched Version	17.8.2
Software Type	Plugin
Software Slug	advance-menu-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.6, or a newer patched version
Affected Version	3.0.1 - 3.0.5
Patched Version	3.0.6
Software Type	Plugin
Software Slug	anycomment (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.0.99, or a newer patched version
Affected Version	<= 0.0.98
Patched Version	0.0.99
Software Type	Plugin
Software Slug	wp-live-tv (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.5
Patched Version
Software Type	Plugin
Software Slug	market-exporter (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.19, or a newer patched version
Affected Version	1.0.5 - 2.0.18
Patched Version	2.0.19
Software Type	Plugin
Software Slug	adminify (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.5, or a newer patched version
Affected Version	1.0.0 - 3.1.3
Patched Version	3.1.5
Software Type	Plugin
Software Slug	sv-columns-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	nofollow-jquery-links (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.5.0
Patched Version
Software Type	Plugin
Software Slug	wp-hr-gdpr (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.1 - 0.9
Patched Version
Software Type	Plugin
Software Slug	acf-vc-integrator (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.1, or a newer patched version
Affected Version	<= 1.3.0
Patched Version	1.3.1
Software Type	Plugin
Software Slug	studiocart (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.20, or a newer patched version
Affected Version	1.0.2 - 2.5.11
Patched Version	2.5.20
Software Type	Plugin
Software Slug	tk-google-fonts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.11, or a newer patched version
Affected Version	<= 2.2.10
Patched Version	2.2.11
Software Type	Plugin
Software Slug	starfish-reviews (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.0, or a newer patched version
Affected Version	2.1.0 - 3.0.36
Patched Version	3.1.0
Software Type	Plugin
Software Slug	education-addon (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.3.1
Patched Version
Software Type	Theme
Software Slug	pixigo (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.7 - 1.0.16
Patched Version
Software Type	Plugin
Software Slug	sv-provenexpert (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.11, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.2.11
Software Type	Plugin
Software Slug	conditional-payments (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.3, or a newer patched version
Affected Version	1.1.0 - 1.1.2
Patched Version	1.1.3
Software Type	Plugin
Software Slug	geounit-maps (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.0.8, or a newer patched version
Affected Version	0.0.6 - 0.0.6
Patched Version	0.0.8
Software Type	Plugin
Software Slug	spicebox (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2, or a newer patched version
Affected Version	2.1.2 - 2.1.5
Patched Version	2.2
Software Type	Plugin
Software Slug	advanced-classifieds-and-directory-pro (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.2, or a newer patched version
Affected Version	<= 2.1.1
Patched Version	2.1.2
Software Type	Plugin
Software Slug	bulk-edit-events (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.21, or a newer patched version
Affected Version	1.0.0 - 1.1.20
Patched Version	1.1.21
Software Type	Plugin
Software Slug	music-player-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.9.9, or a newer patched version
Affected Version	1.5 - 1.5.9.8
Patched Version	1.5.9.9
Software Type	Plugin
Software Slug	cryptocurrency-product-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.16.10, or a newer patched version
Affected Version	<= 3.16.9
Patched Version	3.16.10
Software Type	Plugin
Software Slug	open-user-map (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.15, or a newer patched version
Affected Version	<= 1.3.14
Patched Version	1.3.15
Software Type	Plugin
Software Slug	next-order-coupon-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 0.4.0
Patched Version
Software Type	Plugin
Software Slug	eroom-zoom-meetings-webinar (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.4, or a newer patched version
Affected Version	<= 1.3.3
Patched Version	1.3.4
Software Type	Plugin
Software Slug	overlay-image-divi-module (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5, or a newer patched version
Affected Version	1.2 - 1.3.2
Patched Version	1.5
Software Type	Plugin
Software Slug	email-header-footer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.2.1
Patched Version
Software Type	Plugin
Software Slug	wp-custom-field-for-gutenberg-editor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.3 - 1.7.1
Patched Version
Software Type	Plugin
Software Slug	wp-phone-message (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	embed-office-viewer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.7, or a newer patched version
Affected Version	<= 2.2.6
Patched Version	2.2.7
Software Type	Plugin
Software Slug	price-bands-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	block-options (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.17, or a newer patched version
Affected Version	<= 1.16
Patched Version	1.17
Software Type	Plugin
Software Slug	addon-elements-for-elementor-page-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.12, or a newer patched version
Affected Version	<= 1.11.16
Patched Version	1.12
Software Type	Plugin
Software Slug	perelandra-sermons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.0
Patched Version
Software Type	Plugin
Software Slug	smart-variations-images (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.2.8, or a newer patched version
Affected Version	4.0.1 - 5.2.7
Patched Version	5.2.8
Software Type	Theme
Software Slug	brasserie (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	<= 2.0
Patched Version	2.1
Software Type	Plugin
Software Slug	featured-images-for-rss-feeds (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.2, or a newer patched version
Affected Version	<= 1.6.1
Patched Version	1.6.2
Software Type	Plugin
Software Slug	simple-sponsorships (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.8.1
Patched Version
Software Type	Plugin
Software Slug	mobile-app-editor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.0, or a newer patched version
Affected Version	<= 1.1.2
Patched Version	1.2.0
Software Type	Plugin
Software Slug	unlimited-elements-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.75, or a newer patched version
Affected Version	<= 1.5.74
Patched Version	1.5.75
Software Type	Plugin
Software Slug	joli-table-of-contents (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.10, or a newer patched version
Affected Version	1.0.0 - 2.0.9
Patched Version	2.0.10
Software Type	Plugin
Software Slug	youram-youtube-embed (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	8.0 - 10.3
Patched Version
Software Type	Plugin
Software Slug	backup-bolt (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.0, or a newer patched version
Affected Version	1.1.0 - 1.1.3
Patched Version	1.2.0
Software Type	Plugin
Software Slug	wp-store-locator-extenders (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.3.2
Patched Version
Software Type	Plugin
Software Slug	sparrow (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.2 - 2.0.2
Patched Version
Software Type	Plugin
Software Slug	auto-advance-for-gravity-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.5.4, or a newer patched version
Affected Version	<= 4.5.3
Patched Version	4.5.4
Software Type	Plugin
Software Slug	magic-post-thumbnail (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.1.13, or a newer patched version
Affected Version	2.4.3 - 4.1.12
Patched Version	4.1.13
Software Type	Plugin
Software Slug	live-scores-for-sportspress (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.9.2
Patched Version
Software Type	Plugin
Software Slug	internallink-audit (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.1.0 - 0.1.0
Patched Version
Software Type	Plugin
Software Slug	hide-shipping-method-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.3, or a newer patched version
Affected Version	1.0.0 - 1.3.2
Patched Version	1.3.3
Software Type	Plugin
Software Slug	ultimate-carousel-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.5.1, or a newer patched version
Affected Version	4.0.0 - 4.5.0
Patched Version	4.5.1
Software Type	Plugin
Software Slug	blocks-bakery (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.12
Patched Version
Software Type	Plugin
Software Slug	seo-optimized-images (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	2.0 - 2.0
Patched Version	2.1
Software Type	Plugin
Software Slug	image-carousel-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.1, or a newer patched version
Affected Version	1.0.0 - 1.6.0
Patched Version	1.6.1
Software Type	Plugin
Software Slug	comments-not-replied-to (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.8, or a newer patched version
Affected Version	1.5.0 - 1.5.7
Patched Version	1.5.8
Software Type	Plugin
Software Slug	integration-of-capsule-crm-for-contact-form-7 (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	<= 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	eazydocs (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.1, or a newer patched version
Affected Version	<= 2.2.0
Patched Version	2.2.1
Software Type	Plugin
Software Slug	opensea (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.1
Patched Version
Software Type	Plugin
Software Slug	tranzly (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.0.0
Patched Version
Software Type	Plugin
Software Slug	woocommerce-google-adwords-conversion-tracking-tag (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.32.3, or a newer patched version
Affected Version	1.6.17 - 1.32.2
Patched Version	1.32.3
Software Type	Plugin
Software Slug	modern-addons-elementor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.2.0
Patched Version
Software Type	Plugin
Software Slug	slp-extended-data-manager (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	5.5.1 - 6.1.1
Patched Version
Software Type	Theme
Software Slug	viralike (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.4 - 1.0.6
Patched Version
Software Type	Theme
Software Slug	medicpress-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.9.0, or a newer patched version
Affected Version	<= 0.8.4
Patched Version	0.9.0
Software Type	Plugin
Software Slug	wp-munich-blocks (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.11.0, or a newer patched version
Affected Version	<= 0.10.1
Patched Version	0.11.0
Software Type	Plugin
Software Slug	date-time-picker-field (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.9 - 2.2
Patched Version
Software Type	Plugin
Software Slug	faq-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.0, or a newer patched version
Affected Version	<= 1.3.35
Patched Version	1.4.0
Software Type	Theme
Software Slug	eighteen-tags (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.1, or a newer patched version
Affected Version	2.5.0 - 3.1.0
Patched Version	3.1.1
Software Type	Plugin
Software Slug	kenta-companion (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.9, or a newer patched version
Affected Version	1.0.0 - 1.1.8
Patched Version	1.1.9
Software Type	Theme
Software Slug	cyclone-blog (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2
Patched Version
Software Type	Plugin
Software Slug	issues-tracker (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.3 - 1.2.2
Patched Version
Software Type	Plugin
Software Slug	mrkwp-footer-for-divi (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	3.3.2 - 3.3.5
Patched Version
Software Type	Plugin
Software Slug	wp-stripe-donation (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.1, or a newer patched version
Affected Version	<= 3.2.0
Patched Version	3.2.1
Software Type	Plugin
Software Slug	wp-native-articles (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.0, or a newer patched version
Affected Version	1.1.6 - 1.1.6
Patched Version	1.2.0
Software Type	Plugin
Software Slug	new-user-approve (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.1, or a newer patched version
Affected Version	<= 2.5.0
Patched Version	2.5.1
Software Type	Plugin
Software Slug	gfirem-advance-search (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2.2
Patched Version
Software Type	Plugin
Software Slug	shared-files (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.3, or a newer patched version
Affected Version	1.6.23 - 1.6.99
Patched Version	1.7.3
Software Type	Plugin
Software Slug	smart-phone-field-for-gravity-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	2.0 - 2.0
Patched Version	2.1
Software Type	Theme
Software Slug	speculor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.2.0
Patched Version
Software Type	Plugin
Software Slug	remove-wp-update-nags (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.0, or a newer patched version
Affected Version	<= 1.4.0
Patched Version	1.5.0
Software Type	Plugin
Software Slug	send-users-email (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.1, or a newer patched version
Affected Version	1.2.0 - 1.4.0
Patched Version	1.4.1
Software Type	Plugin
Software Slug	auto-keyword-backlink (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.3
Patched Version
Software Type	Plugin
Software Slug	everse-starter-sites (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.0.0 - 1.2.1
Patched Version	1.2.2
Software Type	Plugin
Software Slug	delivery-drivers-for-vendors (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.1, or a newer patched version
Affected Version	1.0.1 - 1.1.0
Patched Version	1.1.1
Software Type	Plugin
Software Slug	master-addons (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.3, or a newer patched version
Affected Version	1.0.6 - 2.0.2
Patched Version	2.0.3
Software Type	Plugin
Software Slug	choice-payment-gateway-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.3 - 2.2.2
Patched Version
Software Type	Plugin
Software Slug	domain-mapping-system (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.3, or a newer patched version
Affected Version	<= 1.9.2
Patched Version	1.9.3
Software Type	Plugin
Software Slug	order-and-inventory-manager-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.3
Patched Version
Software Type	Plugin
Software Slug	wp-cron-status-checker (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.5, or a newer patched version
Affected Version	<= 1.2.4
Patched Version	1.2.5
Software Type	Plugin
Software Slug	customizely (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	foogallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.44, or a newer patched version
Affected Version	1.3.29 - 2.2.41
Patched Version	2.2.44
Software Type	Plugin
Software Slug	shortcodehub (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.0, or a newer patched version
Affected Version	<= 1.3.0
Patched Version	1.4.0
Software Type	Plugin
Software Slug	payment-gateway-groups-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.3
Patched Version
Software Type	Plugin
Software Slug	forms-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 8.1.3, or a newer patched version
Affected Version	8.1.2 - 8.1.2
Patched Version	8.1.3
Software Type	Plugin
Software Slug	expandable-paywall (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.17, or a newer patched version
Affected Version	1.1.1 - 2.0.16
Patched Version	2.0.17
Software Type	Plugin
Software Slug	tiny-bar (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	<= 2.0
Patched Version	2.1
Software Type	Plugin
Software Slug	change-wc-price-title (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6, or a newer patched version
Affected Version	<= 2.5
Patched Version	2.6
Software Type	Plugin
Software Slug	edge-gallery (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 2.0.4
Patched Version
Software Type	Plugin
Software Slug	automail (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.1
Patched Version
Software Type	Plugin
Software Slug	glorious-services-support (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	product-delivery-date (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.5, or a newer patched version
Affected Version	1.1.0 - 1.1.4
Patched Version	1.1.5
Software Type	Plugin
Software Slug	sv100-companion (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	bulletin-announcements (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.8.0, or a newer patched version
Affected Version	1.0.1 - 3.7.1
Patched Version	3.8.0
Software Type	Plugin
Software Slug	advanced-database-replacer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.1.0
Patched Version
Software Type	Plugin
Software Slug	stop-user-enumeration (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.2, or a newer patched version
Affected Version	<= 1.4.1
Patched Version	1.4.2
Software Type	Plugin
Software Slug	multisite-robotstxt-manager (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 3.0.0
Patched Version
Software Type	Plugin
Software Slug	temp-mail (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.1, or a newer patched version
Affected Version	<= 1.0.0
Patched Version	1.0.1
Software Type	Plugin
Software Slug	simple-facebook-twitter-widget (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.5.0 - 1.7.0
Patched Version
Software Type	Plugin
Software Slug	cooked (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.13, or a newer patched version
Affected Version	<= 1.1.12
Patched Version	1.1.13
Software Type	Theme
Software Slug	fortune (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.1, or a newer patched version
Affected Version	<= 2.0
Patched Version	2.0.1
Software Type	Plugin
Software Slug	woo-country-restrictions-advanced (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.14.3, or a newer patched version
Affected Version	1.0.0 - 1.14.0
Patched Version	1.14.3
Software Type	Plugin
Software Slug	front-end-pm (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 11.3.8, or a newer patched version
Affected Version	11.2.3 - 11.3.7
Patched Version	11.3.8
Software Type	Plugin
Software Slug	wc-cashapp (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 5.2.1
Patched Version
Software Type	Plugin
Software Slug	sumo-divi-modules (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.6
Patched Version
Software Type	Plugin
Software Slug	ultimate-social-media-plus (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.8, or a newer patched version
Affected Version	<= 3.2.7
Patched Version	3.2.8
Software Type	Plugin
Software Slug	xt-woo-points-rewards (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.6, or a newer patched version
Affected Version	1.3.5 - 1.6.4
Patched Version	1.6.6
Software Type	Theme
Software Slug	rovenstart (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.0.0 - 1.2.0
Patched Version	1.2.2
Software Type	Plugin
Software Slug	woo-products-widgets-for-elementor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.8 - 1.0.9
Patched Version
Software Type	Plugin
Software Slug	device-wrapper (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.2, or a newer patched version
Affected Version	1.1 - 1.1
Patched Version	1.1.2
Software Type	Plugin
Software Slug	delivery-woo (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	wp-twilio-core (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.1, or a newer patched version
Affected Version	1.2.1 - 1.5.0
Patched Version	1.5.1
Software Type	Theme
Software Slug	start (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.15, or a newer patched version
Affected Version	<= 1.0.14
Patched Version	1.0.15
Software Type	Plugin
Software Slug	security-ninja (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.159, or a newer patched version
Affected Version	5.50 - 5.158
Patched Version	5.159
Software Type	Plugin
Software Slug	goal-tracker-ga (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.11, or a newer patched version
Affected Version	1.0.1 - 1.0.10
Patched Version	1.0.11
Software Type	Plugin
Software Slug	internal-link-flow-topical-authority-topical-map (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.1
Patched Version
Software Type	Theme
Software Slug	gym-express (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.3, or a newer patched version
Affected Version	<= 1.0.2
Patched Version	1.0.3
Software Type	Plugin
Software Slug	justified-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8.1, or a newer patched version
Affected Version	1.2.1 - 1.7.3
Patched Version	1.8.1
Software Type	Plugin
Software Slug	book-buyback-prices (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.9
Patched Version
Software Type	Plugin
Software Slug	fuse-social-floating-sidebar (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.4.9, or a newer patched version
Affected Version	3.1 - 5.4.8
Patched Version	5.4.9
Software Type	Plugin
Software Slug	wp-hr-manager (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.1.1 - 3.0.8
Patched Version
Software Type	Plugin
Software Slug	cf7-customizer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.6.1
Patched Version
Software Type	Plugin
Software Slug	static-html-output-plugin (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6, or a newer patched version
Affected Version	<= 5.8
Patched Version	6
Software Type	Plugin
Software Slug	emails-blacklist-everest-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.3, or a newer patched version
Affected Version	<= 1.0.2
Patched Version	1.0.3
Software Type	Plugin
Software Slug	easy-schema-structured-data-rich-snippets (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0 - 2.2.2
Patched Version
Software Type	Plugin
Software Slug	all-in-one-video-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.3, or a newer patched version
Affected Version	1.5.7 - 3.3.0
Patched Version	3.4.3
Software Type	Plugin
Software Slug	woo-admin-product-notes (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	variable-inspector (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.4.0, or a newer patched version
Affected Version	<= 2.3.0
Patched Version	2.4.0
Software Type	Plugin
Software Slug	search-field-for-gravity-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.6, or a newer patched version
Affected Version	<= 0.5
Patched Version	0.6
Software Type	Plugin
Software Slug	wc-zelle (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.1, or a newer patched version
Affected Version	<= 3.1
Patched Version	3.1.1
Software Type	Plugin
Software Slug	buddyforms-anonymous-author (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1, or a newer patched version
Affected Version	<= 1.0
Patched Version	1.1
Software Type	Plugin
Software Slug	sv-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	wp-tools-gravity-forms-divi-module (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 7.1.0, or a newer patched version
Affected Version	5.0.0 - 7.0.2
Patched Version	7.1.0
Software Type	Plugin
Software Slug	powerpack-addon-for-beaver-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.9.1, or a newer patched version
Affected Version	<= 1.2.9
Patched Version	1.2.9.1
Software Type	Plugin
Software Slug	gallery-bank (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.19, or a newer patched version
Affected Version	<= 4.0.18
Patched Version	4.0.19
Software Type	Plugin
Software Slug	contact-form-7-designer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0 - 2.2
Patched Version
Software Type	Theme
Software Slug	everse (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8.10, or a newer patched version
Affected Version	0.1 - 1.8.9
Patched Version	1.8.10
Software Type	Plugin
Software Slug	wpdtol-database-table-overview-logs (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	1.0.0 - 1.0.0
Patched Version	1.1.0
Software Type	Plugin
Software Slug	rest-routes (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.5.4, or a newer patched version
Affected Version	2.0.2 - 5.5.2
Patched Version	5.5.4
Software Type	Theme
Software Slug	simplifii (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.5.2 - 1.5.2
Patched Version
Software Type	Plugin
Software Slug	super-social-content-locker-lite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.1 - 1.2.1
Patched Version
Software Type	Plugin
Software Slug	wpgsi (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 3.7.8
Patched Version
Software Type	Plugin
Software Slug	wp-bugbot (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.7.3 - 1.8.1
Patched Version
Software Type	Plugin
Software Slug	integrate-google-drive (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.0.0 - 1.2.1
Patched Version	1.2.2
Software Type	Plugin
Software Slug	missing-widgets-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.5, or a newer patched version
Affected Version	<= 1.3.4
Patched Version	1.3.5
Software Type	Theme
Software Slug	nokke (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.3, or a newer patched version
Affected Version	1.0.1 - 1.2.2
Patched Version	1.2.3
Software Type	Plugin
Software Slug	woo-customers-spreadsheet-bulk-edit (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.8
Patched Version
Software Type	Plugin
Software Slug	linked-orders-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.2.2
Patched Version
Software Type	Plugin
Software Slug	ultraaddons-elementor-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.9
Patched Version	1.1.0
Software Type	Plugin
Software Slug	cost-calculator-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.3, or a newer patched version
Affected Version	<= 2.3.2
Patched Version	2.3.3
Software Type	Plugin
Software Slug	one-page-blocks (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	sync-ecommerce-neo (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.4
Patched Version
Software Type	Theme
Software Slug	totalpress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.5.3.1, or a newer patched version
Affected Version	<= 6.5.3
Patched Version	6.5.3.1
Software Type	Plugin
Software Slug	seo-for-local (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 9.2.1, or a newer patched version
Affected Version	9.0.0 - 9.2.0
Patched Version	9.2.1
Software Type	Plugin
Software Slug	fullworks-firewall (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.1.2
Patched Version
Software Type	Plugin
Software Slug	pay-addons-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.1, or a newer patched version
Affected Version	1.0.0 - 1.2.0
Patched Version	1.2.1
Software Type	Plugin
Software Slug	wpide (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.7, or a newer patched version
Affected Version	3.0 - 3.4.6
Patched Version	3.4.7
Software Type	Plugin
Software Slug	spice-starter-sites (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1, or a newer patched version
Affected Version	1.0 - 1.0
Patched Version	1.1
Software Type	Plugin
Software Slug	preloader-for-divi (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4
Patched Version
Software Type	Plugin
Software Slug	role-based-bulk-quantity-pricing (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.7, or a newer patched version
Affected Version	1.1.4 - 1.1.6
Patched Version	1.1.7
Software Type	Plugin
Software Slug	more-better-reviews-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 4.0.4
Patched Version
Software Type	Theme
Software Slug	krste (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	sales-page-addon (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.1, or a newer patched version
Affected Version	1.0 - 1.4
Patched Version	1.4.1
Software Type	Plugin
Software Slug	quote-press (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.3 - 1.1.3
Patched Version
Software Type	Theme
Software Slug	startup-blog (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.14, or a newer patched version
Affected Version	<= 1.13
Patched Version	1.14
Software Type	Plugin
Software Slug	fullworks-slack (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	woo-remove-cart-and-query-button (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.2.1
Patched Version
Software Type	Plugin
Software Slug	webba-booking-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.5.32, or a newer patched version
Affected Version	<= 4.5.28
Patched Version	4.5.32
Software Type	Theme
Software Slug	shuban (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.2 - 1.1.2
Patched Version
Software Type	Plugin
Software Slug	joli-clear-lightbox (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	otp-easy-login-with-mocean (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	gpt3-ai-content-generator (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.38, or a newer patched version
Affected Version	1.4.10 - 1.7.37
Patched Version	1.7.38
Software Type	Plugin
Software Slug	ecommerce-addon (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4, or a newer patched version
Affected Version	1.0 - 1.3
Patched Version	1.4
Software Type	Plugin
Software Slug	acf-for-woocommerce-product (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.1 - 1.8.1
Patched Version
Software Type	Plugin
Software Slug	moceanapi-sendsms (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.3.4 - 1.4.7
Patched Version
Software Type	Plugin
Software Slug	shipping-manager-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.0, or a newer patched version
Affected Version	1.0.0 - 1.3.0
Patched Version	1.4.0
Software Type	Plugin
Software Slug	3d-viewer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.4, or a newer patched version
Affected Version	<= 1.3.3
Patched Version	1.3.4
Software Type	Plugin
Software Slug	photoblocks-grid-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.0, or a newer patched version
Affected Version	1.0.0 - 1.2.8
Patched Version	1.3.0
Software Type	Plugin
Software Slug	gyta-buyback (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.9, or a newer patched version
Affected Version	1.0.11 - 1.2.8
Patched Version	1.2.9
Software Type	Plugin
Software Slug	wpcf7-redirect (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.9.0, or a newer patched version
Affected Version	2.3.7 - 2.8.0
Patched Version	2.9.0
Software Type	Plugin
Software Slug	post-smtp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.9-beta.1, or a newer patched version
Affected Version	2.1.2-beta.1 - 2.5.7
Patched Version	2.5.9-beta.1
Software Type	Plugin
Software Slug	custom-product-builder-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	1.0.1 - 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	compare-affiliated-products (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.1 - 2.2.0
Patched Version
Software Type	Plugin
Software Slug	livemesh-table-rate-shipping (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2, or a newer patched version
Affected Version	<= 1.1.2
Patched Version	1.2
Software Type	Plugin
Software Slug	random-sorting-order-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0
Patched Version
Software Type	Plugin
Software Slug	wp-scrive (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.4, or a newer patched version
Affected Version	<= 1.2.3
Patched Version	1.2.4
Software Type	Theme
Software Slug	edupress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.3, or a newer patched version
Affected Version	<= 1.3.2
Patched Version	1.3.3
Software Type	Plugin
Software Slug	universal-email-preference-center (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.3.0
Patched Version
Software Type	Plugin
Software Slug	inbound-brew (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.6.0 - 1.9.4
Patched Version
Software Type	Plugin
Software Slug	wp-photo-effects (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.3, or a newer patched version
Affected Version	<= 1.2.2
Patched Version	1.2.3
Software Type	Plugin
Software Slug	wpoptin (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.7, or a newer patched version
Affected Version	1.0.0 - 1.2.6
Patched Version	1.2.7
Software Type	Plugin
Software Slug	woo-conditional-product-fees-for-checkout (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.9.3.2, or a newer patched version
Affected Version	3.1 - 3.9.3.1
Patched Version	3.9.3.2
Software Type	Plugin
Software Slug	livemesh-weight-based-shipping (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4, or a newer patched version
Affected Version	<= 1.3.2
Patched Version	1.4
Software Type	Plugin
Software Slug	reset-course-progress-for-learndash (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3
Patched Version
Software Type	Plugin
Software Slug	gsheetconnector-ninja-forms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.8, or a newer patched version
Affected Version	<= 1.2.7
Patched Version	1.2.8
Software Type	Plugin
Software Slug	cart-weight-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.7
Patched Version
Software Type	Plugin
Software Slug	podcast-box (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	protected-page (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.16
Patched Version
Software Type	Plugin
Software Slug	buddyforms-members (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.12, or a newer patched version
Affected Version	<= 1.4.10
Patched Version	1.4.12
Software Type	Plugin
Software Slug	turbo-widgets (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.0 - 2.0.0
Patched Version
Software Type	Plugin
Software Slug	woo-quick-cart-for-multiple-variations (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.6 - 1.2.0
Patched Version
Software Type	Plugin
Software Slug	content-protector (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2.2, or a newer patched version
Affected Version	<= 4.2.1
Patched Version	4.2.2
Software Type	Plugin
Software Slug	product-table (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	gift-message-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.5, or a newer patched version
Affected Version	1.0.0 - 1.7.4
Patched Version	1.7.5
Software Type	Plugin
Software Slug	blocks-product-editor-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	1.0.0 - 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	layouts-importer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.3, or a newer patched version
Affected Version	<= 1.0.2
Patched Version	1.0.3
Software Type	Plugin
Software Slug	press-elements (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.7.2
Patched Version
Software Type	Plugin
Software Slug	food-recipes (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.1, or a newer patched version
Affected Version	2.0.0 - 2.6.0
Patched Version	2.6.1
Software Type	Plugin
Software Slug	azw-woocommerce-file-uploads (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	blog-designer-pack (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.1, or a newer patched version
Affected Version	<= 3.4
Patched Version	3.4.1
Software Type	Theme
Software Slug	broadcast-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.7, or a newer patched version
Affected Version	2.0.1 - 2.0.6
Patched Version	2.0.7
Software Type	Plugin
Software Slug	writersblok-ai (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3.19
Patched Version
Software Type	Plugin
Software Slug	foobar-notifications-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.32, or a newer patched version
Affected Version	2.0.3 - 2.1.27
Patched Version	2.1.32
Software Type	Theme
Software Slug	bootstrap-photography (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.6, or a newer patched version
Affected Version	<= 1.0.5
Patched Version	1.0.6
Software Type	Plugin
Software Slug	buddyforms-easypin (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	web3-coin-gate (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	wpcasa-mail-alert (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.3.0, or a newer patched version
Affected Version	<= 3.2.2
Patched Version	3.3.0
Software Type	Plugin
Software Slug	bnfw (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7, or a newer patched version
Affected Version	<= 1.6.14
Patched Version	1.7
Software Type	Plugin
Software Slug	rw-divi-unite-gallery (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0
Patched Version
Software Type	Plugin
Software Slug	fullworks-pricing-tables (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.1.3
Patched Version
Software Type	Plugin
Software Slug	mobile-booster (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.2.1
Patched Version
Software Type	Plugin
Software Slug	tablesome (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.15, or a newer patched version
Affected Version	<= 1.0.14
Patched Version	1.0.15
Software Type	Plugin
Software Slug	advanced-form-integration (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.69.1, or a newer patched version
Affected Version	<= 1.69.0
Patched Version	1.69.1
Software Type	Plugin
Software Slug	product-filter-widget-for-elementor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	<= 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	terms-and-conditions-per-product (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.6, or a newer patched version
Affected Version	1.2.0 - 1.2.5
Patched Version	1.2.6
Software Type	Plugin
Software Slug	fullworks-ice-ide-integration (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4 - 2.0.2
Patched Version
Software Type	Plugin
Software Slug	event-feed-for-eventbrite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.2, or a newer patched version
Affected Version	1.0.0 - 1.1.0
Patched Version	1.1.2
Software Type	Plugin
Software Slug	coneblog-widgets (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4.3 - 1.4.6
Patched Version
Software Type	Plugin
Software Slug	easy-under-construction (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	3.0 - 6.0
Patched Version
Software Type	Plugin
Software Slug	wadi-addons-for-elementor (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.10
Patched Version
Software Type	Plugin
Software Slug	wp-mail-log (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1, or a newer patched version
Affected Version	<= 1.0.2
Patched Version	1.1
Software Type	Plugin
Software Slug	wp-sheet-editor-edd-downloads (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.61, or a newer patched version
Affected Version	1.0.1 - 1.0.60
Patched Version	1.0.61
Software Type	Plugin
Software Slug	wow-carousel-for-divi-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.12, or a newer patched version
Affected Version	<= 1.2.11
Patched Version	1.2.12
Software Type	Theme
Software Slug	wellness (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.8, or a newer patched version
Affected Version	<= 1.1.7
Patched Version	1.1.8
Software Type	Plugin
Software Slug	automizy-gravity-forms (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.3.0
Patched Version
Software Type	Plugin
Software Slug	widgets-on-pages (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8, or a newer patched version
Affected Version	<= 1.7
Patched Version	1.8
Software Type	Plugin
Software Slug	wc-sms (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.7, or a newer patched version
Affected Version	<= 2.6
Patched Version	2.7
Software Type	Plugin
Software Slug	feedback-suite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.5
Patched Version
Software Type	Plugin
Software Slug	buffer-my-post (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2020.1.0
Patched Version
Software Type	Plugin
Software Slug	content-aware-sidebars (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.19.1, or a newer patched version
Affected Version	<= 3.19
Patched Version	3.19.1
Software Type	Theme
Software Slug	bani (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.7 - 1.0.7
Patched Version
Software Type	Plugin
Software Slug	fast-wp (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	import-social-statistics (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.2
Patched Version
Software Type	Plugin
Software Slug	codepile (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.6
Patched Version
Software Type	Plugin
Software Slug	add-search-to-menu (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.5.2, or a newer patched version
Affected Version	4.0 - 5.5.1
Patched Version	5.5.2
Software Type	Plugin
Software Slug	themereps-helper (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	nowpayments-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	<= 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	xt-woo-variation-swatches (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8.8, or a newer patched version
Affected Version	1.7.2 - 1.8.7
Patched Version	1.8.8
Software Type	Plugin
Software Slug	url-shortify (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.3, or a newer patched version
Affected Version	1.0.1 - 1.7.2
Patched Version	1.7.3
Software Type	Plugin
Software Slug	adblock-notify-by-bweb (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.8 - 2.4.0
Patched Version
Software Type	Plugin
Software Slug	woo-authorize-net-gateway-aim (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.0.4, or a newer patched version
Affected Version	5.0.0 - 6.0.3
Patched Version	6.0.4
Software Type	Plugin
Software Slug	video-analytics-for-cloudflare-stream (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2, or a newer patched version
Affected Version	<= 1.1
Patched Version	1.2
Software Type	Plugin
Software Slug	auto-featured-image-auto-generated (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.0, or a newer patched version
Affected Version	1.3.7 - 1.5.4
Patched Version	1.6.0
Software Type	Plugin
Software Slug	wc4bp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.16, or a newer patched version
Affected Version	3.0 - 3.4.15
Patched Version	3.4.16
Software Type	Plugin
Software Slug	wpvr (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	1.0.1 - 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	review-engine (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.3 - 1.0.41
Patched Version
Software Type	Plugin
Software Slug	independent-analytics (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.25.1, or a newer patched version
Affected Version	<= 1.25.0
Patched Version	1.25.1
Software Type	Plugin
Software Slug	glossary-by-codeat (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.3, or a newer patched version
Affected Version	1.2.0 - 2.2.2
Patched Version	2.2.3
Software Type	Plugin
Software Slug	chatpressai (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.0
Patched Version
Software Type	Plugin
Software Slug	premmerce-woocommerce-toolkit (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.1.6
Patched Version
Software Type	Plugin
Software Slug	wp-seo-keyword-optimizer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.0 - 2.1.9.12
Patched Version
Software Type	Plugin
Software Slug	affieasy (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.9.22 - 1.0.6
Patched Version
Software Type	Theme
Software Slug	ona (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.18.3, or a newer patched version
Affected Version	1.1 - 1.18.1
Patched Version	1.18.3
Software Type	Plugin
Software Slug	convert-classic-editor-to-blocks (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.6
Patched Version
Software Type	Theme
Software Slug	wpcake (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.1 - 1.2.4
Patched Version
Software Type	Plugin
Software Slug	carousels-slider-for-divi (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.5.0 - 1.6.1
Patched Version
Software Type	Plugin
Software Slug	display-admin-page-on-frontend (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.21.1, or a newer patched version
Affected Version	1.0.0 - 1.20.0
Patched Version	1.21.1
Software Type	Plugin
Software Slug	bp-toolkit (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.6.1, or a newer patched version
Affected Version	<= 3.6.0
Patched Version	3.6.1
Software Type	Plugin
Software Slug	menu-image (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.10, or a newer patched version
Affected Version	2.9.2 - 3.0.9
Patched Version	3.10
Software Type	Theme
Software Slug	temp-mail-x (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	woo-advanced-extra-fees-lite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.2.9
Patched Version
Software Type	Plugin
Software Slug	wp-openagenda (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.0, or a newer patched version
Affected Version	<= 1.8.12
Patched Version	1.9.0
Software Type	Plugin
Software Slug	momo-venmo (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2, or a newer patched version
Affected Version	<= 4.1
Patched Version	4.2
Software Type	Plugin
Software Slug	xt-woo-ajax-add-to-cart (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.7, or a newer patched version
Affected Version	1.0.0 - 1.0.6
Patched Version	1.0.7
Software Type	Plugin
Software Slug	meta-tag-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	<= 2.0.2
Patched Version	2.1
Software Type	Plugin
Software Slug	woo-quick-reports (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.6 - 2.7.1
Patched Version
Software Type	Plugin
Software Slug	integrate-automate (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.1
Patched Version
Software Type	Plugin
Software Slug	avectra-netforum-single-sign-on (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.3.4
Patched Version
Software Type	Theme
Software Slug	hive-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.5
Patched Version	1.1.0
Software Type	Plugin
Software Slug	external-media-upload (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.4, or a newer patched version
Affected Version	<= 0.3
Patched Version	0.4
Software Type	Plugin
Software Slug	ether-and-erc20-tokens-woocommerce-payment-gateway (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.12.13, or a newer patched version
Affected Version	3.0.0 - 4.12.12
Patched Version	4.12.13
Software Type	Plugin
Software Slug	pretty-simple-popup-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.7, or a newer patched version
Affected Version	<= 1.0.6
Patched Version	1.0.7
Software Type	Plugin
Software Slug	order-on-chat-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.3.0 - 1.6.1
Patched Version
Software Type	Plugin
Software Slug	attribute-stock-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.0, or a newer patched version
Affected Version	<= 1.2.1
Patched Version	1.3.0
Software Type	Plugin
Software Slug	woocommerce-shipping-gateway-per-product (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.3, or a newer patched version
Affected Version	2.0.0 - 2.3.2
Patched Version	2.3.3
Software Type	Theme
Software Slug	purosa (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.3, or a newer patched version
Affected Version	1.0.2 - 1.1.2
Patched Version	1.1.3
Software Type	Plugin
Software Slug	projectopia-core (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.1.5, or a newer patched version
Affected Version	<= 5.1.4
Patched Version	5.1.5
Software Type	Plugin
Software Slug	nichetable (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.0, or a newer patched version
Affected Version	1.5.0 - 2.8.0
Patched Version	2.8.0
Software Type	Plugin
Software Slug	advanced-page-visit-counter (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 7.1.1, or a newer patched version
Affected Version	3.0 - 7.1.0
Patched Version	7.1.1
Software Type	Theme
Software Slug	wp-sierra (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.3 - 1.0.49
Patched Version
Software Type	Theme
Software Slug	saleszone (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.5 - 2.2.4
Patched Version
Software Type	Plugin
Software Slug	wp-tripadvisor-review-slider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 11.3, or a newer patched version
Affected Version	10.4 - 11.2
Patched Version	11.3
Software Type	Plugin
Software Slug	woo-checkout-for-digital-goods (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.7.1, or a newer patched version
Affected Version	2.8 - 3.7.0
Patched Version	3.7.1
Software Type	Plugin
Software Slug	seo-booster (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.8.9, or a newer patched version
Affected Version	3.3.30 - 3.8.8
Patched Version	3.8.9
Software Type	Plugin
Software Slug	fullworks-anti-spam (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.10, or a newer patched version
Affected Version	0.0.1 - 1.3.9
Patched Version	1.3.10
Software Type	Theme
Software Slug	gema-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.9
Patched Version	1.1.0
Software Type	Plugin
Software Slug	order-picking-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	1.0.0 - 1.0.0
Patched Version	1.0.2
Software Type	Plugin
Software Slug	ultimate-widgets-light (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.5.9.4 - 1.5.9.4
Patched Version
Software Type	Plugin
Software Slug	ua-marketplace (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.4
Patched Version
Software Type	Plugin
Software Slug	printus-cloud-printing-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.3, or a newer patched version
Affected Version	1.0.0 - 1.1.2
Patched Version	1.1.3
Software Type	Plugin
Software Slug	insert-or-embed-articulate-content-into-wordpress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.3000000021, or a newer patched version
Affected Version	<= 4.3000000020
Patched Version	4.3000000021
Software Type	Plugin
Software Slug	remove-add-to-cart-button-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	appexperts (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.0
Patched Version
Software Type	Plugin
Software Slug	ultimate-post-kit (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.6.4, or a newer patched version
Affected Version	<= 3.6.3
Patched Version	3.6.4
Software Type	Plugin
Software Slug	caxton (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.30.1, or a newer patched version
Affected Version	<= 1.30.0
Patched Version	1.30.1
Software Type	Plugin
Software Slug	nitek-carousel-cool-transitions (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.1.0
Patched Version
Software Type	Plugin
Software Slug	upcasted-s3-offload (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.0 - 3.0.2
Patched Version
Software Type	Plugin
Software Slug	netforum-directory-with-importer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.11 - 1.11
Patched Version
Software Type	Plugin
Software Slug	smart-protect (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.1
Patched Version
Software Type	Plugin
Software Slug	blockons (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.8, or a newer patched version
Affected Version	1.0.2 - 1.0.7
Patched Version	1.0.8
Software Type	Plugin
Software Slug	lpagery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.6, or a newer patched version
Affected Version	1.0 - 1.2.5
Patched Version	1.2.6
Software Type	Plugin
Software Slug	blockmeister (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.10, or a newer patched version
Affected Version	3.0.0 - 3.1.9
Patched Version	3.1.10
Software Type	Plugin
Software Slug	yatri-tools (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.5 - 1.1.3
Patched Version
Software Type	Plugin
Software Slug	change-prices-with-time-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.9.1
Patched Version
Software Type	Plugin
Software Slug	woo-extra-flat-rate (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.2.0, or a newer patched version
Affected Version	3.6.1 - 4.1.2
Patched Version	4.2.0
Software Type	Plugin
Software Slug	wpgenealogy (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 0.1.4
Patched Version
Software Type	Plugin
Software Slug	auto-date-year-month (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.1.2
Patched Version
Software Type	Plugin
Software Slug	agendapress (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.7
Patched Version
Software Type	Theme
Software Slug	gutenbook (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.8 - 1.0.14
Patched Version
Software Type	Plugin
Software Slug	sp-news-and-widget (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.1, or a newer patched version
Affected Version	<= 4.0
Patched Version	4.0.1
Software Type	Plugin
Software Slug	blog-sidebar-widget (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.6, or a newer patched version
Affected Version	<= 1.0.5
Patched Version	1.0.6
Software Type	Plugin
Software Slug	doko-box-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.1, or a newer patched version
Affected Version	<= 1.0
Patched Version	1.0.1
Software Type	Plugin
Software Slug	contact-form-db-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2, or a newer patched version
Affected Version	1.0 - 1.0.1
Patched Version	1.2
Software Type	Plugin
Software Slug	multipurpose-block (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.6, or a newer patched version
Affected Version	1.3 - 1.7.5
Patched Version	1.7.6
Software Type	Plugin
Software Slug	advanced-usps-shipping-method (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	1.0.0 - 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	forms-gutenberg (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.0, or a newer patched version
Affected Version	<= 1.3.0
Patched Version	1.4.0
Software Type	Plugin
Software Slug	artificial-intelligence-auto-content-generator (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.0, or a newer patched version
Affected Version	<= 2.3.0
Patched Version	3.0.0
Software Type	Plugin
Software Slug	wp-security-audit-log (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.4.3, or a newer patched version
Affected Version	3.0.0 - 4.4.2.1
Patched Version	4.4.3
Software Type	Plugin
Software Slug	simple-feature-requests (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.5.1, or a newer patched version
Affected Version	1.0.0 - 2.2.4
Patched Version	2.2.5.1
Software Type	Plugin
Software Slug	bulk-edit-categories-tags (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.5, or a newer patched version
Affected Version	1.0.0 - 1.7.4
Patched Version	1.7.5
Software Type	Plugin
Software Slug	license-manager-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3-beta.1, or a newer patched version
Affected Version	2.2.5 - 2.2.9
Patched Version	2.3-beta.1
Software Type	Plugin
Software Slug	embed-video-thumbnail (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.1, or a newer patched version
Affected Version	<= 1.3.0
Patched Version	1.3.1
Software Type	Plugin
Software Slug	preloader-plus (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1, or a newer patched version
Affected Version	<= 2.0.2
Patched Version	2.1
Software Type	Plugin
Software Slug	sky-login-redirect (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.7.3, or a newer patched version
Affected Version	<= 3.7.2
Patched Version	3.7.3
Software Type	Plugin
Software Slug	convoworks-wp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.22.15, or a newer patched version
Affected Version	<= 0.22.14
Patched Version	0.22.15
Software Type	Plugin
Software Slug	graphcomment-comment-system (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.3.5, or a newer patched version
Affected Version	<= 2.3.4
Patched Version	2.3.5
Software Type	Plugin
Software Slug	ga-for-wp (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.0, or a newer patched version
Affected Version	1.1 - 2.1.2
Patched Version	2.2.0
Software Type	Plugin
Software Slug	reach-us-contact-form (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	3.0 - 5.0
Patched Version
Software Type	Plugin
Software Slug	collage-for-divi (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	wp-persistent-login (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.15, or a newer patched version
Affected Version	<= 2.0.14
Patched Version	2.0.15
Software Type	Plugin
Software Slug	sonawp-simple-payment-block (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.1, or a newer patched version
Affected Version	<= 1.0.0
Patched Version	1.0.1
Software Type	Plugin
Software Slug	table-genie (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.4 - 1.0.5
Patched Version
Software Type	Plugin
Software Slug	ultimate-custom-scrollbar (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2, or a newer patched version
Affected Version	<= 1.1
Patched Version	1.2
Software Type	Plugin
Software Slug	booking-weir (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.11
Patched Version
Software Type	Plugin
Software Slug	widgets-for-siteorigin (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.3 - 1.4.8
Patched Version
Software Type	Plugin
Software Slug	sv-posts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.00, or a newer patched version
Affected Version	<= 1.9.00
Patched Version	2.0.00
Software Type	Plugin
Software Slug	tecslider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.0, or a newer patched version
Affected Version	<= 1.3.0
Patched Version	2.0.0
Software Type	Plugin
Software Slug	conditional-logic-for-woo-product-add-ons (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.1, or a newer patched version
Affected Version	1.0.0 - 1.2.0
Patched Version	1.2.1
Software Type	Plugin
Software Slug	easy-settings-for-learndash (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.3.0
Patched Version
Software Type	Plugin
Software Slug	share-this-image (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.81, or a newer patched version
Affected Version	1.47 - 1.80
Patched Version	1.81
Software Type	Plugin
Software Slug	easy-facebook-likebox (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.5.0, or a newer patched version
Affected Version	4.3.1 - 6.4.9
Patched Version	6.5.0
Software Type	Plugin
Software Slug	nexus (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 2.0
Patched Version
Software Type	Theme
Software Slug	meridia (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.8, or a newer patched version
Affected Version	1.0.0 - 2.2.7
Patched Version	2.2.8
Software Type	Plugin
Software Slug	webinar-ignition (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.01.3, or a newer patched version
Affected Version	3.01.2 - 3.01.2
Patched Version	3.01.3
Software Type	Plugin
Software Slug	delete-old-posts-programmatically (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.4.3, or a newer patched version
Affected Version	<= 3.4.2
Patched Version	3.4.3
Software Type	Plugin
Software Slug	set-admin-colour-on-staging-and-dev (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.2 - 4.0.0
Patched Version
Software Type	Plugin
Software Slug	simple-tour-guide (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.6, or a newer patched version
Affected Version	<= 1.0.5
Patched Version	1.0.6
Software Type	Theme
Software Slug	brand (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.8.9 - 1.9
Patched Version
Software Type	Plugin
Software Slug	addons-for-visual-composer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.3, or a newer patched version
Affected Version	2.2.1 - 3.2
Patched Version	3.3
Software Type	Plugin
Software Slug	wp-table-builder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.10, or a newer patched version
Affected Version	1.2.4 - 1.4.9
Patched Version	1.4.10
Software Type	Plugin
Software Slug	radio-player (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.5, or a newer patched version
Affected Version	1.0.2 - 2.0.4
Patched Version	2.0.5
Software Type	Plugin
Software Slug	content-restrictor-for-divi (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.3, or a newer patched version
Affected Version	1.0.1 - 1.4.2
Patched Version	1.4.3
Software Type	Plugin
Software Slug	logo-showcase-with-slick-slider (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.1, or a newer patched version
Affected Version	<= 3.2
Patched Version	3.2.1
Software Type	Plugin
Software Slug	premmerce-woocommerce-variation-swatches (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.0 - 1.2.1
Patched Version	1.2.2
Software Type	Plugin
Software Slug	hm-testimonial (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4
Patched Version
Software Type	Plugin
Software Slug	buddydrive (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.2, or a newer patched version
Affected Version	<= 2.1.1
Patched Version	2.1.2
Software Type	Plugin
Software Slug	sprout-clients (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2, or a newer patched version
Affected Version	3.1 - 3.1
Patched Version	3.2
Software Type	Plugin
Software Slug	simply-gallery-block (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.5, or a newer patched version
Affected Version	1.8.4 - 3.1.4
Patched Version	3.1.5
Software Type	Plugin
Software Slug	wp-asset-clean-up (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.5.5, or a newer patched version
Affected Version	<= 1.3.5.4
Patched Version	1.3.5.5
Software Type	Plugin
Software Slug	kanzu-support-desk (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.3.3 - 2.4.7
Patched Version
Software Type	Plugin
Software Slug	easy-tiktok-feed (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	pop-over-xyz (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	coinbase-commerce-for-contact-form-7 (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.2, or a newer patched version
Affected Version	1.1.1 - 1.1.1
Patched Version	1.1.2
Software Type	Plugin
Software Slug	current-template-name (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.10, or a newer patched version
Affected Version	<= 1.1.9
Patched Version	1.1.10
Software Type	Plugin
Software Slug	number-chat (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0
Patched Version
Software Type	Plugin
Software Slug	rating-widget (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.2.0, or a newer patched version
Affected Version	<= 3.1.9
Patched Version	3.2.0
Software Type	Plugin
Software Slug	recurring-bookings-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 2.0.0
Patched Version
Software Type	Plugin
Software Slug	spotlight-social-photo-feeds (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.1, or a newer patched version
Affected Version	0.2 - 1.6
Patched Version	1.6.1
Software Type	Plugin
Software Slug	go-viral (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.8.2
Patched Version
Software Type	Theme
Software Slug	the-authority (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.2, or a newer patched version
Affected Version	<= 1.0.1
Patched Version	1.0.2
Software Type	Plugin
Software Slug	cheetaho-image-optimizer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.3.1, or a newer patched version
Affected Version	<= 1.4.3
Patched Version	1.4.3.1
Software Type	Plugin
Software Slug	custom-user-guide (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.0.1
Patched Version
Software Type	Plugin
Software Slug	cf7-styler (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.4, or a newer patched version
Affected Version	<= 1.5.3
Patched Version	1.5.4
Software Type	Plugin
Software Slug	dashylite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.1 - 2.1.8
Patched Version
Software Type	Plugin
Software Slug	premmerce-user-roles (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.12, or a newer patched version
Affected Version	1.0 - 1.0.11
Patched Version	1.0.12
Software Type	Plugin
Software Slug	hm-cool-author-box-widget (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.9.5, or a newer patched version
Affected Version	<= 2.9.4
Patched Version	2.9.5
Software Type	Plugin
Software Slug	radio-station (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.0, or a newer patched version
Affected Version	2.3.0 - 2.4.0.9
Patched Version	2.5.0
Software Type	Plugin
Software Slug	mycred (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.5.3, or a newer patched version
Affected Version	<= 2.5.2
Patched Version	2.5.3
Software Type	Plugin
Software Slug	buddyforms-acf (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.5, or a newer patched version
Affected Version	<= 1.3.4
Patched Version	1.3.5
Software Type	Plugin
Software Slug	pets (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.1
Patched Version
Software Type	Plugin
Software Slug	seo-site-auditor-agency (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.9, or a newer patched version
Affected Version	1.0.0 - 1.2.8
Patched Version	1.2.9
Software Type	Plugin
Software Slug	login-designer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.6.2, or a newer patched version
Affected Version	1.6 - 1.6.1
Patched Version	1.6.2
Software Type	Plugin
Software Slug	wp-transactions (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.0, or a newer patched version
Affected Version	<= 1.0.9
Patched Version	1.1.0
Software Type	Plugin
Software Slug	reviewpress (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.5
Patched Version
Software Type	Plugin
Software Slug	wp-travel-engine (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.7.5, or a newer patched version
Affected Version	<= 5.7.4
Patched Version	5.7.5
Software Type	Plugin
Software Slug	mobile-menu (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.4, or a newer patched version
Affected Version	2.4 - 2.8.3
Patched Version	2.8.4
Software Type	Plugin
Software Slug	web3-token-gate (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.5, or a newer patched version
Affected Version	1.0.0 - 1.0.4
Patched Version	1.0.5
Software Type	Plugin
Software Slug	cf7-message-filter (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.3, or a newer patched version
Affected Version	<= 1.4.2
Patched Version	1.4.3
Software Type	Plugin
Software Slug	slp-extenders (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	5.6.0 - 6.1.1
Patched Version
Software Type	Plugin
Software Slug	shortcodes-ultimate (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.13.1, or a newer patched version
Affected Version	5.12.5 - 5.13.0
Patched Version	5.13.1
Software Type	Theme
Software Slug	hotelica (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6, or a newer patched version
Affected Version	<= 2.5
Patched Version	2.6
Software Type	Plugin
Software Slug	wp-smart-export (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4.2 - 1.4.2.3
Patched Version
Software Type	Plugin
Software Slug	easync-booking (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.7, or a newer patched version
Affected Version	1.1.5 - 1.3.6
Patched Version	1.3.7
Software Type	Plugin
Software Slug	woo-fiscalita-italiana (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.3.34
Patched Version
Software Type	Plugin
Software Slug	premmerce-woocommerce-brands (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.13, or a newer patched version
Affected Version	1.1 - 1.2.12
Patched Version	1.2.13
Software Type	Plugin
Software Slug	ethereum-wallet (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.10.6, or a newer patched version
Affected Version	<= 4.10.5
Patched Version	4.10.6
Software Type	Plugin
Software Slug	limb-gallery (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.6, or a newer patched version
Affected Version	1.4.9 - 1.5.5
Patched Version	1.5.6
Software Type	Plugin
Software Slug	code-manager (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.26, or a newer patched version
Affected Version	1.0.0 - 1.0.25
Patched Version	1.0.26
Software Type	Plugin
Software Slug	payment-gateway-payfabric (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.4 - 1.0.12.2
Patched Version
Software Type	Plugin
Software Slug	tedwp (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.0.1 - 0.0.6
Patched Version
Software Type	Plugin
Software Slug	wc-gsheetconnector (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.5, or a newer patched version
Affected Version	<= 1.3.4
Patched Version	1.3.5
Software Type	Plugin
Software Slug	update-urls (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.2, or a newer patched version
Affected Version	1.2.1 - 1.2.1
Patched Version	1.2.2
Software Type	Plugin
Software Slug	woo-product-finder (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.2, or a newer patched version
Affected Version	1.4.0 - 1.4.1
Patched Version	1.4.2
Software Type	Theme
Software Slug	aquarella-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1, or a newer patched version
Affected Version	<= 1.0.4.2
Patched Version	1.1
Software Type	Plugin
Software Slug	commerce-coinbase-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.0, or a newer patched version
Affected Version	<= 1.4.14
Patched Version	1.5.0
Software Type	Theme
Software Slug	bootstrap-coach (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.2, or a newer patched version
Affected Version	1.1.0 - 1.1.1
Patched Version	1.1.2
Software Type	Theme
Software Slug	villar (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.10
Patched Version
Software Type	Plugin
Software Slug	map-location-picker-at-checkout-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.8.5, or a newer patched version
Affected Version	1.2.2 - 1.8.4
Patched Version	1.8.5
Software Type	Plugin
Software Slug	demomentsomtres-categories (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.5.5 - 2.5.5
Patched Version
Software Type	Plugin
Software Slug	freshing (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.1 - 1.1.3
Patched Version
Software Type	Plugin
Software Slug	age-verification-screen-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	woo-ecommerce-tracking-for-google-and-facebook (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.7.1, or a newer patched version
Affected Version	3.0 - 3.7.0
Patched Version	3.7.1
Software Type	Plugin
Software Slug	joli-faq-seo (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.1, or a newer patched version
Affected Version	1.0.0 - 1.3.0
Patched Version	1.3.1
Software Type	Plugin
Software Slug	mass-pagesposts-creator (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.7, or a newer patched version
Affected Version	2.0.0 - 2.1.6
Patched Version	2.1.7
Software Type	Plugin
Software Slug	wp-relevant-ads (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.0
Patched Version
Software Type	Plugin
Software Slug	glorious-sites-installer (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	wp-facebook-group (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.8
Patched Version
Software Type	Plugin
Software Slug	airpress (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.51 - 1.1.62
Patched Version
Software Type	Plugin
Software Slug	wp-structured-data-schema (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.3, or a newer patched version
Affected Version	3.5.0 - 4.0.2
Patched Version	4.0.3
Software Type	Plugin
Software Slug	photography-portfolio (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.9, or a newer patched version
Affected Version	<= 1.4.8
Patched Version	1.4.9
Software Type	Plugin
Software Slug	login-customizer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2.3, or a newer patched version
Affected Version	2.1.5 - 2.2.2
Patched Version	2.2.3
Software Type	Plugin
Software Slug	mmt-eventon-exim-lite (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.2, or a newer patched version
Affected Version	<= 1.1.1
Patched Version	1.1.2
Software Type	Theme
Software Slug	learnmore (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.4 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	ocean-extra (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.1.8, or a newer patched version
Affected Version	1.5.12 - 2.1.6
Patched Version	2.1.8
Software Type	Plugin
Software Slug	min-and-max-quantity-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.1, or a newer patched version
Affected Version	1.1.0 - 1.1.0
Patched Version	1.1.1
Software Type	Plugin
Software Slug	puredevs-customer-history-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.1
Patched Version
Software Type	Plugin
Software Slug	kk-star-ratings (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.4.5, or a newer patched version
Affected Version	3.0.0 - 5.4.4
Patched Version	5.4.5
Software Type	Plugin
Software Slug	drop-shadow-boxes (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.12, or a newer patched version
Affected Version	1.5.8 - 1.7.10
Patched Version	1.7.12
Software Type	Theme
Software Slug	topcat-lite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	2.0.2 - 2.0.3
Patched Version
Software Type	Theme
Software Slug	fire-blog (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.2, or a newer patched version
Affected Version	<= 2.1
Patched Version	2.2
Software Type	Plugin
Software Slug	wordapp-mobile-app (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.17.1 - 2.0.3
Patched Version
Software Type	Plugin
Software Slug	faq-manager-with-structured-data (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.4.4, or a newer patched version
Affected Version	4.0.0 - 5.4.3
Patched Version	5.4.4
Software Type	Plugin
Software Slug	wps-team (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.8.0, or a newer patched version
Affected Version	2.0.0 - 2.7.0
Patched Version	2.8.0
Software Type	Plugin
Software Slug	404-to-301 (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.6, or a newer patched version
Affected Version	<= 3.0.5
Patched Version	3.0.6
Software Type	Plugin
Software Slug	quote-requests-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.4
Patched Version
Software Type	Plugin
Software Slug	quick-contact-form (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 8.0.6.8, or a newer patched version
Affected Version	7.0.0 - 8.0.6.6
Patched Version	8.0.6.8
Software Type	Plugin
Software Slug	wp-front-end-profile (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.1 - 1.3.0
Patched Version
Software Type	Plugin
Software Slug	wc-rest-payment (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.4.1
Patched Version
Software Type	Plugin
Software Slug	advanced-visual-elements (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.7, or a newer patched version
Affected Version	<= 1.0.6
Patched Version	1.0.7
Software Type	Plugin
Software Slug	svg-flags-lite (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	0.5 - 0.9.6
Patched Version
Software Type	Plugin
Software Slug	post-list-designer (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.3.1, or a newer patched version
Affected Version	<= 3.3
Patched Version	3.3.1
Software Type	Plugin
Software Slug	files-download-delay (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.6, or a newer patched version
Affected Version	<= 1.0.5
Patched Version	1.0.6
Software Type	Plugin
Software Slug	smart-tools-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.8 - 1.1.0
Patched Version
Software Type	Plugin
Software Slug	premmerce-woocommerce-product-bundles (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0.9
Patched Version
Software Type	Plugin
Software Slug	embedpress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.3, or a newer patched version
Affected Version	<= 2.0.2
Patched Version	2.0.3
Software Type	Plugin
Software Slug	before-and-after-product-images-for-woocommerce (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	wp-facebook-reviews (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.6, or a newer patched version
Affected Version	<= 3.5
Patched Version	3.6
Software Type	Plugin
Software Slug	stop-wp-emails-going-to-spam (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.0.3, or a newer patched version
Affected Version	<= 2.0.2
Patched Version	2.0.3
Software Type	Plugin
Software Slug	f4-tree (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.15, or a newer patched version
Affected Version	1.1.0 - 1.1.14
Patched Version	1.1.15
Software Type	Theme
Software Slug	suffice (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.6, or a newer patched version
Affected Version	<= 1.1.5
Patched Version	1.1.6
Software Type	Plugin
Software Slug	premium-blog-addons (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.0
Patched Version
Software Type	Plugin
Software Slug	customer-chat-facebook (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1.0 - 1.1.1
Patched Version
Software Type	Plugin
Software Slug	ultimate-sms-notifications (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.9.9.6, or a newer patched version
Affected Version	1.2 - 1.9.9.5
Patched Version	1.9.9.6
Software Type	Plugin
Software Slug	mail-control (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.3.2, or a newer patched version
Affected Version	0.2 - 0.2.8
Patched Version	0.3.2
Software Type	Plugin
Software Slug	locations-and-areas (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.7.2, or a newer patched version
Affected Version	<= 1.7.1
Patched Version	1.7.2
Software Type	Plugin
Software Slug	lawpress (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4.5
Patched Version
Software Type	Theme
Software Slug	agncy (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.6.7
Patched Version
Software Type	Plugin
Software Slug	woo-shipping-display-mode (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.7.7, or a newer patched version
Affected Version	3.4 - 3.7.6
Patched Version	3.7.7
Software Type	Plugin
Software Slug	blockington (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.2 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	royal-elementor-addons (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.3.71, or a newer patched version
Affected Version	1.3 - 1.3.70
Patched Version	1.3.71
Software Type	Plugin
Software Slug	sql-reporting-services (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.3
Patched Version
Software Type	Plugin
Software Slug	wp-sheet-editor-bulk-spreadsheet-editor-for-posts-and-pages (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.25.3, or a newer patched version
Affected Version	1.4.3 - 2.25.2
Patched Version	2.25.3
Software Type	Plugin
Software Slug	preprocess-dezrez (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.1 - 1.1.2
Patched Version
Software Type	Plugin
Software Slug	delete-duplicate-posts (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.8.9, or a newer patched version
Affected Version	4.1.9 - 4.8.8
Patched Version	4.8.9
Software Type	Plugin
Software Slug	rss-control (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.8, or a newer patched version
Affected Version	2.0.2 - 3.0.5
Patched Version	3.0.8
Software Type	Plugin
Software Slug	cleanup-action-scheduler (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.2.0, or a newer patched version
Affected Version	1.0.0 - 1.1.0
Patched Version	1.2.0
Software Type	Plugin
Software Slug	media-download (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.4
Patched Version
Software Type	Plugin
Software Slug	wp-link-bio (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.2.0 - 1.4.5
Patched Version
Software Type	Plugin
Software Slug	geo-mashup (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.13.12, or a newer patched version
Affected Version	1.9.1 - 1.13.11
Patched Version	1.13.12
Software Type	Plugin
Software Slug	woo-product-reviews-shortcode (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.21, or a newer patched version
Affected Version	<= 1.0.20
Patched Version	1.0.21
Software Type	Plugin
Software Slug	cpa-offerwall (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.1 - 1.0.2
Patched Version
Software Type	Plugin
Software Slug	sites-monitor (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.0.9, or a newer patched version
Affected Version	0.0.7 - 0.0.8
Patched Version	0.0.9
Software Type	Plugin
Software Slug	contact-list (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.9.72, or a newer patched version
Affected Version	2.9.24 - 2.9.69
Patched Version	2.9.72
Software Type	Plugin
Software Slug	post-snippets (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 4.0.4, or a newer patched version
Affected Version	3.0.0 - 4.0.3
Patched Version	4.0.4
Software Type	Plugin
Software Slug	how-to-wp (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 1.0.2
Patched Version
Software Type	Theme
Software Slug	wp-forge (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.5.3.1, or a newer patched version
Affected Version	<= 6.5.3
Patched Version	6.5.3.1
Software Type	Plugin
Software Slug	socialmark (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0.0 - 2.0.6
Patched Version
Software Type	Plugin
Software Slug	print-my-blog (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.25.3, or a newer patched version
Affected Version	3.3.0 - 3.25.1
Patched Version	3.25.3
Software Type	Plugin
Software Slug	role-and-customer-based-pricing-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.1, or a newer patched version
Affected Version	1.0.0 - 1.4.0
Patched Version	1.4.1
Software Type	Plugin
Software Slug	notification (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 6.0.5, or a newer patched version
Affected Version	<= 6.0.4
Patched Version	6.0.5
Software Type	Theme
Software Slug	chic-lifestyle (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 10.0.8, or a newer patched version
Affected Version	1.1.3 - 1.1.3
Patched Version	10.0.8
Software Type	Plugin
Software Slug	delicious-recipes (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.5.3, or a newer patched version
Affected Version	<= 1.5.2
Patched Version	1.5.3
Software Type	Plugin
Software Slug	treepress (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.0.1, or a newer patched version
Affected Version	1.0 - 3.0.0.1
Patched Version	3.0.1
Software Type	Plugin
Software Slug	noted-pro (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.0 - 1.02
Patched Version
Software Type	Plugin
Software Slug	postcode-redirect (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 5.0.0, or a newer patched version
Affected Version	2.1.1 - 4.4.1
Patched Version	5.0.0
Software Type	Plugin
Software Slug	wc-product-author (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.0.4, or a newer patched version
Affected Version	<= 1.0.3
Patched Version	1.0.4
Software Type	Plugin
Software Slug	autocomplete-address-and-location-picker-for-woocommerce (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.1.7, or a newer patched version
Affected Version	1.0.0 - 1.1.5
Patched Version	1.1.7
Software Type	Plugin
Software Slug	wp-coupons-and-deals (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 3.1.19, or a newer patched version
Affected Version	2.1.3 - 3.1.18
Patched Version	3.1.19
Software Type	Plugin
Software Slug	copy-the-code (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 2.6.4, or a newer patched version
Affected Version	1.3.0 - 2.6.3
Patched Version	2.6.4
Software Type	Plugin
Software Slug	feedpress-generator (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	<= 1.2.0
Patched Version
Software Type	Plugin
Software Slug	information-for-help (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 0.0.3, or a newer patched version
Affected Version	<= 0.0.2
Patched Version	0.0.3
Software Type	Plugin
Software Slug	form-vibes (view on wordpress.org)
Patched?	Yes
Remediation	Update to version 1.4.9, or a newer patched version
Affected Version	<= 1.4.8
Patched Version	1.4.9
Software Type	Plugin
Software Slug	wp-automedic (view on wordpress.org)
Patched?	No
Remediation	No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Affected Version	1.4.0 - 1.5.6
Patched Version

This record contains material that is subject to copyright

Copyright 2012-2026 Defiant Inc.
License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. License Detail.