Die Sicherheit von WordPress-Websites ist von entscheidender Bedeutung, da sie täglich zahlreichen Sicherheitsbedrohungen ausgesetzt sind. Um Ihre Website vor möglichen Angriffen zu schützen, ist es wichtig, regelmäßig Updates für Ihre WordPress-Plugins und -Themes durchzuführen. In diesem Artikel werden wir die neuesten Updates für den Zeitraum vom 02.Oktober 2023 bis zum 11. Oktober 2023 besprechen und welche Maßnahmen Sie ergreifen sollten, um Ihre Website sicher zu halten.
WordPress Plugin-Updates
Im Zeitraum vom 02.Oktober 2023 bis zum 11. Oktober 2023 wurden insgesamt 101 neue Sicherheitslücken veröffentlicht, von denen fast zwei Millionen WordPress-Websites betroffen sein können. Es gibt 42 Plugin-Sicherheitslücken, für die Sicherheitspatches verfügbar sind. Stellen Sie sicher, dass Sie diese Updates so schnell wie möglich installieren. Wenn Sie Solid Security Pro verwenden, wurde Sie möglicherweise bereits von dem Versionsverwaltungstool gewarnt und diese Plugins wurden aktualisiert, abhängig von Ihren Einstellungen. Es gibt jedoch auch 59 Plugin-Sicherheitslücken, für die noch kein Patch verfügbar ist.
| Plugin Name | Plugin Slug | Installations | Vulnerability | Patched in Version | Severity Score | CVE |
|---|---|---|---|---|---|---|
| Contact Form by Supsystic | contact-form-by-supsystic | 10,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45068 |
| WP Custom Widget area | wp-custom-widget-area | 10,000+ | Broken Access Control | No Fix | Medium | 2023-45045 |
| WP Power Stats | wp-power-stats | 9,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45011 |
| Simple SEO | cds-simple-seo | 8,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45269 |
| WP Forms Puzzle Captcha | wp-forms-puzzle-captcha | 7,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-44997 |
| Post View Count | wp-simple-post-view | 6,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-44996 |
| Complete Open Graph | complete-open-graph | 5,000+ | Cross Site Scripting | No Fix | Medium | 2023-45010 |
| Permalinks Customizer | permalinks-customizer | 3,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45103 |
| Urvanov Syntax Highlighter | urvanov-syntax-highlighter | 3,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45106 |
| WooCommerce Login Redirect | woo-login-redirect | 3,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-44995 |
| GoodBarber | goodbarber | 2,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45107 |
| Gumroad | gumroad | 2,000+ | Cross Site Scripting | No Fix | Medium | 2023-45059 |
| ShortCodes UI | shortcodes-ui | 2,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-44994 |
| Short URL | shorten-url | 2,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45058 |
| Blog Manager Light | blog-manager-light | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45102 |
| Canvasio3D Light | canvasio3d-light | 1,000+ | Cross Site Scripting | No Fix | High | 2023-45062 |
| Copy or Move Comments | copy-or-move-comments | 1,000+ | SQL Injection | No Fix | High | 2023-28748 |
| Ebook Store | ebook-store | 1,000+ | Cross Site Scripting | No Fix | High | 2023-45602 |
| Hitsteps Web Analytics | hitsteps-visitor-manager | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45268 |
| Hitsteps Web Analytics | hitsteps-visitor-manager | 1,000+ | Cross Site Scripting | No Fix | Medium | 2023-45057 |
| Interactive World Map | interactive-world-map | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45060 |
| LeadSquared Suite | leadsquared-suite | 1,000+ | Cross Site Request Forgery | No Fix | High | 2023-45047 |
| Mailrelay | mailrelay | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45108 |
| OPcache Dashboard | opcache | 1,000+ | Cross Site Scripting | No Fix | High | 2023-45064 |
| SendPulse Free Web Push | sendpulse-web-push | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45274 |
| Timely Booking Button | timely-booking-button | 1,000+ | Cross Site Scripting | No Fix | Medium | 2023-44987 |
| WhitePage | white-page-publication | 1,000+ | Cross Site Request Forgery | No Fix | Medium | 2023-45109 |
| Stout Google Calendar | stout-google-calendar | 800+ | Cross Site Request Forgery | No Fix | Medium | 2023-45273 |
| Category Meta plugin | wp-category-meta | 800+ | Cross Site Request Forgery | No Fix | Medium | 2023-44998 |
| User Location and IP | user-location-and-ip | 600+ | Cross Site Scripting | No Fix | Medium | 2023-31217 |
| Fotomoto | fotomoto | 400+ | Cross Site Scripting | No Fix | High | 2023-45007 |
| Mendeley Plugin | mendeleyplugin | 300+ | Cross Site Scripting | No Fix | Medium | 2023-45073 |
| Publish Confirm Message | publish-confirm-message | 100+ | Cross Site Request Forgery | No Fix | Medium | 2023-32124 |
| Automated Editor | automated-editor | 10+ | Cross Site Request Forgery | No Fix | Medium | 2023-45276 |
| Dropshipping & Affiliation | wp-amazon-shop | Arbitrary File Upload | No Fix | Critical | 2023-31215 | |
| Woo Custom Emails | woo-custom-emails | Cross Site Scripting | No Fix | High | 2023-45004 | |
| Slick Contact Forms | slick-contact-forms | Cross Site Scripting | No Fix | Medium | 2023-5468 | |
| WP Responsive header image | responsive-header-image- | Cross Site Scripting | No Fix | Medium | 2023-5334 | |
| Product Category Tree | product-category-tree | Cross Site Scripting | No Fix | High | 2023-45054 | |
| Instagram for WordPress | instagram-for-wordpress | Cross Site Scripting | No Fix | Medium | 2023-5357 | |
| Hotjar | hotjar | Cross Site Scripting | No Fix | Medium | 2023-1259 | |
| Contact form Form For All | formforall | Cross Site Scripting | No Fix | Medium | 2023-5337 | |
| WordPress Popular Posts | wordpress-popular-posts | 200,000+ | Cross Site Scripting | 06.03.03 | Medium | 2023-45607 |
| Media Library Assistant | media-library-assistant | 70,000+ | Cross Site Scripting | 03.12.23 | Medium | 2023-24385 |
| Booster for WooCommerce | woocommerce-jetpack | 60,000+ | Sensitive Data Exposure | 07.01.02 | Medium | 2023-40002 |
| WP Custom Admin Interface | wp-custom-admin-interface | 30,000+ | Broken Access Control | 7.33 | Medium | 2023-44988 |
| Bold Timeline Lite | bold-timeline-lite | 10,000+ | Broken Access Control | 01.02.23 | Medium |