2024ǯ1·î¤ÎWordPress¥×¥é¥°¥¤¥óÀȼåÀ¤È¥Ñ¥Ã¥Á¾ðÊó¤Þ¤È¤á
Sucuri¤Ï1·î30Æü(¸½ÃÏ»þ´Ö)¡¢¡ÖVulnerability & Patch Roundup January 2024¡×¤Ë¤ª¤¤¤Æ¡¢2023ǯ12·î¤ËÌÀ¤é¤«¤Ë¤Ê¤Ã¤¿WordPress¤ÎÀȼåÀ¤ª¤è¤Ó¥»¥¥å¥ê¥Æ¥£¥Ñ¥Ã¥Á¤Î¾ðÊó¤Ë¤Ä¤¤¤ÆÅÁ¤¨¤¿¡£Sucuri¤ÏWeb¥µ¥¤¥È½êͼԤËÂФ·¤Æ¿·¤¿¤Ê¶¼°Ò¤òÇÄ°®¤·¤ÆÂн褷¤Æ¤â¤é¤¨¤ë¤è¤¦¡¢1¥«·î´Ö¤ËÌÀ¤é¤«¤Ë¤Ê¤Ã¤¿WordPress¥¨¥³¥·¥¹¥Æ¥à¤Î½ÅÍפʥ»¥¥å¥ê¥Æ¥£¥¢¥Ã¥×¥Ç¡¼¥È¤ÈÀȼåÀ¥Ñ¥Ã¥Á¤Î°ìÍ÷¤ò¤Þ¤È¤á¤Æ¸øɽ¤·¤Æ¤¤¤ë¡£
º£·î¤Ï28¸Ä¤ÎÀȼåÀ¤È¤½¤Î´ËϺö¤¬¾Ò²ð¤µ¤ì¤Æ¤¤¤ë¡£¥»¥¥å¥ê¥Æ¥£¥ê¥¹¥¯¤¬¡Ö½ÅÍ×(High)¡×¤¬3¡¢¡Ö·Ù¹ð(Medium)¡×¤¬21¡¢¡ÖÄã(Low)¡×¤¬4¤È¤Ê¤Ã¤Æ¤¤¤ë¡£
¡û12·îWordPress¥×¥é¥°¥¤¥ó¤Î¼ç¤ÊÀȼåÀ
º£·î¤Î¼ç¤ÊÀȼåÀ¤Ï¼¡¤Î¤È¤ª¤ê¡£
[½ÅÍ×(High)] CVE-2023-51415 GiveWP - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[½ÅÍ×(High)] CVE-2023-6600 OMGF - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ¤ª¤è¤Ó¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[½ÅÍ×(High)] CVE-2023-6634 LearnPress - SQL ¥¤¥ó¥¸¥§¥¯¥·¥ç¥ó¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6524 MapPress Maps for WordPress - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6594 WordPress Button Plugin MaxButtons - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6697 WP Google Maps - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6738 PageLayer - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6751 Hostinger - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6776 3D Flipbook - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6808 Amelia - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6884 Plugin for Google Reviews - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6958 WP Recipe Maker - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6986 EmbedPress - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6994 List category posts - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7019 LightStart - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7027 POST SMTP Mailer - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7044 Essential Addons for Elementor - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7071 Essential Blocks - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-0508 Orbit Fox Companion - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-0587 AMP for WP - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-22146 Schema - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-22147 PDF Invoices - SQL ¥¤¥ó¥¸¥§¥¯¥·¥ç¥ó¤ÎÀȼåÀ
[·Ù¹ð(Medium)] Happy Elementor Addons - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] WooCommerce - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2023-6498 Complianz GDPR/CCPA Cookie Consent - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0618 FluentForm - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0630 WP RSS Aggregator - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0691 Filebird - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
WordPress¤ÎÀȼåÀ¤Ï¥µ¥¤¥Ð¡¼ÈȺá¼Ô¤Ë°ÍѤµ¤ì¤ä¤¹¤¤¡£Web¥µ¥¤¥È¤ò±¿±Ä¤·¤Æ¤¤¤ë¾ì¹ç¡¢Sucuri¤Î¥»¥¥å¥ê¥Æ¥£¾ðÊó¤ÎÆâÍƤò³Îǧ¤¹¤ë¤È¤È¤â¤Ë¡¢Å¬Àڤ˴ËϺö¤ÎŬÍѤ䥢¥Ã¥×¥Ç¡¼¥È¤ÎŬÍѤò¼Â»Ü¤¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤ë¡£
º£·î¤Ï28¸Ä¤ÎÀȼåÀ¤È¤½¤Î´ËϺö¤¬¾Ò²ð¤µ¤ì¤Æ¤¤¤ë¡£¥»¥¥å¥ê¥Æ¥£¥ê¥¹¥¯¤¬¡Ö½ÅÍ×(High)¡×¤¬3¡¢¡Ö·Ù¹ð(Medium)¡×¤¬21¡¢¡ÖÄã(Low)¡×¤¬4¤È¤Ê¤Ã¤Æ¤¤¤ë¡£
¡û12·îWordPress¥×¥é¥°¥¤¥ó¤Î¼ç¤ÊÀȼåÀ
º£·î¤Î¼ç¤ÊÀȼåÀ¤Ï¼¡¤Î¤È¤ª¤ê¡£
[½ÅÍ×(High)] CVE-2023-51415 GiveWP - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[½ÅÍ×(High)] CVE-2023-6600 OMGF - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ¤ª¤è¤Ó¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[½ÅÍ×(High)] CVE-2023-6634 LearnPress - SQL ¥¤¥ó¥¸¥§¥¯¥·¥ç¥ó¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6524 MapPress Maps for WordPress - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6594 WordPress Button Plugin MaxButtons - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6697 WP Google Maps - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6738 PageLayer - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6751 Hostinger - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6776 3D Flipbook - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6808 Amelia - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6884 Plugin for Google Reviews - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6958 WP Recipe Maker - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6986 EmbedPress - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-6994 List category posts - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7019 LightStart - ¥Á¥§¥Ã¥¯·çÍî¤Ë¤è¤ëÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7027 POST SMTP Mailer - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7044 Essential Addons for Elementor - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2023-7071 Essential Blocks - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-0508 Orbit Fox Companion - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-0587 AMP for WP - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-22146 Schema - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] CVE-2024-22147 PDF Invoices - SQL ¥¤¥ó¥¸¥§¥¯¥·¥ç¥ó¤ÎÀȼåÀ
[·Ù¹ð(Medium)] Happy Elementor Addons - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[·Ù¹ð(Medium)] WooCommerce - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2023-6498 Complianz GDPR/CCPA Cookie Consent - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0618 FluentForm - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0630 WP RSS Aggregator - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
[Ãí°Õ(Low)] CVE-2024-0691 Filebird - ¥¯¥í¥¹¥µ¥¤¥È¥¹¥¯¥ê¥×¥Æ¥£¥ó¥°¤ÎÀȼåÀ
WordPress¤ÎÀȼåÀ¤Ï¥µ¥¤¥Ð¡¼ÈȺá¼Ô¤Ë°ÍѤµ¤ì¤ä¤¹¤¤¡£Web¥µ¥¤¥È¤ò±¿±Ä¤·¤Æ¤¤¤ë¾ì¹ç¡¢Sucuri¤Î¥»¥¥å¥ê¥Æ¥£¾ðÊó¤ÎÆâÍƤò³Îǧ¤¹¤ë¤È¤È¤â¤Ë¡¢Å¬Àڤ˴ËϺö¤ÎŬÍѤ䥢¥Ã¥×¥Ç¡¼¥È¤ÎŬÍѤò¼Â»Ü¤¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤ë¡£
