[WordPress Security] Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites

From: Wordfence <list_at_wordfence.com>
Date: Tue, 22 Aug 2023 07:09:06 -0700

Critical Vulnerability allowed attackers to register as administrator and take full control of vulnerable websites.

Wordfence-Logo.png (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nP3l5QzW5BW0B06lZ3pwN7hbd-P1XZgCVH5tB95ZlQxGW5yrsLl60DXt3VrjSSv5lhR1wW2ywZ4Z4nHGMwVPgFhh7qRZNZW8FfyBb3s87TxW8wgcRL3msCP4W33qWJk2GGHpvW48l-bG7dCZs9W5TDmdd78Xf10MfYDpr7ddRCW3fxRlL5dZlRrV1L1VT5RJh0YW6vVM4k3l2Tw8W13TRRQ4q_qNTN6-vm52rDm6pW72kydm227qszf8LSpy604 )

Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nv5jGjMW50kH_H6lZ3n8W2-f4cS3dHLNNW3qRcL08_3L5TW84wbty9cv3GyW6L_6wN3z4cr2W16sfvx4VvDl9W1jRqfk61mvDYW47s_H54cmnR4W4f5LHf7BS_zGW8QVRvQ8tfySmW7TVKRp1ql1WNW5ZHYMD38NxB0W82JVLN8V2b1dW54CQdq3crjrFW758vDv3rZd9GW5dy5w978zf80W4CHx2N9jfSP7VSyq8F3TD15LV-y81f8S3MlCW73W9BL6K5V27W2_thDV2N9NZxVgpTzL1YxYQqW5t9Jys4q6Mz4W2QmXdC5bcFrHW2zdkc-80SxJ6W5lgC7R2cbdghW5lL4Wv2yzdB-W37fLrC2jBB_gN66v9P7RYxmVW5jSmMT54RRkSW2-Rsw56BcNLfVdXWfn4WhgRNN7K20HQy90RXf61Yc8404 )

On August 10, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in the Charitable plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative privileges by supplying a role during a registration.

Wordfence Premium (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3nLW7yDH0z79lmr_W3J2npD8wsp6SW1VwXcv2K-p29N6qdKd_jTX3hW1Jy-LZ4hY2RRW5GNhJ01HtrDrW4VQXmc5ltXWwVVR6341-TVk1W89t_LX5jhnzhVY6Gzm4N1pmxW5Nxn9796xLJxW6RmLlh77D8RGN3slLMWs7qptVmzyST4w_GGtN5FPzs_PQDQKW5lf2Rq5Md-RBW5HZH6g1PxH3yW6b0tLc1TSqSrW8xdJ-C5GM1zwW3sX8SR69NrWfW3GKsz14X4JjvW5ThMK13ptN1pf6f-ckT04 ) , Wordfence Care (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3pSW8lVwSf8QynX2W8TyXzQ8f_1X7V75RBv5pVRDJW2K3_BW1PDYjhVlVfsJ4y5WRzW7hnCd9942DtLW8Tjsmq6SVySkW2Bqzrw7FBNgdW1TsbYx6MDWmxW3J3y0V4CktQ_W75PSkD2d0R_WW5lY2S27Qt5JkW3SV9r57-zkFWW8b5_Cs2YmzbhMvJp_XsWZx3W5X6dDs8GJg-sW1hY1tG2clSPQW7SJB8244VY6gVcyTNx1wP7sPW1GVmhf98VvhzW5sxbww6w9HwMW17TJBW9gSjZ-f1YJ1M-04 ) , and Wordfence Response (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3kyVb4hKc27DFgXN1MRmZXj-TLTW22wdJK5cF3hmN3_3-TPC11d4W3JQVqD6t1s4tW3c0syt533rmXW45HTnb15Jfq2V8MfWF7XxF0jN6XQKlZhG_9CN2wt9LD6Gjf-W7rd2GQ5l_4XgW5zz8_B1rX1cjW3GTx2g4CTQrlW34QglJ3fxXxtW33G7_D9b23SnMHqBgxyHjWjW8-C3396byQZBMtczHl9klhkW36LsrN8Qn25ZW4ytb4W4L7LrcW8_MMgR6lfVWNW2LR4sx3BM0ljf1mR-PH04 ) users received a firewall rule to protect against any exploits targeting this vulnerability on August 10, 2023. Sites still using the free version of Wordfence will receive the same protection on September 9, 2023.

We contacted WP Charitable Team via email on August 10, 2023, but we didn’t get a response. Next, we tried to contact them via a contact form on their site on August 16, 2023, and we received a response on the same day. After providing full disclosure details, the developer released a patch on August 17, 2023. We would like to commend the WP Charitable Team for their prompt response and timely patch, which was released in just one day.

We urge users to update their sites with the latest patched version of Charitable, which is version 1.7.0.13 at the time of this writing, as soon as possible.

As with any Privilege Escalation vulnerability, this can be used for complete site compromise. Once an attacker has gained administrative user access to a WordPress site they can then manipulate anything on the targeted site as a normal administrator would. This includes the ability to upload plugin and theme files, which can be malicious zip files containing backdoors, and modifying posts and pages which can be leveraged to redirect site users to other malicious sites.

READ THIS POST ON THE BLOG
(https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nv5jGjMW50kH_H6lZ3n8W2-f4cS3dHLNNW3qRcL08_3L5TW84wbty9cv3GyW6L_6wN3z4cr2W16sfvx4VvDl9W1jRqfk61mvDYW47s_H54cmnR4W4f5LHf7BS_zGW8QVRvQ8tfySmW7TVKRp1ql1WNW5ZHYMD38NxB0W82JVLN8V2b1dW54CQdq3crjrFW758vDv3rZd9GW5dy5w978zf80W4CHx2N9jfSP7VSyq8F3TD15LV-y81f8S3MlCW73W9BL6K5V27W2_thDV2N9NZxVgpTzL1YxYQqW5t9Jys4q6Mz4W2QmXdC5bcFrHW2zdkc-80SxJ6W5lgC7R2cbdghW5lL4Wv2yzdB-W37fLrC2jBB_gN66v9P7RYxmVW5jSmMT54RRkSW2-Rsw56BcNLfVdXWfn4WhgRNN7K20HQy90RXf61Yc8404 )

Vulnerability Summary from Wordfence Intelligence

Description: Donation Forms by Charitable <= 1.7.0.12 – Unauthenticated Privilege Escalation (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nP5jGjMW5BWr2F6lZ3mXW2xhmqy3_0Q5SN1cWxK_R4PWMW3Dznvs1f1CgWW2xsqX55mDnf9N5yPXXh76QXhW7NRTHD6pVd0YN1kx1QvL8GGNW2zxcZT6cDgFrW5BRFb068wVbrW4RLqQH6KkcwgW6v2s_k1YqZB8W1F384p4XK4vcW6R3Fxb5YGHy7W3jZdm58SNk6DW3m__xk6Pw4L3W8Jdc698_PxbZW5WZ-sc2v-5mYW6b9H-N8QLh-_W5y9Tc-38HZrTW3kTX5R13wS64W7gdG6q6LbbG1W4DWwz23pFrCPW2mXw9V51n3qKW2B3KrK1y5sqtVqCRRG9bBPWPN1W1DjDtw_ZCW62yWfP8HbglqW3vV2Qp2RdYFnW6LGXQg8tzldjW8l1NqW4dy3gFW4483H97mxP8MW5SQwDN7pfK7rV_4tvx5kl6YkVyLzT63rt3Rlf7mW6FR04 )

Affected Plugin: Charitable – Donations Plugin & Fundraising Platform for WordPress

Plugin Slug: charitable

Affected Versions: <= 1.7.0.12

CVE ID: CVE-2023-4404

CVSS Score: 9.8 (Critical)

CVSS Vector:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Researcher/s: Lana Codes (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pH3l5QzW7lCdLW6lZ3kKW7kJTy53mMZ-VN730w4NXgTjJN85rkk7hF0T5W8xl7qW2c3PcwN9hDsj5kyTnGW7fD7h72Hc_4jW3fypbt3pqG1bW6L-vnT8LbfXdW3FFCNl6TZb6FW4X9v9625kVGxW3flYLX58LSj_W1xT3Q_93VRhFW2-rjX88wgr9TW6-_Zr06zrwqnW19ycmg903c8KW1ynG071qns14W4_hMGd7BhStgW8rrLNq1f-fgcW3lzb7m17VnHqW4MqjDw3NsvNfN7-XgfKPP3SrW68DV0w4tBTLHF882Fw88-56W21z3Yd489r4Qf6lx4tP04 )

Fully Patched Version: 1.7.0.13

The Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the ‘update_core_user’ function. This makes it possible for unauthenticated attackers to specify their user role by supplying the ‘role’ parameter during a registration.

Technical Analysis

Charitable is a plugin that makes it possible to create donation forms and fundraising campaigns in WordPress.

The plugin provides a shortcode ([charitable_registration]) for a custom registration form. However, insecure implementation of the plugin’s registration functionality allows users to specify arbitrary parameters when creating an account. Examining the code reveals that there is no predefined list of user parameters, nor a ban list of dangerous parameters. This makes it possible to register an administrator user by supplying the ‘role’ parameter, with the value of the role they would like assigned to their account, such as ‘administrator’.

[VIEW THIS CODE SNIPPET ON THE BLOG] (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nv5jGjMW50kH_H6lZ3n8W2-f4cS3dHLNNW3qRcL08_3L5TW84wbty9cv3GyW6L_6wN3z4cr2W16sfvx4VvDl9W1jRqfk61mvDYW47s_H54cmnR4W4f5LHf7BS_zGW8QVRvQ8tfySmW7TVKRp1ql1WNW5ZHYMD38NxB0W82JVLN8V2b1dW54CQdq3crjrFW758vDv3rZd9GW5dy5w978zf80W4CHx2N9jfSP7VSyq8F3TD15LV-y81f8S3MlCW73W9BL6K5V27W2_thDV2N9NZxVgpTzL1YxYQqW5t9Jys4q6Mz4W2QmXdC5bcFrHW2zdkc-80SxJ6W5lgC7R2cbdghW5lL4Wv2yzdB-W37fLrC2jBB_gN66v9P7RYxmVW5jSmMT54RRkSW2-Rsw56BcNLfVdXWfn4WhgRNN7K20HQy90RXf61Yc8404 )

The update_core_user method in the Charitable_User class

As with any Privilege Escalation vulnerability, this can be used for complete site compromise. Once an attacker has gained administrative user access to a WordPress site they can then manipulate anything on the targeted site as a normal administrator would. This includes the ability to upload plugin and theme files, which can be malicious zip files containing backdoors, and modifying posts and pages which can be leveraged to redirect site users to other malicious sites.

Disclosure Timeline

August 10, 2023 – Discovery of the Privilege Escalation vulnerability in Charitable.

August 10, 2023 – We tried to initiate contact with the plugin vendor via email asking that they confirm the inbox for handling the discussion.

August 10, 2023 – Wordfence Premium, Care, and Response users receive a firewall rule to provide protection against any exploits that may target this vulnerability.

August 16, 2023 – Since we didn’t get a response to the email contact, we tried to contact the plugin vendor via contact form asking that they confirm the inbox for handling the discussion.

August 16, 2023 – The vendor confirms the inbox for handling the discussion.

August 16, 2023 – We send over the full disclosure details. The vendor acknowledges the report and begins working on a fix.

August 17, 2023 – A fully patched version of the plugin, 1.7.0.13, is released.

September 9, 2023 – Wordfence Free users receive the same protection.

Conclusion

In this blog post, we detailed a Privilege Escalation vulnerability within the Charitable plugin affecting versions 1.7.0.12 and earlier. This vulnerability allows unauthenticated threat actors to elevate their privileges to those of a site administrator which could ultimately lead to complete site compromise. The vulnerability has been fully addressed in version 1.7.0.13 of the plugin.

We encourage WordPress users to verify that their sites are updated to the latest patched version of Charitable.

Wordfence Premium (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3nLW7yDH0z79lmr_W3J2npD8wsp6SW1VwXcv2K-p29N6qdKd_jTX3hW1Jy-LZ4hY2RRW5GNhJ01HtrDrW4VQXmc5ltXWwVVR6341-TVk1W89t_LX5jhnzhVY6Gzm4N1pmxW5Nxn9796xLJxW6RmLlh77D8RGN3slLMWs7qptVmzyST4w_GGtN5FPzs_PQDQKW5lf2Rq5Md-RBW5HZH6g1PxH3yW6b0tLc1TSqSrW8xdJ-C5GM1zwW3sX8SR69NrWfW3GKsz14X4JjvW5ThMK13ptN1pf6f-ckT04 ) , Wordfence Care (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3pSW8lVwSf8QynX2W8TyXzQ8f_1X7V75RBv5pVRDJW2K3_BW1PDYjhVlVfsJ4y5WRzW7hnCd9942DtLW8Tjsmq6SVySkW2Bqzrw7FBNgdW1TsbYx6MDWmxW3J3y0V4CktQ_W75PSkD2d0R_WW5lY2S27Qt5JkW3SV9r57-zkFWW8b5_Cs2YmzbhMvJp_XsWZx3W5X6dDs8GJg-sW1hY1tG2clSPQW7SJB8244VY6gVcyTNx1wP7sPW1GVmhf98VvhzW5sxbww6w9HwMW17TJBW9gSjZ-f1YJ1M-04 ) , and Wordfence Response (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3kyVb4hKc27DFgXN1MRmZXj-TLTW22wdJK5cF3hmN3_3-TPC11d4W3JQVqD6t1s4tW3c0syt533rmXW45HTnb15Jfq2V8MfWF7XxF0jN6XQKlZhG_9CN2wt9LD6Gjf-W7rd2GQ5l_4XgW5zz8_B1rX1cjW3GTx2g4CTQrlW34QglJ3fxXxtW33G7_D9b23SnMHqBgxyHjWjW8-C3396byQZBMtczHl9klhkW36LsrN8Qn25ZW4ytb4W4L7LrcW8_MMgR6lfVWNW2LR4sx3BM0ljf1mR-PH04 ) users received a firewall rule to protect against any exploits targeting this vulnerability on August 10, 2023. Sites still using the free version of Wordfence will receive the same protection on September 9, 2023.

If you know someone who uses this plugin on their site, we recommend sharing this advisory with them to ensure their site remains secure, as this vulnerability poses a significant risk.

For security researchers looking to disclose vulnerabilities responsibly and obtain a CVE ID, you can submit your findings to Wordfence Intelligence (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9p43l5QzW69sMD-6lZ3mZW8WBq193KdND7W1JRPz08pC5rwVlWP-L9hyRx8W51wx702FGrz4W8JNF0t6tVLTSW7Th38W73F5FtW4VfF5t2q6vB6W90BVCF811F9nW4B5Ydg3FVrNdW7bBKsl10S3q7W25d0Pb8HvKYDW49JRlL1cjJphW1L2pDV8cS_LTN3bnn0k3xw38VSTDyJ1mxzBnW80pgL18CZbngW6QnWck7ykwYDW1fT9T02L8YJyW1MgL1x3yvn0MW6w4-Qr1PZHcqf5b5rmb04 ) and potentially earn a spot on our leaderboard (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pH3l5QzW7lCdLW6lZ3l4N3xK57Q43v6hW4qlm_274GGgZW6j6k0G686RccW1_jk0Z3-6k91W1-JbB86r9vGJW6fHQxt2wHXxXW7n9M2691f_SRW3QczSW90Rv7RW1KSFd597LsJsW1PNV838Rt0lNW5rvC9W1-MtgBW70B0Sd5mg332W1CKsv816RL4qW3VyPVx6p0kp_W5f36-P1fKD8XW3vTXm28mQfmnW4WH-f82GrkYCVJ8l8S3QY1Z0W18TyLS7rNxg3W48bHQP5sgSCGW2RLKzr929jNKV2B7206PKVrvW65G6kH5y0dqCW52g_YP219m6sdrJfVv04 ) .

The Full Product Lineup:

wf-stacked-free-1 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9p43l5QzW69sMD-6lZ3lMN1BR5LbctymcN2B1-sPW93W7W3PnmFM3s8VgSW6xt6WK6sc-1TW1HBQwL3wRtqJT46Z12YtxfXW1vmft22P9wFkW4Vqkf55cJYC3W2rwLmP1p0Zg3W5bhH6Z7zSSDzW323jG430RtLFVW16cz1t6QLnW3cWwXM404sSNW4DLGwL8pmfHHW5_9QwT6DXxtCW6bH2K54C5N8xW82FH-C45qc_PW6P7VF52F8PW4W5-YC228-LrvRW47WRGG53Mn2mf3zhGx404 )

wf-stacked-premium-1 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3m5W8Hgc7R6kzpxkW3xYjVn7ZBqHqW1CsHtv6zt53LW5sMzNT7p01RzN1QMrb3s4gF9W3BdqmF8FQj-pW5FTyVz8PJ3mVW2wd0ss2Kbh9FW5v9cnq3_xHMFW5d7xD03bzrBHW2ftrmL8wnV79W54QrMF74G_2QW4TXh1X8j0YT9F1M-J6nDQYJN1gWtpP8SJ7YW3gLzFq7448j9W4SzTzt55XX5QW1sKlMj8dZpWWW699-P197VVLWW15PPlZ3cMl0rW6fbb_86Ywf-lW3p1Wbn77VQsxf9fym7Y04 )

wf-stacked-care-3 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9p43l5QzW69sMD-6lZ3lHW2przt62_fc_XN8zfsr9YGg8wW6ky_Hy7JD1blVq7hBp6N1-v4W2M22JJ8173ZpN37z79hFQ41hW4TQ7-B39-tMQW18k4k02n9TMmW2zs3lh6Q5FXrW7Tvlht7N0zPnW7v4byG1Kk0JwN6xnnCNHV3QSW8Ptpb35n8dBBN6LvbdyNrkDzW49GbKR6nmJxcW18tLBc3wdhQTW2wHPXX15sXqnW5CtB-S89HQBWW1ZHdx96TbJf_W15rLFy7SjDZPf5mhz3T04 )

wf-stacked-response-2 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9pn3l5QzW6N1vHY6lZ3kyVb4hKc27DFgXN1MRmZXj-TLTW22wdJK5cF3hmN3_3-TPC11d4W3JQVqD6t1s4tW3c0syt533rmXW45HTnb15Jfq2V8MfWF7XxF0jN6XQKlZhG_9CN2wt9LD6Gjf-W7rd2GQ5l_4XgW5zz8_B1rX1cjW3GTx2g4CTQrlW34QglJ3fxXxtW33G7_D9b23SnMHqBgxyHjWjW8-C3396byQZBMtczHl9klhkW36LsrN8Qn25ZW4ytb4W4L7LrcW8_MMgR6lfVWNW2LR4sx3BM0ljf1mR-PH04 )

wf-logo-intelligence-h-800 (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9p43l5QzW69sMD-6lZ3mgW5zkf417L9QZBW5q2TT93mwgnsW6S2R6q5bdvLPW99nvV65673yyW8vM9B39lLcmBMp_KHMLLdH4W5qB9zV5zqv_5W6LzcRx3_ZY7zW5M9fM_2fG8x3W4dKj-r8_BxYxN87wLh7cxyndW6X21z57kFcN7W3hJZRw1h7dvVW4vZTGr61hGjZW9fyc6k6qt-NqN5XwlpbxbFwVW7fNLz451nf97W4yzqg72sjJ4SW2GZF6g7YzcnWW5Q7zrl749Jpzf4zHxWW04 )

logo-defiant (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/MW0QG4TlXGTW27Jhdp5MSLb2W3mxgk352wHV7M_h9nP3l5QzW5BW0B06lZ3l3W8cc6sv2F1lrhW73NLnX3D5GkjW4j4Kpt7YX9RPW6qb7xw214f3LW2xThq05yng2DW6SG07J3GCGyhW92WMzg33y0V6W95KyKh3YJ877W4Ssmc116Fg5WW8Gsfh_6v_pFYW8TmHmy1D1HvjN5vd99FpzNTQVljyxB4JDGKSW4Lc2zq3Y4zt7W24R0cQ5vfBMlW2SN2lB5tkVd-W8tTL514p3929W9gJTMs701KgZf46PNsx04 )

Defiant, Inc., 1700 Westlake Ave N STE 200, Seattle, WA 98109, United States

Unsubscribe (https://email.wordfence.com/hs/manage-preferences/unsubscribe-all?languagePreference=en&d=Vn8Pp4892TtnVsxx1M3JN_XyW41Rcn-4h29fmN6J4V3WmWcP4W8mHLrY6zdJx6V25wtz6chPPKW57-JcF5HZJd8N5W2nWt1yf0NW2_Y3t47kNCbxW2NDm021jtY9Wn5sc9hh173&v=3&_hsenc=p2ANqtz--55Ys5SvrXbG7GZdEy0P0xW5r2OR49Qzut7mHrySWCvOf6Rt8Mb0XxANkKWOdt5E80lz-gocFV1EbyEdaVVuWnRrekZw&_hsmi=271261645 )

Manage preferences (https://email.wordfence.com/hs/manage-preferences/unsubscribe?languagePreference=en&d=Vn8Pp4892TtnVsxx1M3JN_XyW41Rcn-4h29fmN6J4V3WmWcP4W8mHLrY6zdJx6V25wtz6chPPKW57-JcF5HZJd8N5W2nWt1yf0NW2_Y3t47kNCbxW2NDm021jtY9Wn5sc9hh173&v=3&_hsenc=p2ANqtz--55Ys5SvrXbG7GZdEy0P0xW5r2OR49Qzut7mHrySWCvOf6Rt8Mb0XxANkKWOdt5E80lz-gocFV1EbyEdaVVuWnRrekZw&_hsmi=271261645 )

You're receiving this email because you signed up to the Wordfence WordPress security mailing list.
Received on Tue Aug 22 2023 - 16:09:11 CEST

This archive was generated by hypermail 2.3.0 : Tue Aug 22 2023 - 16:12:54 CEST