Blog: Vulnerable WordPress Plugins Report for the Week of August 31, 2018

Vulnerable Plugins

Nine disclosures since last week, with four issues unfixed. Additionally, Ninja Forms has released version 3.3.14 which addresses the CSV Injection vulnerability disclosed last week.

View this week’s vulnerable plugins list.

Other Security News

Joomla! released version 3.8.12 which addressed three security issues: potential file upload vulnerability, store cross-site scripting vulnerability, and an ACL Violation in custom fields.

Packagist, the PHP ecosystem’s largest package repository, patched a critical Remote Code Execution on their website.

Paul Gilzow

Programmer Analyst, University of Missouri@gilzow

Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Login to WordPress