Vulnerable Plugins

Nine disclosures since last week, with four issues unfixed. Additionally, Ninja Forms has released version 3.3.14 which addresses the CSV Injection vulnerability disclosed last week.

View this week’s vulnerable plugins list.

Other Security News

Joomla! released version 3.8.12 which addressed three security issues: potential file upload vulnerability, store cross-site scripting vulnerability, and an ACL Violation in custom fields.

Packagist, the PHP ecosystem’s largest package repository, patched a critical Remote Code Execution on their website.

Paul Gilzow

Programmer Analyst, University of Missouri@gilzowhttp://missouri.edu/

Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to WPCampus mailing list

* indicates required

Sign-up to receive email updates about the WPCampus community and conferences.