Blog: Vulnerable WordPress Plugins Report for the Week of September 21, 2018

Vulnerable Plugins

Ten disclosures since last week, with four issues unfixed, the most serious being an Authenticated Arbitrary File Upload vulnerability in Advanced Contact form 7 DB.

View this week’s vulnerable plugins list.

Other Security News

Specifics of the Remote Code Execution vulnerability in Moodle were disclosed earlier this week. The disclosure includes Proof-of-Concept code so if you haven’t updated your Moodle instance already, you need to do so as soon as possible.

Other News

In case you haven’t heard yet, today is the last day to register for the HighEdWeb 2018 conference. If you are unfamiliar, HighEdWeb is the conference for higher education professionals working in the digital space, put on by higher educations professionals working in the digital space. It’s like WPCampus, but more general.  In fact, many of the people who organize, speak at, and attend WPCampus will be at HighEdWeb.  It’s the only other conference besides WPCampus that I consider a “can’t miss.” I sincerely hope you’ll register (today! Today is the last day!) and see you in Sacramento next month!

 

Paul Gilzow

Programmer Analyst, University of Missouri@gilzowhttp://missouri.edu/

Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter.

Leave a Reply

Your email address will not be published. Required fields are marked *