Blog: Vulnerable WordPress Plugins Report for the Week of December 14, 2018

Vulnerable Plugins

Thirteen disclosures since last week, with three issues unfixed.

View this week’s vulnerable plugins list.

Other WordPress Security News

Version 5.0.1 was released earlier this week and corrects seven issues. If you have not upgraded to version 5.0 yet, fixes for all version back to 3.7 are available.

Other Security News

As a PSA, a new spam extortion email is making the rounds. This one is particularly troublesome as it attempts to convince the recipient that the extortionist has placed a bomb in their building. And it also appears to be targeting Universities.  If you receive the email, report it to your organization’s security team.

Version 4.8.4 of phpMyAdmin was released to address an Authenticated Local File Inclusion vulnerability.


Paul Gilzow

Programmer Analyst, University of Missouri@gilzow

Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Login to WordPress