Blog: Vulnerable WordPress Plugins Report for the Week of April 26, 2019

Vulnerable Plugins

There are nine issues this week, with five unfixed.  The two most critical are an Arbitrary File Upload vulnerability in the WooCommerce Checkout Manager plugin (closed in public repository) and an Authenticated Arbitrary Options Update in Free Adwords Campaigner plugin (also closed in the public repository). You should remove both plugins immediately until fixed versions become available.

View this week’s vulnerable plugins list.

Again, want to give a giant “thank you” to Pat Lockley for helping me compile this week’s list!


Paul Gilzow

Programmer Analyst, University of Missouri@gilzow

Web application security and accessibility evangelist. Software instructor. Conference lecturer and presenter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Login to WordPress