29 vulnerabilities this week, with 5 needing a fix (with some, possibly, on the way). The first 3 vulnerabilities in the list are confirmations of possible vulnerabilities from last week. Search Exclude returns as last week’s fix wasn’t sufficient, LMS / VLE plugin LifterLMS has a serious vulnerability, Slimstat analytics returns for the third time […]
The WPCampus Blog
26 vulnerabilities this week, with 7 needing a fix (with some, possibly, on the way). Formidable Forms appears for the fourth time in a month, so you may wish to look elsewhere. Landing Pages by SwiftCloud is still on the directory (but closed), but the latest commit has deleted everything for unknown security reasons. In […]
27 vulnerabilities this week, with 4 unfixed, but 1 being worked on. WooCommerce PayU India (PayUmoney – PayUbiz) , Instamojo for WooCommerce and DW Mega Menu are all closed and show no sign of a fix – Ovic Addon Toolkit is closed, but is being worked on. It is an arbitrary file deletion vulnerability, so […]
Vulnerable Plugins There are eighteen issues this week, with two unfixed, and five where fixes have been committed but aren’t showing as available yet in the public repository. The most critical this week are a Privilege Escalation vulnerability in WP Front End Profile (fix available), a CSV Injection vulnerability in Import Export WordPress Users (fix […]
Vulnerable Plugins There are eighteen issues this week, with eight unfixed. The most critical this week is an Arbitrary File Upload vulnerability via Cross-Site Request Forgery vulnerability in the Maintenance plugin. No fix is available as of this publishing date, and the plugin has been closed in the public repository. View this week’s vulnerable plugins […]
Vulnerable Plugins There are eighteen issues this week, with three unfixed. The most critical this week are Privilege Escalation vulnerabilities via Unauthenticated Option Update vulnerabilities in the Donations, Booking, Learning Courses, and Restaurant Reservations plugins (fixes available for all). View this week’s vulnerable plugins list. Other News I’m back! Huge thank you goes out to […]
23 vulnerabilities this week, with 9 unfixed (some are commercial plugins where a change log isn’t easily available, some are dot org plugins are being worked on – see the notes column for more) View this week’s vulnerable plugins list
27 vulnerabilities this week (which means so far in july we’ve had 105 issues), with 4 unfixed. It’s bad week for cache plugins, with WP Super Cache, WP fastest cache and breeze all having fixes. View this week’s vulnerable plugins list The WPCampus 2019 conference is currently happening! Check out the schedule for lots of […]
Our thanks to Funnelback, HelpJet, Milepost 42, and Sticker Mule for supporting WPCampus 2019.
Our thanks to ACF, DragonTeach, elearningfreak, Happy Prime, LearnDash, Pgogy Webstuff, Platform.sh, and SMILE for supporting WPCampus 2019.