The WPCampus Blog

Vulnerable Plugins report for the week of September 13th, 2019

29 vulnerabilities this week, with 5 needing a fix (with some, possibly,  on the way). The first 3 vulnerabilities in the list are confirmations of possible vulnerabilities from last week. Search Exclude returns as last week’s fix wasn’t sufficient, LMS / VLE plugin LifterLMS has a serious vulnerability, Slimstat analytics returns for the third time […]

Vulnerable WordPress Plugins Report for the Week of August 23, 2019

Vulnerable Plugins There are eighteen issues this week, with two unfixed, and five where fixes have been committed but aren’t showing as available yet in the public repository.  The most critical this week are a Privilege Escalation vulnerability in WP Front End Profile (fix available), a CSV Injection vulnerability in Import Export WordPress Users (fix […]

Vulnerable WordPress Plugins Report for the Week of August 16, 2019

Vulnerable Plugins There are eighteen issues this week, with eight unfixed.  The most critical this week is an Arbitrary File Upload vulnerability via Cross-Site Request Forgery vulnerability in the Maintenance plugin. No fix is available as of this publishing date, and the plugin has been closed in the public repository. View this week’s vulnerable plugins […]

Vulnerable WordPress Plugins Report for the Week of August 9, 2019

Vulnerable Plugins There are eighteen issues this week, with three unfixed.  The most critical this week are Privilege Escalation vulnerabilities via Unauthenticated Option Update vulnerabilities in the Donations, Booking, Learning Courses, and Restaurant Reservations plugins (fixes available for all). View this week’s vulnerable plugins list. Other News I’m back! Huge thank you goes out to […]