Skip to content
From our Community Blog:

Vulnerable WordPress Plugins Report for the Week of June 14, 2019

Subscribe to Community Blog updates

Vulnerable Plugins

There are nineteen issues this week, with five unfixed.  The most critical this week are two Arbitrary File Upload vulnerabilities in Finale WooCommerce Sale Countdown (fix available) and in LionScripts IP Blocker Lite (unfixed, remove immediately) plugins, an Authenticated Arbitrary File Upload vulnerability in Shipping Servientrega Woocommerce (unfixed, remove immediately), and an Authenticated Code Execution vulnerability in Insert or Embed Articulate Content into WordPress (fix available as of June 24. 2019).

EDIT: Corrected information on Embed Articulate Content into WordPress to indicate fix available as of June 24, 2019.

View this week's vulnerable plugins list.

Login to WordPress