The WPCampus Blog

Vulnerable WordPress Plugins Report for the Week of June 30, 2017

Vulnerable Plugins Eight plugins with disclosed vulnerabilities this week, five of which remain unpatched. The most serious is FormCraft which contains two unfixed SQL Injection vulnerabilities.  The packetstorm post mentions the vulnerability being in “FormCraft Basic” but that the plugin directory for google dorking is “formcraft”. The version in the public repository definitely contains the vulnerability, […]