Nope, today is not friday (sorry). I’m going to be out-of-town tomorrow so I’m doing this week’s report a day early. I’ll also be out next week; as such, there will be no report next week on the 21st. If there are numerous disclosures while I’m out, I’ll do a report shortly after I […]
The WPCampus Blog
Vulnerable Plugins Only four plugins with disclosed vulnerabilities this week, none of which remain unpatched! That’s the fewest number of disclosures in a week since I started doing this report. You’ll notice WP Statistics made a repeat appearance after being on last week’s report for a SQL Injection vulnerability. This week’s appearance is due to an Authenticated […]
Vulnerable Plugins Eight plugins with disclosed vulnerabilities this week, five of which remain unpatched. The most serious is FormCraft which contains two unfixed SQL Injection vulnerabilities. The packetstorm post mentions the vulnerability being in “FormCraft Basic” but that the plugin directory for google dorking is “formcraft”. The version in the public repository definitely contains the vulnerability, […]
Vulnerable Plugins This week’s list is probably one of the shortest since I started doing these reports: only 6 plugins, with 3 having unfixed vulnerabilities. Unfortunately, one of them is a repeat offender: Photo Gallery by WD, which made an appearance in the May 5, 2017 report for a SQL Injection vulnerability. This time around, […]
Introduction The weekly list is a collection of plugins and/or themes that have had vulnerabilities disclosed within the last week. I’ve historically created these weekly vulnerable plugin reports for the WordPress admins at the University of Missouri campus as a way to help them identify plugins and themes that need to be updated quickly. I began […]
Subscribe to WPCampus updates
You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By clicking to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices.