The WPCampus Blog

Vulnerable WordPress Plugins Report for the week of July 7, 2017

Vulnerable Plugins Only four plugins with disclosed vulnerabilities this week, none of which remain unpatched! That’s the fewest number of disclosures in a week since I started doing this report.  You’ll notice WP Statistics made a repeat appearance after being on last week’s report for a SQL Injection vulnerability.  This week’s appearance is due to an Authenticated […]

Vulnerable WordPress Plugins Report for the Week of June 30, 2017

Vulnerable Plugins Eight plugins with disclosed vulnerabilities this week, five of which remain unpatched. The most serious is FormCraft which contains two unfixed SQL Injection vulnerabilities.  The packetstorm post mentions the vulnerability being in “FormCraft Basic” but that the plugin directory for google dorking is “formcraft”. The version in the public repository definitely contains the vulnerability, […]