WP Security bulletin – DECEMBER 2018 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 17 vulnerabilities in WordPress plugins identified and reported publicly. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your risking serious WordPress…
WordPress protection
WP Security bulletin – NOVEMBER 2018 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 12 vulnerabilities in WordPress plugins identified and reported publicly. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your risking serious WordPress…
WP Security bulletin – SEPTEMBER 2018 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 12 vulnerabilities in WordPress plugins identified and reported publicly during. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your risking serious…
At your next scheduled WordPress Maintenance, be advised for your WordPress protection about the latest vulnerabilities in WordPress plugins identified and reported publicly this month: Gwolle Guestbook Cross-Site Scripting (XSS) reported by Ryan (Dewhurst Security). During the security audit of Gwolle Guestbook plugin for WordPress CMS, a security vulnerability was…
At your next scheduled WordPress Maintenance, be advised for your WordPress protection about the latest vulnerabilities in WordPress plugins identified and reported publicly this month: Open Graph for Facebook, Google+ and Twitter Card Tags Unauthenticated Cross-Site Scripting (XSS) reported by Thomas Chauchefoin. The software does not neutralize or incorrectly neutralizes…
For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Redirection Authenticated Local File Inclusion reported by Ryan (Dewhurst Security). ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem. If you are logged in as an administrator on any site…
For your WordPress protection, be informed about the NEW UNPATCHED WordPress Core vulnerability. Publicly known since its first official report on June 26, 2018 or it’s official disclosure 7 months ago. All versions of WordPress starting with the latest 4.9.6 and below have the Authenticated Arbitrary File Deletion vulnerability. WordPress…
For your WP Security, be informed about the latest vulnerabilities in WordPress themes: BBE Theme Direct Object Reference reported by Ryan (Dewhurst Security). The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor. immediately upgrade to version 1.53 to fix the vulnerability
For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Form Maker by WD CSV Injection reported by Ryan (Dewhurst Security). Custom Forms version 1.12.20 is affected by the vulnerability Remote Command Execution using CSV Injection. This allows a public user to inject commands as a part…