Scroll Top

WP Security: plugin vulnerabilities June

By Csaba, Miklós WP Security WP SERVICES 7 July 2017

For your WordPress protection, be informed about the latest vulnerabilities in WP plugins:

  1. All-in-One WP Migration
    • Cross-Site Scripting (XSS) reported by Twitter user @0w4ys. Immediately update to version 6.46 to fix the vulnerability.
  2. Ultimate Product Catalogue
    • Authenticated SQL Injection reported by Twitter user @log_oscon. Immediately update to version 4.2.3 to fix the vulnerability.
  3. Photo Gallery by WD – Responsive Photo Gallery for WordPress
    • Authenticated Path Traversal reported by Dewhurst Security. Immediately update to version 1.3.43 to fix the vulnerability.
  4. WordPress Download Manager
    • Authenticated Reflected Cross-Site Scripting (XSS) reported by Dewhurst Security. Immediately update to version 2.9.52 to fix the vulnerability.
  5. WP Jobs
    • Authenticated SQL Injection reported by Dewhurst Security. Immediately update to version 1.5 to fix the vulnerability.

 

Protect your WordPress: BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business!

WP Security

 

Related Posts

WP CORE VULNERABILITY 2022
3 WP Core Vulnerability APR 2022: Critical Caution
13 Apr 2022
HACKING
7 Signs Your WordPress Security is Hacked [infographic]

7 Signs Your WordPress Security is Hacked Finding yourself asking “Is my WordPress website hacked?” means you’ll seek some quick and urgent answers. In this post, we cover seven signs of infection and what to do if you find you’ve been hacked. The faster you discover the signs of a…

26 Mar 2019
THEMES VULNERABILITY 2022
WP Themes vulnerability AUG 2022: 3 new risks
16 Aug 2022
WP SECURITY PLUGIN VULNERABILITIES
WP Security Plugin CVE OCT 2023: 25 public risks
25 Oct 2023
WP SECURITY PLUGIN VULNERABILITIES
17 WP Security Plugin Vulnerabilities FEB 2023
22 Feb 2023
WORDPRESS PROTECTION
TOP 3 always ignored WordPress protection

TOP 3 always ignored WordPress protection Everybody wants what is best for them, there are no exceptions. When we’re doing on-demand cleaning services, like malware CLEANUP or undo DISASTERS (infection/hack removal); we often hired to do also a Security AUDIT to find out how this happened and do the necessary…

12 Mar 2019
THEMES VULNERABILITY 2022
WP Theme CVE NOV 2024: 18 Premium Hack risk
05 Nov 2024
WP SECURITY
WP Security: 11 plugin vulnerabilities in February 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Splashing Images Authenticated PHP Object Injection reported by Dewhurst Security. The /admin/partials/wp-splashing-admin-main.php in the wp-splashing-images plugin before 2.1.1 for WordPress allows authenticated (administrator, editor, or author) remote attackers to conduct PHP Object Injection attacks via crafted serialized…

02 Mar 2018
WP SECURITY
WP Vulnerability FEB 2022 Centralised Abuse Highlights
18 Feb 2022
THEMES VULNERABILITY 2022
WP Theme CVE SEP 2024: 42 Premium Hack risk
18 Sep 2024
WP CORE VULNERABILITY 2022
Caution: 2 WP Core Vulnerability APR 2021
18 May 2021
WP BACKUP FAIL
Never let your WP become an attack vector

What is an attack vector? An attack vector is a path or means by which a hacker gains access to your server or WordPress (or both) to execute a malicious payload. Attack vectors enable hackers to exploit system vulnerabilities, including the human element. Why the WordPress attack vector is so…

09 Feb 2017
WP SECURITY PLUGIN VULNERABILITIES
14 WP Security Plugin Vulnerabilities MAR 2022 Threat
14 Mar 2022
WP SECURITY
WP Vulnerability JAN 2023 Centralised Abuse Highlights
31 Jan 2023
THEMES VULNERABILITY 2022
WP Theme CVE JUL 2024: 59 Premium Hack risk
14 Jul 2024
owlpower.eu
owlpower.eu
owlpower.eu
16+ years of owlsome experience
We're on an empowering mission for website owners, who desire not to be transformed forcefully into IT experts.