Scroll Top

WP Security: premium theme vulnerability in February 2019

By Csaba, Miklós WP Security 11 March 2019

WP SECURITY: 2 THEME VULNERABILITIES IN JANUARY 2019

WP Security bulletin – February 2019

At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest vulnerability in a premium WordPress theme identified and reported publicly. As these vulnerabilities are disclosed, when you use one (or more) of these outdated themes (main theme, child theme) – your risking serious WordPress breaches to your site(s).

  • Newspaper
    • Cross-Site Scripting (XSS) reported by Noman Riffat.
      • WP Security recommendation: immediately upgrade to version 9.5 to fix the vulnerability.

 


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

WP Security
Do you have any concerns with WP Security? Leave your thoughts in the comments below!

Related Posts

THEMES VULNERABILITY 2022
WP Themes vulnerability AUG 2023: 67 premium risks
07 Aug 2023
THEMES VULNERABILITY 2022
WP Theme CVE JUN 2024: 27 Premium Hack risk
13 Jun 2024
THEMES VULNERABILITY 2022
WP Theme CVE JUL 2024: 59 Premium Hack risk
14 Jul 2024
LOGIN FAIL
Unable to Login into WordPress

If you are unable to login to your WordPress site, then there is a chance that hackers may have compromised your admin account from WordPress. There are some common tell-tale signs that should help you figure out if your WordPress site is compromised. Don’t panic, but this is serious! In…

31 Jul 2017
WP SECURITY
WP Security: 2 premium theme vulnerabilities in February 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress themes: Enfold Theme Rewrite Portfolio Permalink Structure & Information Disclosure reported by Dan Benton https://www.dogsbodytechnology.com/. The changelog describes two security fixes: a security issue that would allow an attacker to export your enfold [theme] settings AND a security…

05 Mar 2018
THEMES VULNERABILITY 2022
WP Themes vulnerability SEP 2022: 2 new risks
06 Sep 2022
WP SECURITY
WP SECURITY MARCH 2021 centralised abuse highlights
30 Apr 2021
WP SECURITY
WP Security: 14 plugin vulnerabilities in March 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: NextGEN Gallery BYPASS reported by Dewhurst Security. In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. immediately upgrade to version 2.2.50 to fix the vulnerability Category Order and Taxonomy Terms Order A1: Injection…

02 Apr 2018
THEMES VULNERABILITY 2022
WP Theme CVE AUG 2024: 47 Premium Hack risk
18 Aug 2024
THEMES VULNERABILITY 2022
Disempowered WP Security: 25 WP themes vulnerability APR 2022
12 Apr 2022
BLOG PICTURE 256 3
SSL vulnerability affects 33% of the web

name: DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) officially announced: March 2016 what: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the…

07 Mar 2016
THEMES VULNERABILITY 2022
WP Theme CVE JAN 2024: 15 Premium Hack risk
08 Jan 2024
SECURITY ISSUES
5 Typical WordPress Security Issues [infographic]

5 Typical WordPress Security Issues If you own a WordPress-powered website or are thinking about utilising WordPress as your CMS, you may be worried about potential WordPress Security problems. In this post, we’ll show a few of the most typical WP security vulnerabilities, in addition to actions you can require…

01 Apr 2019
WP SECURITY
Latest security concern – FEB 2017

A year ago, when DROWN hit the news (read more here: SSL vulnerability affects 33% of the web) it was covered everywhere. All websites talked about. We talked about. Our customers did not understand and they were not scared. We ran at that time a FREE check campaign to see…

15 Feb 2017
WP SECURITY PLUGIN VULNERABILITIES
19 WP Security Plugin Vulnerabilities JUN 2022 Threat
17 Jun 2022
owlpower.eu
owlpower.eu
owlpower.eu
16+ years of owlsome experience
We're on an empowering mission for website owners, who desire not to be transformed forcefully into IT experts.