Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Fast Velocity Minify < 2.7.7 - Full Path Disclosure
Events Manager < 5.9.6 - Stored XSS

Events Manager < 5.9.6 - Stored XSS -- fixed in version 5.9.6

All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)
Visualizer < 3.3.1 - Blind SSRF / Stored XSS

Security updates have been installed for the following plugins:

  • Visualizer < 3.3.1 - Blind SSRF -- fixed in version 3.3.1
  • Visualizer < 3.3.1 - Stored XSS -- fixed in version 3.3.1

Easy Fancybox < 1.8.18 - Authenticated Stored XSS

Easy Fancybox < 1.8.18 - Authenticated Stored XSS

All Managed WordPress sites will be updated automatically.

Ultimate FAQ < 1.8.25 - Unauthenticated Options Import/Export

Ultimate FAQ < 1.8.25 - Unauthenticated Options Import/Export

All Managed WordPress sites have been updated.

Several plugin vulnerability updates deployed

All Managed WordPress sites have recently been updated for the following plugin vulnerabilities: Advanced Custom Fields <= 5.7.10 - Unserialize of user input -- fixed in version 5.7.12 Duplicate Page <= 3.3 - Authenticated SQL Injection -- fixed in version 3.4 Give <= 2.5.0 - SQL Injection -- fixed in version 2.5.1 Search Exclude ...

Nextgen Gallery < 3.2.11 - SQL Injection

Nextgen Gallery < 3.2.11 - SQL Injection -- fixed in version 3.2.11

All Managed WordPress sites have been updated.

 

 

Bold Page Builder < 2.3.2 - Missing Access Controls

Bold Page Builder < 2.3.2 - Missing Access Controls

All Managed WordPress sites have been updated.

Custom-sidebars Plugin Vulnerabilities

2017-11-07 Custom Sidebars < 3.1.0 - CSRF -- fixed in version 3.1.0
2017-06-29 Custom Sidebars < 3.0.8.1 - CSRF  -- fixed in version 3.0.8.1
2015-01-13 Custom Sidebars 2.1.0.1 - XSS -- fixed in version 2.1.0.2

View vulnerabilities details.

All Managed WordPress sites have been updated.