Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Nextgen Gallery < 3.2.11 - SQL Injection

Nextgen Gallery < 3.2.11 - SQL Injection -- fixed in version 3.2.11

All Managed WordPress sites have been updated.

 

 

Bold Page Builder < 2.3.2 - Missing Access Controls

Bold Page Builder < 2.3.2 - Missing Access Controls

All Managed WordPress sites have been updated.

Custom-sidebars Plugin Vulnerabilities

2017-11-07 Custom Sidebars < 3.1.0 - CSRF -- fixed in version 3.1.0
2017-06-29 Custom Sidebars < 3.0.8.1 - CSRF  -- fixed in version 3.0.8.1
2015-01-13 Custom Sidebars 2.1.0.1 - XSS -- fixed in version 2.1.0.2

View vulnerabilities details.

All Managed WordPress sites have been updated.

Import Export WordPress Users < 1.3.2 - CSV Injection

Import Export WordPress Users < 1.3.2 - CSV Injection

All Managed WordPress sites have been updated.

Woocommerce Gateway Paypal Express Checkout <= 1.6.8

Woocommerce Gateway Paypal Express Checkout <= 1.6.8 - Parameter Tampering -- fixed in version 1.6.9

All Managed WordPress sites have been updated.

The Events Calendar < 4.8.2 - XSS

The Events Calendar < 4.8.2 - XSS

All Managed WordPress sites have been updated.

Meta-box Plugin Vulnerabilities

2019-02-02 Meta Box < 4.16.3 - Unauthorised File Deletion -- fixed in version 4.16.3

2019-02-01 Meta Box < 4.16.2 - Mishandled Uploaded Files -- fixed in version 4.16.2

All Managed WordPress sites have been updated.

Ultimate-member Plugin Vulnerabilities
Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Multiple Issues

Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Multiple Issues

All Managed WordPress sites will be updated automatically.

Login Or Logout Menu Item <= 1.1.1 - Unauthenticated Options Change

Login Or Logout Menu Item <= 1.1.1 - Unauthenticated Options Change

All Managed WordPress sites have been updated.