SEOFAQ Telegram, маркетинг и SEO Канал SEOFAQT в мессенджере Telegram

Все чатыУязвимости, обнаруженные в плагинах WordPress c 21 по 25 марта 2022

 8  


Уязвимости, обнаруженные в плагинах WordPress c 21 по 25 марта 2022

Обновите или замените плагины:

❖ "Safe SVG" в версии <= 1.9.9 - SVG Sanitization Bypass vulnerability

❖ "KODO Qiniu" в версии <= 1.2.5 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Daily Prayer Time" в версии <= 2021.10.29 - Unauthenticated SQL Injection (SQLi) vulnerability

❖ "Hummingbird" в версии <= 3.3.1 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Product Table for WooCommerce" в версии <= 3.1.1 - Unauthenticated Arbitrary Function Call vulnerability

❖ "Ad Injection" в версии <= 1. 2.0.19 - Stored CrossSite Scripting (XSS) & RCE vulnerabilities

❖ "Amministrazione Aperta" в версии <= 3.7.3 - Local File Inclusion (LFI) vulnerability

❖ "Simple Event Planner" в версии <= 1.5.4 - Authenticated Stored CrossSite Scripting (XSS) vulnerability

❖ "Simple Event Planner" в версии <= 1.5.4 - Multiple Authenticated Persistent CrossSite Scripting (XSS) vulnerabilities

❖ "Ninja Forms" в версии <= 3.6.7 - Unauthenticated Email Address Disclosure vulnerability

❖ "Loco Translate" в версии <= 2.6.0 - Authenticated Stored CrossSite Scripting (XSS) vulnerability

❖ "GS Variation Swatches for WooCommerce" в версии <= 1.5.0 - Reflected CrossSite Scripting (XSS) vulnerability

❖ "WP Downgrade" в версии <= 1.2.2 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Easy Social Icons" в версии <= 3.2.0 - Unauthenticated Arbitrary Icon Deletion vulnerability

❖ "Easy Social Icons" в версии <= 3.2.0 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Favicon" в версии <= 1.3.22 - Reflected CrossSite Scripting (XSS) vulnerability

❖ "WPvivid Backup and Migration" в версии <= 0.9.69 - Reflected CrossSite Scripting (XSS) vulnerability

❖ "Podcast Importer SecondLine" в версии <= 1.3.7 - SQL Injection (SQLi) vulnerability

❖ "Easy Smooth Scroll Links – Smooth Scrolling Anchor" в версии <= 2.23.0 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Yoo Slider" в версии <= 2.0.0 - CrossSite Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete

❖ "Yoo Slider" в версии <= 2.0.0 - Stored CrossSite Scripting (XSS) vulnerability

❖ "Quick Adsense" в версии <= 2.8.1 - Post Stats Reset vulnerability

❖ "Export All URLs" в версии <= 4.1 - Reflected CrossSite Scripting (XSS) vulnerability

Репостните список товарищу с WordPress

#DrMax #WordPress #Vulnerability

Источник новости https://t.me/drmaxseo/30...