Critical vulnerabilities in WordPress plugins – July 2020
To ensure that your WordPress website is secure and stays that way, you need to have a security plugin.
One reason is that they report regularly on critical vulnerabilities of plugins you might use.
There are few available, although my preference goes to Wordfence.
Already this month
Adning Advertising plugin
Two vulnerabilities found in the Adning Advertising plugin, including a critical-severity flaw allowing attackers to upload backdoors onto vulnerable sites. Read more...
A Cross-Site Scripting (XSS) vulnerability affecting over 100,000 WP sites using the KingComposer plugin. This XSS vulnerability is unusual compared to our recently published vulnerabilities because it is a reflected Cross-Site Scripting vulnerability. Read more...
All in One SEO Pack plugin
A WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all posts’ page. Read more...
Always make sure you have the latest version of your plugins, make it a habit to check up on them if they need an update.
All the best,
If you find this article informative, share it with your friends or/and leave a comment below.