WP Security Roundup

This  WP Security Roundup shows the latest WordPress vulnerabilities including Amelia, BookingPress, Paid Memberships Pro and more!   Plugin: Sensei LMS Vulnerability: Cross Site Scripting (XSS) vulnerabilityPatched Version: 4.18.0Recommended Action: Update the WordPress Sensei LMS plugin to the latest available version (at least 4.18.0).   Plugin: Ajax Load More Vulnerability:

This  WP Security Roundup shows the latest WordPress vulnerabilities including AMP for WP, WP Google Maps, SendPress Newsletters and more!   Plugin: WP Google Maps Vulnerability: Unauthenticated Stored XSS vulnerabilityPatched Version: 9.0.28Recommended Action: Update the WordPress WP Google Maps plugin to the latest available version (at least 9.0.28). Plugin: AMP

This  WP Security Roundup shows the latest WordPress vulnerabilities including Alt Manager, Custom Login, System Dashboard and more!   Plugin: Alt Manager Vulnerability: Broken Access Control vulnerabilityPatched Version: NoneRecommended Action: No patched version is available. Plugin: Custom Post Type Page Template Vulnerability: Cross Site Request Forgery (CSRF) vulnerabilityPatched Version: NoneRecommended

This  WP Security Roundup shows the latest WordPress vulnerabilities including PageLayer, Responsive Lightbox, SchedulePress and more!   Plugin: Coming soon and Maintenance mode Vulnerability: IP Filtering Bypass vulnerabilityPatched Version: NoneRecommended Action: No patched version is available. Plugin: Seraphinite Accelerator Vulnerability: Reflected Cross Site Scripting (XSS) vulnerabilityPatched Version: 2.20.29Recommended Action: Update

This  WP Security Roundup shows the latest WordPress vulnerabilities including Yoast SEO, Easy Social Icons, Stripe Payments and more! Plugin: Salient Core Vulnerability: Cross Site Scripting (XSS) vulnerabilityVulnerability: Reflected Cross Site Scripting (XSS) vulnerabilityPatched Version: 2.0.3Recommended Action: Update the WordPress Salient Core plugin to the latest available version (at least

This  WP Security Roundup shows the latest WordPress vulnerabilities including ARMember, EmbedPress, SearchIQ and more! Plugin: WP Mail Log Vulnerability: Authenticated (Editor+) SQL Injection via id vulnerabilityPatched Version: 1.1.3Recommended Action: Update the WordPress WP Mail Log plugin to the latest available version (at least 1.1.3). Plugin: Auto Affiliate Links Vulnerability:

This  WP Security Roundup shows the latest WordPress vulnerabilities including WP Event Manager, Team Members Showcase, MainWP and more!   Plugin: EasyRotator Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerabilityPatched Version: NoneRecommended Action: Deactivate and delete. This plugin has been closed as of November 10, 2023 and is not

This  WP Security Roundup shows the latest WordPress vulnerabilities including GiveWP, Layer Slider, Defender Security and more!   Plugin: WP Affiliate Disclosure Vulnerability: Broken Access Control + CSRF vulnerabilityPatched Version: 1.2.7Recommended Action: Update the WordPress WP Affiliate Disclosure plugin to the latest available version (at least 1.2.7). Plugin: ShortCodes UI

This  WP Security Roundup shows the latest WordPress vulnerabilities including LiteSpeed Cache, The Plus Addons for Elementor Pro, Slick Popup and more!   Plugin: Finale Lite Vulnerability: Arbitrary Content Deletion vulnerabilityPatched Version: NoneRecommended Action: No patched version is available. Plugin: WooODT Lite Vulnerability: Arbitrary Site Option Update vulnerabilityPatched Version: NoneRecommended