On June 19th, our Threat Intelligence team discovered a vulnerability present in Comments – wpDiscuz, a WordPress plugin installed on…
Read StoryOn June 12, 2020, Wordfence Threat Intelligence discovered an unauthenticated stored Cross-Site Scripting(XSS) vulnerability in TC Custom JavaScript, a WordPress…
Read StoryDuring a routine audit of WordPress plugins last december, we discovered a Stored XSS vulnerability in the very popular Elementor…
Read StoryFixed Plugins and Vulnerabilities PluginVulnerabilityPatched VersionInstalls Duplicator Arbitrary File Download 1.3.28 1000000 Modula Image Gallery Authenticated Stored XSS 2.2.5 70000…
Read StoryFixed Plugins and Vulnerabilities PluginVulnerabilityPatched VersionInstalls Cookiebot Reflected Cross-Site Scripting 3.6.1 40000 Data Tables Generator By Supsystic Authenticated Stored XSS…
Read StoryRelevant Plugins and Vulnerabilities: PluginVulnerabilityPatched VersionInstalls Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket…
Read StoryRelevant Plugins and Vulnerabilities: PluginVulnerabilityPatched VersionInstalls WP Product Review Unauthenticated Stored XSS 3.7.6 40000 Form Maker by 10Web Authenticated SQL…
Read StoryDuring a routine research audit for our Sucuri Firewall, we discovered an Unauthenticated Persistent Cross-Site Scripting (XSS) affecting 40,000+ users…
Read StoryThis is a mid-month update to our regular Monthly Vulnerability Digest, which reveals a number of new patches for disclosed…
Read StoryOn July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin…
Read Story