Vulnerabilities Digest: June 2020

Highlights for June 2020

  • Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding user input data sanitization.
  • Massive local file inclusion (LFI) attempts have been discovered attempting to harvest WordPress and Magento credentials.
  • Attackers continue to target old plugins with known vulnerabilities in an ongoing malware campaign targeting WordPress websites.

Continue reading Vulnerabilities Digest: June 2020 at Sucuri Blog.

More great articles

Severe Vulnerabilities Patched in NextGen Gallery Affect over 800,000 WordPress Sites

On December 14, 2020, the Wordfence Threat Intelligence team finished researching two Cross-Site Request Forgery (CSRF) vulnerabilities in NextGen Gallery,…

Read Story

Eleven Vulnerabilities Patched in Royal Elementor Addons

On December 23, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of 11 vulnerabilities…

Read Story

WordPress Core 6.0.2 Security & Maintenance Release – What You Need to Know

On August 30, 2022, the WordPress core team released WordPress version 6.0.2, which contains patches for 3 vulnerabilities, including a…

Read Story

Emergency WordPress Help

One of our techs will get back to you within minutes.