Roundup of February 2017 WordPress Vulnerability in WordPress Core, Plugins & Themes

WordPress Vulnerability

This is the second series in the monthly WordPress Vulnerability Roundup for 2017. This monthly WordPress Vulnerability Roundup is a collection of vulnerabilities and securities issues published by WordPress security blogs and websites that publish WordPress security news and update. It is made possible by Wpwhitesecurity. Subscribe to AdeMike to keep up-to-date with the latest happenings in the world of WordPress.

Very few WordPress Vulnerabilities was reported for WordPress Core, plugins and themes in the month of February. This month WordPress Vulnerability is relatively lower compared with January and we hope it is a sign of better things to come for the WordPress community.

 

Overview of WordPress Vulnerability in February 2017

In February 2017, 15 WordPress Plugins were found to have vulnerabilities and only one premium WordPress theme have vulnerability. We had hope it will be a sign of good thing as earlier stated but the response of the theme Developer when he was informed of the security issue made us to think otherwise. You definitely need to check it out.

Below is the complete list of all the WordPress Vulnerability in plugins and theme reported in February 2017:

 

WordPress Vulnerability in Plugins

Blind SQL Injeciton in Kama Click Counter

SQL Injection Vulnerability in NextGEN Gallery for WordPress

Multiple SQL Injection vulnerabilities in Mail Masta

Persistent Cross-Site Scripting (XSS) Vulnerability in Easy Table

Reflected Cross-Site Scripting (XSS) Vulnerability in Time Sheets

Open Redirect Vulnerability in GTranslate

CSRF and Cross-Site Scripting (XSS) Vulnerabilities in Democracy Poll

Reflected Cross-Site Scripting (XSS) Vulnerability in Time Sheets

Open Redirect Vulnerability in GTranslate

Local File Inclusion (LFI) Vulnerability in Posts in Page

Arbitrary File Upload Vulnerability in Web Tripwire

Persistent Cross-Site Scripting (XSS) Vulnerability in XO Security

Arbitrary File Upload Vulnerability in SpamTask

Arbitrary File Upload Vulnerability in WP Simple Cart

 

WordPress Vulnerability in Themes

Unauthenticated Directory Traversal in Javo Spot Premium Theme

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply