19 Feb 2016

Plugin Vulnerabilities Updates – Week of 2/19/2016

Plugin Vulnerabilities Added This Week

Cross-site request forgery (CSRF)/cross-site scripting (XSS) in ALO EasyMail Newsletter, discovered by Mohsen Lotfi
Authenticated arbitrary file upload in Backup Guard, discovered by James Golovich
Cross-site request forgery (CSRF) in WooCommerce – Store Exporter, discovered by James Golovich

False Vulnerability Reports

Security Issue not in Beaver Builder Lite

One thought on “Plugin Vulnerabilities Updates – Week of 2/19/2016”

Michael Visser - February 23, 2016 at 8:21 am

We released urgent Plugin updates to patch a privilege escalation vulnerability within 24 hours of notification, thanks panVagenas and jamesgol 🙂

Reply

Leave a Reply to Michael Visser Cancel reply