Here is what we have been doing to keep your website secure from WordPress plugin vulnerabilities this week:

Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins

• Local file inclusion (LFI) vulnerability in Spicy Blogroll, discovered by Ahlspiess

Additional Vulnerabilities Added This Week

• Reflected cross-site scripting (XSS) vulnerability in Fluid Responsive Slideshow, discovered by Jouko Pynnönen
• Cross-site request forgery (CSRF)/post modification vulnerability in Fluid Responsive Slideshow, discovered by Jouko Pynnönen
• Authenticated post modification vulnerability in Fluid Responsive Slideshow, discovered by Jouko Pynnönen
• Authenticated information disclosure vulnerability in Caldera Forms, discovered by Wordfence
• Authenticated settings change vulnerability in WP Fastest Cache, discovered by Wordfence
• Authenticated local file inclusion vulnerability in WP Fastest Cache, discovered by Wordfence
• Persistent cross-site scripting (XSS) vulnerability in Jetpack, discovered by Sucuri