Plugin Vulnerabilities Updates – Week of 8/26/2016
Here is what we have been doing to keep your website secure from WordPress plugin vulnerabilities this week:
Plugin Vulnerabilities We Discovered and Publicly Disclosed This Week
Plugin Vulnerabilities We Helped Get Fixed This Week
- Persistent cross-site scripting (XSS) vulnerability in SEO Redirection, discovered by SecuBeastTeam
- Cross-site request forgery (CSRF)/cross-site scripting (XSS) vulnerability in Bad Behavior, discovered by us
- Cross-site request forgery (CSRF) vulnerability in User Activity Log, discovered by us
Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins
- Local file inclusion vulnerability in Mail Masta, discovered by Guillermo Garcia Marcos
- SQL Injection vulnerability in WordPress Zero Spam, discovered by Werner Alsemgeest
Additional Vulnerabilities Added This Week
- Cross-site request forgery (CSRF)/cross-site scripting (XSS) vulnerability in Bad Behavior, discovered by us