Here is what we have been doing to keep your website secure from WordPress plugin vulnerabilities this week:

Plugin Vulnerabilities We Helped Get Fixed This Week

• Persistent cross-site scripting (XSS) vulnerability in Total Security, discovered by us
• Settings change vulnerability in Total Security, discovered by us

Plugin Vulnerabilities Added This Week That Are In The Current Version of the Plugins

• Authenticated persistent cross-site scripting (XSS) vulnerability in Advanced Custom Fields: Table Field, discovered by dxwsecurity

Additional Vulnerabilities Added This Week

• Cross-site request forgery (CSRF)/cross-site scripting (XSS) vulnerability in WP Selected Text Sharer, discovered by bl4ck_MohajeM
• Cross-site request forgery (CSRF) vulnerability in Add From Server, discovered by Edwin Molenaar
• PHP object injection vulnerability in Ecwid Ecommerce Shopping Cart, discovered by Yorick Koster