What Happened With WordPress Plugin Vulnerabilities in October 2017
If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.
01
Nov
Tag Archives: Simple Membership
If you are looking to find out about vulnerabilities in Simple Membership or another plugin you use or are looking to use, you won't find most of our data on our blog. Instead you should sign up for our service so that you get access to all of the data we have gathered, which is much more data than other sources out there will provide you. You can start using the service for free when you sign up now.
If you have a hacked website then trying to find vulnerabilities in the plugins you use is not the way to determine how the website has been backed, instead the evidence from the hack and the relevant logging should be scrutinized. Our hack cleanup service for WordPress websites includes doing that, as well as a lifetime subscription to this service.
If you are a paying customer of our service, you also have the ability to suggest/vote to have the plugin get a security review from us if it is in the Plugin Directory. You can also order a security review of the plugin done by us.
13
Oct
Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Simple Membership
This post provides the details of a vulnerability in the WordPress plugin Simple Membership not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.