Earlier today, one of our monitoring systems alerted us that one of the WordPress plugins used our customers had possibly had a security fix released, as the changelog entry for the latest version of the Yoast SEO is:
Fixes a security issue in the post editor. [Read more]
One of the changelog entries for the latest version of the WordPress plugin Spectra is:
…
One of the changelog entries for the latest version of the WordPress plugin Enable Media ReplaceĀ is:
…
Recently we detailed a privilege escalation vulnerability that had been in the WordPress plugin iubenda after seeing a hacker probing for the plugin. It turns out the hacker might have been targeting another vulnerability in the plugin, which had been fixed alongside that vulnerability.
…
While reviewing hacking attempts against our website, we saw what looked to be an attempt to exploit an arbitrary file viewing vulnerability in the plugin Mac Doc Photogallery like this:
…
The changelog entry on the developer’s website for the latest version of the WordPress plugin Widgets for Google Reviews is:
…
The changelog for a recent version of the WordPress plugin Product Feed PRO for WooCommerce is:
…
One of the changelog entries for the latest version of the WordPress plugin PDF Invoices & Packing Slips for WooCommerce is:
…
One of the changelog entries for the latest version of the WordPress plugin Super Socializer is:
…