Persistent Cross-Site Scripting (XSS) Vulnerabilty in WP Mail Logging
The changelog entry for the two latest versions of the WordPress plugin WP Mail Logging indicated that security issues had been addressed:
…
15
Jun
2023
Tag Archives: WP Mail Logging
24
Mar
2023
Privilege Escalation Vulnerability in WP Mail Logging
This week Patchstack claimed vaguely that a cross-site request forgery (CSRF) vulnerability had been fixed in the WordPress plugin WP Mail Logging in the most recent version of the plugin. With another claim of that type of vulnerability this week, we found they appeared to have gotten the details wrong. In this case, the changelog for the version this was supposed to have been addressed in doesn’t have any mention of a security fix. The only thing that seems like it could be a reference to that sort of thing is a claim that they removed the Redux Framework.
…
1
Dec
2017
What Happened With WordPress Plugin Vulnerabilities in November 2017
If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.
Here is what we did to keep those are already using our service secure from WordPress plugin vulnerabilities during November (and what you have been missing out on if you haven’t signed up yet): [Read more]