--> Major WordPress Plugins Making Websites Vulnerable | Experience Lab - Online business creation and development guide for bloggers and startups

Major WordPress Plugins Making Websites Vulnerable

Are you using WordPress to run one of your websites? If yes, then you need to read through. According to a latest warning by a security comp...




Vulnerable WordPress Plugins


Are you using WordPress to run one of your websites? If yes, then you need to read through. According to a latest warning by a security company, a number of WordPress plugins are vulnerable to a security flaw, which could compromise your website and leave it open for malicious attacks. These are some of the major plugins that you are likely to have installed on your websites. If so, then immediate action is required!


The warning was issued by WordPress Security watchdogs Sucuri. According to them, this is a major security flaw that is shared by many WordPress plugins, some of which are quite popular. According to them;




“Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress.”





Apparently, the problem was that the official WordPress Official Documentation for these functions was not very clear, which led to many plugin developers using them in an insecure way.




To date, this is the list of affected plugins:



  • Jetpack

  • WordPress SEO

  • Google Analytics by Yoast

  • All In one SEO

  • Gravity Forms

  • Multiple Plugins from Easy Digital Downloads

  • UpdraftPlus

  • WP-E-Commerce

  • WPTouch

  • Download Monitor

  • Related Posts for WordPress

  • My Calendar

  • P3 Profiler

  • Give

  • Multiple iThemes products including Builder and Exchange

  • Broken-Link-Checker

  • Ninja Forms




As you can see, some of these plugins are very popular and used by millions of websites. If you use any of the above plugins, it’s recommended that you update them immediately.







This vulnerability was initially discovered last week, which has allowed for time for the flaws to be patched. Sucuri reports that all plugins have been patched, and as of this morning updates should be available to all users.







As an additional caution, plugins beyond what’s listed above may be vulnerable to the same security flaw, and have just not been detected yet. With that in mind, it’s best to keep all of your plugins updated just in case.





Stay safe :)


COMMENTS

Name

Affiliate Marketing,12,Announcement,34,Bing,9,Bitcoin,38,blog,7,Blogger Resources,42,Blogger Templates,4,blogger tricks,156,Blogging ethics,70,Blogging tips,198,Bugs and Errors,34,Business,9,Copyright Violation,9,CSS and HTMLTricks,95,Designs,8,drop down menu,7,eBook,12,Email Marketing,7,Events,30,Facebook,30,Facebook tricks,49,Google,157,Google AdSense,42,Google Analytics,7,Google Plus,51,Google Plus Tricks,38,Guest Posts,112,home,2,How To,77,Internet,1,JSON Feeds,25,Kitchen Recipes,2,Label Based Sitemap Themes,1,Make Money Online,108,Marketing,16,MBT Blogger Templates,7,Menus,1,News,146,Pages,1,Posts,10,presentations,15,Responsive,10,Reviews,7,SEO,307,Settings,6,Shortcode,15,Sitemap Themes,1,Social Media,155,Technology,7,Templates,1,Tips,2,Tools,1,Traffic Tips,80,Video,19,Web Designing,62,web hosting,18,Webmaster Tools,97,Widgets,199,wordpress,26,
ltr
item
Experience Lab - Online business creation and development guide for bloggers and startups: Major WordPress Plugins Making Websites Vulnerable
Major WordPress Plugins Making Websites Vulnerable
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhye7A_ntB7NdPsjakBYThvNnb1LrEaixL2ZeF6Z0LrCV70k2mvwmB4FhtAGT_LnOCZuKqBoL5hFPhPcbl4A28QfZkZpxTU2E833Njk-s5qJtqBQ24rkv1mzUdk1VFPhTHmodBn3VpyOyPM/s1600/wp+plugins.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhye7A_ntB7NdPsjakBYThvNnb1LrEaixL2ZeF6Z0LrCV70k2mvwmB4FhtAGT_LnOCZuKqBoL5hFPhPcbl4A28QfZkZpxTU2E833Njk-s5qJtqBQ24rkv1mzUdk1VFPhTHmodBn3VpyOyPM/s72-c/wp+plugins.jpg
Experience Lab - Online business creation and development guide for bloggers and startups
https://www.experiencelab.info/2015/04/major-wordpress-plugins-making-websites.html
https://www.experiencelab.info/
https://www.experiencelab.info/
https://www.experiencelab.info/2015/04/major-wordpress-plugins-making-websites.html
true
2959477579779989044
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy