Vulnerable plugins and themes are the main reason WordPress websites get hacked. The Weekly WordPress Vulnerabilities Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you are using one of the vulnerable plugins or themes on your website.
Each vulnerability has a severity rating of Low, Medium, High or Critical. Responsible disclosure and reporting of vulnerabilities is an integral part of keeping the WordPress community safe.
Contents of December 2021
- WordPress Hosting: GoDaddy Hacked
- WordPress Core Vulnerabilities
- WordPress Plugin Vulnerabilities
- 1. Logo Carousel
- Ni WooCommerce Custom Order Status 2.
- 3. WCFM
- 4. Everest Forms
- 5. WP Visitor Statistics (Real Time Traffic)
- 6. Kudos Donations
- 7. Icegram
- 8. Blog2Social
- 9. Paid Memberships Pro
- 10. WPFront User Role Editor
- Tickera 11.
- 12. WP Guppy
- 13. Simple JWT Login
- 14. myCRED
- Hide My WP 15.
- Awesome Support - WordPress HelpDesk & Support Plugin 16.
- Display Post Metadata 17.
- Floating Social Media Icon 18.
- Gwolle Guestbook 19. - How to Protect Your WordPress Website From Vulnerable Plugins and Themes
- Get iThemes Security Pro with 24/7 Website Security Monitoring
Author: MICHAEL MOORE
https://ithemes.com/
