WordPress Vulnerability Roundup: February , Part 1

WordPress Vulnerability Roundup: February 2020, Part 1

New WordPress plugin and theme vulnerabilities were disclosed during the first half of February, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website.

The WordPress Vulnerability Roundup is divided into four different categories:

  1. WordPress core
  2. WordPress plugins
  3. WordPress themes

WordPress Core Vulnerabilities

There haven’t been any disclosed WordPress vulnerabilities in 2020.

WordPress Plugin Vulnerabilities

Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested action below to update the plugin or completely uninstall it.

1. Elementor Page Builder

The vulnerabilities have been patched, so you should update to version 2.8.5.

2. Strong Testimonials

Strong Testimonials Logo

The vulnerabilities have been patched, so you should update to version 2.40.0.

3. Portfolio Filter Gallery

Portfolio Filter Gallery Logo

Portfolio Filter Gallery versions 1.1.2 and below have a Cross-Site Request Forgery vulnerability that can lead to a Reflected XSS attack.

The vulnerabilities have been patched, so you should update to version 1.1.3.

4. Tutor LMS

WordPress Vulnerability Roundup: February 2020, Part 1 1

[…]

 



This article was written by Michael Moore and originally published on WordPress News and Updates from iThemes – iThemes.

Disclosure: Some of the links in this post are "affiliate links." This means if you click on the link and purchase the product, We may receive an affiliate commission.

Leave a Comment

You have to agree to the comment policy.

Show Your ❤️ Love! Like Us
Scroll to Top