New WordPress plugin and theme vulnerabilities were disclosed during the second half of February, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website.
The WordPress Vulnerability Roundup is divided into four different categories:
- WordPress core
- WordPress plugins
- WordPress themes
WordPress Core Vulnerabilities
There haven’t been any disclosed WordPress vulnerabilities in 2020.
WordPress Plugin Vulnerabilities
Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested action below to update the plugin or completely uninstall it.
1. Ninja Forms
The vulnerabilities have been patched, and you should update to version 3.4.23.
2. ThemeGrill Demo Importer
The vulnerability has been patched, and you should update to version 1.6.2.
3. SAML SP Single Sign On
The vulnerability has been patched, and you should update to version 4.8.84.