Vulnerabilities found in 301 Redirects – Easy Redirect Manager, a WordPress plugin installed on over 70,000 websites. This allowed any authenticated user, even subscribers, to
Zoho CRM Lead Magnet Plugin version 1.6.9 is vulnerable to an Authenticated Cross-Site Scripting attack. The vulnerability would allow an attacker to execute malicious code in a user’s
Broken Link Checker version 1.11.8 is vulnerable to an Authenticated Cross-Site Scripting attack. Uninstall and delete the plugin. Manage WP is not actively maintaining
All In One SEO Pack version 3.2.6 and below is vulnerable to a Stored Cross-Site Scripting attack. An attacker will need to use an authenticated user to exploit
There is a new WordPress version 5.1.1 available for community. This security and maintenance release introduces 10 fixes and enhancements, including changes designed to help
If you have a plugin called “Display Widgets” on your WordPress website, remove it immediately. The last three releases of the plugin have contained code
WordPress’s growth is impressive (28.5% and counting) but it’s not limitless — at least not in its current state. We have challenges (user frustrations with
