Here’s the latest Plugins that you should make sure are up to date.
You don’t have to worry about these listed plugins if you’re already a WP Blog Support client. All our clients have either had these plugins updated or replace on their site!
Plugin’s that are Vulnerable
According to Wordfence 2015 Update there are 3 Plugin Vulnerabilities You Should Know About. Even though it was a break for many of us over the holiday, keeping track of Hacking Risks did not take a break over. Here is a quick roundup of the most important current vulnerabilities we’re tracking and that you should be aware of:
- The popular Pods content development framework for has a XSS and CSRF vulnerability. This was fixed in version 2.5 which was released on 30 December. Please upgrade immediately. (plugin is popular with over 200,000 downloads)
- The cformsII plugin suffers from a remote code execution vulnerability via unauthorized file upload. Please upgrade immediately to version 14.8 which contains a fix if you’re using this plugin. (plugin has approximately 20,000 downloads)
- The Banner Effect Header plugin has a XSS and CSRF vulnerability . This has been fixed in version 1.2.7 so upgrade if you’re using this plugin. (plugin has approximately 20,000 downloads)
So if you have any of these plugins installed please remove or update them ASAP.
