WP News Desk

Your WordPress News Dashboard

Category

Vulnerabilities

Open Redirect Vulnerability Patched In Bridge Theme - Wordfence Blog

Description: Open RedirectCVSS v3.0 Score: 7.1 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LAffected Software: Two built-in plugins packaged with the Bridge theme – Qode Instagram Widget and Qode Twitter FeedPlugin Slugs: qode-instagram-widget, qode-twitter-feedAffected Versions: Bridge Theme: 18.2 / Plugins: 2.0.1Patched Version: Bridge Theme: 18.2.1… Continue Reading →

Medium Severity Vulnerability Patched in Fast Velocity Minify Plugin - Wordfence Blog

Description: Full Path DisclosureCVSS v3.0 Score: 4.3 (Medium)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NAffected Plugin: Fast Velocity MinifyPlugin Slug: fast-velocity-minifyAffected Versions: <= 2.7.6Patched Version: 2.7.7 A few days ago, our Threat Intelligence team identified a vulnerability present in Fast Velocity Minify, a WordPress… Continue Reading →

Authentication Bypass Vulnerability in GiveWP Plugin - Wordfence Blog

Description: Authentication Bypass with Information DisclosureCVSS v3.0 Score: 7.5 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAffected Plugin: GiveWPPlugin Slug: giveAffected Versions: <= 2.5.4Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over… Continue Reading →

Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild - Wordfence Blog

Description: XSS Via Unauthenticated Plugin Options UpdateAffected Plugin: Rich ReviewsAffected Versions: <= 1.7.4CVSS Score: 8.3 (High)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L The Wordfence Threat Intelligence team is tracking a series of attacks against an unpatched vulnerability in the Rich Reviews plugin for WordPress. The… Continue Reading →

The WordPress 5.2.3 Security Release Unpacked - Wordfence Blog

WordPress core version 5.2.3 has just been released. This is a security release which contains several fixes. I’m going to detail each of them below and unpack what each fix means and add any additional info that may be relevant. Seven… Continue Reading →

© 2019 WP News Desk — Powered by WordPress and WP RSS Aggregator | Hosted by WP Engine

Up ↑