Avada WordPress Theme fixed multiple vulnerabilities.
Avada WordPress Theme (600,000 installations) fixed multiple critical vulnerabilities affecting version 6.2.2 and below.
The Ninja Technologies Network
Avada WordPress Theme (600,000 installations) fixed multiple critical vulnerabilities affecting version 6.2.2 and below.
The WordPress GDPR Cookie Consent plugin, which has 700,000+ active installations, fixed a vulnerability affecting version 1.8.2 and below that could lead to authenticated stored XSS and privilege escalation.
The WordPress IgniteUp/Coming Soon and Maintenance Mode plugin, which has 30,000+ active installations, was prone to multiple vulnerabilities in version 3.4 and below that could lead to arbitrary file deletion, stored XSS, information disclosure, HTML injection in email and CSRF, among a few other issues.
The WordPress GiveWP plugin, which has 70,000+ active installations, fixed several vulnerabilities affecting version 2.5.9 and below.
The WordPress Lara Google Analytics plugin, which has 20,000+ active installations, was prone to an authenticated stored XSS vulnerability.