Unauthenticated stored XSS and content spoofing vulnerabilities in WordPress WP GDPR plugin (unpatched).
The WordPress WP GDPR plugin, which has 6,000+ active installations, is prone to multiple unpatched critical vulnerabilities.
Tag: Vulnerability
WordPress Ultimate Addons for Gutenberg plugin fixed vulnerability.
The WordPress Ultimate Addons for Gutenberg plugin (200,000+ active installations) fixed an authenticated settings change vulnerability affecting version 1.14.7 and below.
Unauthenticated stored XSS vulnerability in WordPress OneTone theme (unpatched).
The WordPress OneTone theme, which has 20,000+ active installations, is prone to an unpatched and unauthenticated settings import vulnerability that could lead to multiple stored XSS.
WordPress Elementor plugin fixed Safe Mode privilege escalation vulnerability.
The WordPress Elementor plugin, which is installed on 4+ million blogs, fixed a high severity vulnerability affecting version 2.9.5 and below.
WordPress Plugins and Themes Vulnerabilities Roundup.
This post reviews WordPress themes and plugins vulnerabilities that received little to no coverage until today.