WordPress latest security fixes.

The latest security fixes in WordPress themes and plugins:


May 22, 2019

Woocommerce User Email Verification

WordPress “Woocommerce User Email Verification” plugin (6,000+ installations) fixed vulnerability. Update to v3.4.0.


May 21, 2019

Chaty

WordPress “Chaty” plugin (6,000+ installations) fixed security issues. Update to v2.0.6.


May 20, 2019

Slimstat Analytics

WordPress “Slimstat Analytics” plugin (100,000+ installations) fixed potential XSS vulnerability. Update to v4.8.1.

Sticky Menu on Scroll – myStickymenu

WordPress “Sticky Menu on Scroll – myStickymenu” plugin (60,000+ installations) fixed security issue. Update to v2.1.5.

WP Maintenance Mode

WordPress “WP Maintenance Mode” plugin (600,000+ installations) fixed potential XSS vulnerability. Upgrade to v2.2.4.


May 18. 2019

SAML SP Single Sign On

WordPress “SAML SP Single Sign On” plugin (3,000+ active installations) fixed -again- several vulnerabilities. Update to v4.8.73.


May 17, 2019

Live Chat with Facebook Messenger

WordPress “Live Chat with Facebook Messenger” plugin (30,000+ active installations) fixed strored XSS vulnerability. Update to 1.4.5.

[vulnerability disclosure]

WP Live Chat Support

WordPress “WP Live Chat Support” plugin (60,000+ active installations) fixed critical vulnerabilities. Update to 8.0.28.

[vulnerability disclosure]


May 16, 2019

FV Flowplayer Video Player

WordPress “FV Flowplayer Video Player” plugin (40,000+ active installations) fixed 2 new vulnerabilities. Update to v7.3.15.727.

SAML SP Single Sign On

WordPress “SAML SP Single Sign On” plugin (3,000+ active installations) fixed CSRF vulnerability. Update to v4.8.71.


May 15, 2019

WP Live Chat Support

WordPress “WP Live Chat Support” plugin (60,000+ active installations) fixed several vulnerabilities. Update to 8.0.27.


May 14, 2019

Give – Donation Plugin and Fundraising Platform

WordPress “Give – Donation Plugin and Fundraising Platform” plugin (60,000+ installs) fixed minor XSS vulnerability. Update to v2.4.7.

FV Flowplayer Video Player

WordPress “FV Flowplayer Video Player” plugin (40,000+ active installations) fixed XSS vulnerability. Update to v7.3.13.727.


May 13, 2019

Photo Gallery by 10Web

WordPress “Photo Gallery by 10Web” plugin (300,000+ active installations) fixed authenticated stored XSS. Update to 1.5.23.


May 08, 2019

Register IPs

WordPress “Register IPs” plugin (3,000+ installs) fixed stored XSS vulnerability. Update to 1.8.1.


May 07, 2019

WP Booking System

WordPress “WP Booking System” plugin (9,000+ installs) fixed SQLi vulnerability. Update to 1.5.2.


May 02, 2019

All-in-One Event Calendar

WordPress “All-in-One Event Calendar” plugin (100,000+ installs) fixed XSS vulnerability. Update to version 2.5.39.


May 01, 2019

Shortlinks by Pretty Links

WordPress “Shortlinks by Pretty Links” plugin (200,000+ installs) just a security issue. Update to v2.1.9.


April 23, 2019

WP Job Manager

WordPress “WP Job Manager” plugin (100,000+ active installations) fixed a minor security issue. Update to 1.32.3.


April 19, 2019

A2 Optimized WP

WordPress “A2 Optimized WP” plugin (40,000+ active installations) just fixed a security issue. Update to 2.0.10.9.