Update Your Plugins – XSS Vulnerability
Today, Sucuri announced a major security advisory for a few widely used WordPress plugins. The warning has to do with “Cross-site Scripting (XSS)”, which is used in many popular plugins. All plugins affected by XSS should be updated immediately to patch the vulnerability. The initial list of plugins affected are:
- Jetpack
- WordPress SEO
- Google Analytics by Yoast
- All In one SEO
- Gravity Forms
- Multiple Plugins from Easy Digital Downloads
- UpdraftPlus
- WP-E-Commerce
- WPTouch
- Download Monitor
- Related Posts for WordPress
- My Calendar
- P3 Profiler
- Give
- Multiple iThemes products including Builder and Exchange
- Broken-Link-Checker
- Ninja Forms
Even Jetpack, a WordPress official plugin is vulnerable. All members of wpONcall are already updated and safe!
Leave a Reply
Want to join the discussion?Feel free to contribute!