Update Your Plugins – XSS Vulnerability

Today, Sucuri announced a major security advisory for a few widely used WordPress plugins. The warning has to do with “Cross-site Scripting (XSS)”, which is used in many popular plugins. All plugins affected by XSS should be updated immediately to patch the vulnerability. The initial list of plugins affected are:

• Jetpack
• WordPress SEO
• Google Analytics by Yoast
• All In one SEO
• Gravity Forms
• Multiple Plugins from Easy Digital Downloads
• UpdraftPlus
• WP-E-Commerce
• WPTouch
• Download Monitor
• Related Posts for WordPress
• My Calendar
• P3 Profiler
• Give
• Multiple iThemes products including Builder and Exchange
• Broken-Link-Checker
• Ninja Forms

Even Jetpack, a WordPress official plugin is vulnerable. All members of wpONcall are already updated and safe!