Popular WordPress and plugins have been affected by one serious vulnerability XSS
WordPress has been affected by a serious vulnerability as well as many of his plugins leaving a hole of security in the Webs created with WordPress and that use some of thousand of modules affected, among them several very extended and known by all.
Idenet will solve this vulnerability with the version of urgent security that has sent WordPress in all the pages created with WordPress of its clients to the greater brevity and in case in the updates errors occur will be reviewed throughout the next weeks.
During the last week, the company of Sucuri security has worked with the equipment of security of WordPress to solve a vulnerability of cross site scripting shortage in thousands of plugins and more than a popular dozen of plugins of WordPress. The vulnerability is due to the bad use of the functions add_query_arg () and remove_query_arg ().
Plugins affected by vulnerability XSS of WordPress shortages until now, is:
- WordPress SEO
- Google Analytics by Yoast
- All In one SEO
- Gravity Forms
- Multiple Plugins from Digital Easy Downloads
- Download Monitor
- Related for Posts WordPress
- My Calendar
- P3 Profiler
- Multiple iThemes products including Builder and Exchange
- Ninja Forms
If you discover a failure or evil operation in your Web, ponte in touch with us as rapidly as possible, all the Webs lodged by Idenet have backup incremental that it allows us to rescue backup copies to 14 days.