Global CyberSecurity

Vulnerabilities Digest: July 2020

0

Published on 08/03/2020 – Last Updated on 08/03/2020 by OTC

Relevant Plugins and Vulnerabilities:

Plugin
Vulnerability
Patched Version
Installs

Asset CleanUp: Page Speed
Authenticated XSS
1.4.6.7
80000

Quiz And Survey Master
Authenticated Stored XSS
7.0.0
30000

Comments – wpDiscuz 7.0.0 –
Arbitrary File Upload
7.0.5
70000

Real Estate 7
Reflected XSS
3.0.4
8000

CarePlus
Reflected XSS

5000

WooCommerce Subscriptions
Unauthenticated Stored XSS
2.6.3
10000

Careerfy
Reflected XSS
4.4.0
2300

JobSearch
Reflected XSS
1.5.6
1300

TC Custom JavaScript
Unauthenticated Stored XSS
1.2.2
10000

Email Subscribers & Newsletters
Authenticated SQL injection
4.5.1
100000

WP-Live Chat by 3CX
Authenticated Stored XSS
8.2.0
50000

InJob
Reflected XSS
3.4.1
1880

Travel Booking
Unauthenticated SQL Injection
2.8.4
8000

Travel Booking
Unauthenticated XSS
2.8.4
8000

Monalisa
Reflected XSS
2.1.3
600

Adning Advertising
Arbitrary File Upload
1.5.6
8000

Security & Malware scan
Security Nonce Leak
2.51
5000

Testimonials Widget
Authenticated Stored XSS

30000

Highlights for July 2020:

  • Cross site scripting is still the most common vulnerability in WordPress Plugins.

Continue reading Vulnerabilities Digest: July 2020 at Sucuri Blog.

Scar-H PR SCAR-H TPR 7.62mm Tactical Precision Rifle Marksman sniper technical review FN Herstal

Previous article

Hellenic Navy commissions 6th Super Vita-class fast attacking crafts 1′ Defense Breaking News

Next article

You may also like

Comments

Comments are closed.