Failles de sécurité Plugins WordPress semaine 08

Failles de sécurité Plugins WordPress semaine 08

Author: WP Serveur

Date: February 20, 2020 

Category: Security

WPServeur vous informe des dernières failles de sécurité plugins et thèmes WordPress connues.

Plugins WordPress :

Duplicator < 1.3.28 - Unauthenticated Arbitrary File Download MAJ AUTO chez WPServeur Modula Image Gallery < 2.2.5 - Authenticated Stored Cross-Site Scripting (XSS) Easy Property Listings < 3.4 - Cross-Site Request Forgery (CSRF) ThemeREX Addons - Remote Code Execution (0day, Being Exploited) wpCentral < 1.5.1 - Improper Access Control to Privilege Escalation Popup Builder < 3.0 - SQL injection via PHP Deserialization ThemeGrill Demo Importer < 1.6.3 - Auth Bypass & Database Wipe GDPR Cookie Consent < 1.8.3 - Improper Access Controls Ultimate Membership

This is the first part of the article “Failles de sécurité Plugins WordPress semaine 08“
written by WP Serveur.