Failles de sécurité Plugins WordPress semaine 20

Failles de sécurité Plugins WordPress semaine 20

Author: WP Serveur

Date: May 14, 2020 

Category: Security

WPServeur vous informe des dernières failles de sécurité plugins et thèmes WordPress connues.

Plugins WordPress :

Easy Testimonials < 3.6 - Authenticated Stored Cross-Site Scripting (XSS) Site Kit by Google < 1.8.0 - Privilege Escalation to gain Search Console Access WooCommerce < 4.1.0 - Unescaped Metadata when Duplicating Products Page Builder by SiteOrigin < 2.10.16 - CSRF to Reflected Cross-Site Scripting (XSS) Chopslider <= 3.4 - Unauthenticated Blind SQL Injection Elementor < 2.9.8 - SVG Sanitizer Bypass leading to Authenticated Stored XSS Iframe < 4.5 - Authenticated Stored Cross Site Scripting (XSS) Learnpress < 3.2.6.8 - Authenticated Time Based Blind

This is the first part of the article “Failles de sécurité Plugins WordPress semaine 20“
written by WP Serveur.