WordPress Vulnerabilities 2021 week 23 via Patchstack

Author: Julio Potier

Date: June 14, 2021 

Category: Ecommerce, Maintenance, Plugin development, Security

Vulnerabilities discovered in plugins, themes and WordPress Core from june 2021, 07th to 13th Stripe Payment Gateway for WooCommerce

Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress Stripe Payment Gateway for WooCommerce plugin (versions = 3.5.9).

WP Hardening

Reflected Cross-Site Scripting (XSS) vulnerability discovered by dc11 in WordPress WP Hardening plugin (versions = 1.2.1).

Comments Like Dislike

Repeated Voting Restriction Bypass vulnerability discovered by Phu Tran in WordPress Comments Like Dislike plugin (versions = 1.1.3).

Recently

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Yu Iwama of Secure Sky Technology Inc. and the JPCERT/CC Vulnerability Coordination Group in WordPress Recently