NEWS
WordPress Vulnerabilities Digest - March 2021 Part 1
The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes.
WordPress Core Vulnerabilities
No new WordPress core vulnerabilities have been disclosed this month.
WordPress Plugin Vulnerabilities
1. Under Construction, Coming Soon & Maintenance Mode
Vulnerability: Reflected Cross-Site Scripting Patched in Version: 1.1.2 Severity: Medium
2. Abandoned Cart Lite for WooCommerce
Vulnerability: CSRF Nonce Bypasses Patched in Version: 5.8.6 Severity: Medium
3. Forminator
Vulnerability: CSRF Nonce Bypasses Patched in Version: 1.14.8.1 Severity: Medium
4. Dokan
Vulnerability: CSRF Nonce Bypasses Patched in Version: 3.2.1 Severity: Medium
5. Defender Security
Vulnerability: CSRF Nonce Bypasses Patched in Version: 2.4.6.1 Severity: Medium
6. Style Kits
Vulnerability: CSRF Nonce Bypasses Patched in Version: 1.8.1 Severity: Medium
7. WP ERP
Vulnerability: CSRF Nonce Bypasses Patched in Version: 1.7.5 Severity: Medium
8. WP Project Manager
Vulnerability: CSRF Nonce Bypasses Patched in Version: 2.4.10 Severity: Medium
9. WP Travel
Vulnerability: CSRF Nonce Bypasses Patched in Version: 4.4.7 Severity: Medium
10. WP GDPR Compliance
Vulnerability: Unauthenticated Stored Cross-Site Scripting Patched in Version: 1.5.6 Severity: Critical
WordPress Themes Vulnerabilities
No new theme vulnerabilities have been disclosed this month.
If you are under WordPress Managed Maintenance plan - there is nothing to worry about as we've taken the necessary steps to protect your sites. Yay!
The information for this blog post was taken from iThemes Vulnerability Roundup
If you're not under our maintenance plan... well, what are you waiting for? Sign-up today!