20180726 Vulnerable Plugins/Themes Report
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAAAB
1
NameVersion(s) AffectedFixed in VersionPlugin DirectoryVulnerabilityLink/Plugin StatusSuggested ActionPlugin/ThemeOther NotesSource
2
Strong Testimonials2.31.4 and below2.31.5strong-testimonialsMultiple Cross-Site Scriptinghttps://wordpress.org/plugins/strong-testimonials/UpdatePlugin
http://www.defensecode.com/advisories/DC-2018-05-007_WordPress_Strong_Testimonials_Plugin_Advisory.pdf
3
Gwolle Guestbook2.5.3 and below2.5.4gwolle-gbCross-Site Scriptinghttps://wordpress.org/plugins/gwolle-gb/UpdatePlugin
http://www.defensecode.com/advisories/DC-2018-05-008_WordPress_Gwolle_Guestbook_Plugin_Advisory.pdf
4
Snazzy Maps1.1.3 and belowunfixedsnazzy-mapsMultiple Cross-Site Scriptinghttps://wordpress.org/plugins/snazzy-maps/RemovePlugin
http://www.defensecode.com/advisories/DC-2018-05-006_WordPress_Snazzy_Maps_Plugin_Advisory.pdf
5
LimoLabs by icabbitunsure, see notesunsurelimolabs-icabbiRemote Password Disclosurehttps://www.icabbi.com/RemovePlugin
This appears to be a paid plugin, and I can't find much info on it. IT definitely appears to be in use among cab companies, many of which are vulnerable to this issue. I doubt many higher ed institutes are using it, but am including it just in case.
https://packetstormsecurity.com/files/148660/WordPress-LimoLabs-1.0.0-Remote-Password-Disclosure.html
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...