20180511 Vulnerable Plugins/Themes Report
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAAAB
1
NameVersion(s) AffectedFixed in VersionPlugin DirectoryVulnerabilityLink/Plugin StatusSuggested ActionPlugin/ThemeOther NotesSource
2
WP Google Drive2.2 and earlier, see notesunfixedwp-google-driveInformation Disclosurehttps://wordpress.org/plugins/wp-google-drive/RemovePlugin
The plugin was last updated 6 years ago. Definitely time to find an alternate
https://www.pluginvulnerabilities.com/2018/05/10/information-disclosure-vulnerability-in-google-drive-for-wordpress-wp-google-drive/
3
Page and Post Cloneall versionsunfixedpage-or-post-cloneAuthenticated Information Disclosurehttps://wordpress.org/plugins/page-or-post-clone/RemovePlugin
https://www.pluginvulnerabilities.com/2018/05/04/authenticated-information-disclosure-vulnerability-in-page-and-post-clone/
4
Tagregatorall versionsunfixedtagregatorStored Cross-Site Scriptinghttps://wordpress.org/plugins/tagregator/see commentsPlugin
Requires user to have access to plugin settings which is usually an administrator level. At that point, there are many other more damaging actions they can take
https://www.cvedetails.com/cve/CVE-2018-10752/ and https://pastebin.com/ZGr5tyP2
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...