WordPress Vulnerability Roundup: July 2020, Part 2

Jul 22, 2020 | Security - Internet, WordPress, and otherwise




New WordPress plugin and theme vulnerabilities were disclosed during the second half of July, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website.

The WordPress Vulnerability Roundup is divided into three different categories:

  1. WordPress core
  2. WordPress plugins
  3. WordPress themes

WordPress Core Vulnerabilities

There have not been any WordPress core vulnerabilities disclosed in the second half of July.

WordPress Plugin Vulnerabilities

1. Wise Chat

wordpress-vulnerability-roundup-july-2020-part-2 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 2.8.4.

2. Powie’s WHOIS Domain Check

generic-wp-plugin WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 0.9.33.

3. Knight Lab Timeline

wordpress-vulnerability-roundup-july-2020-part-2-1 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 3.7.0.0.

4. Page Builder: KingComposer

wordpress-vulnerability-roundup-july-2020-part-2-2 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 2.9.5.

5. SRS Simple Hits Counter

wordpress-vulnerability-roundup-july-2020-part-2-3 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 1.1.0.

6. WP-Live Chat by 3CX

wordpress-vulnerability-roundup-july-2020-part-2-4 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 8.2.0.

7. Newsletter

wordpress-vulnerability-roundup-july-2020-part-2-5 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 6.7.7 .

8. Form Maker by 10Web 

wordpress-vulnerability-roundup-july-2020-part-2-6 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 1.13.40.

9. SendPress Newsletters

wordpress-vulnerability-roundup-july-2020-part-2-7 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 1.20.7.13.

10. Email Verification for WooCommerce

wordpress-vulnerability-roundup-july-2020-part-2-8 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 1.8.2.

11. All in One SEO Pack

wordpress-vulnerability-roundup-july-2020-part-2-9 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 3.6.2.

12. JobSearch WP Job Board

generic-wp-plugin WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 1.5.5.

13. Email Subscribers & Newsletters 

wordpress-vulnerability-roundup-july-2020-part-2-10 WordPress Vulnerability Roundup: July 2020, Part 2
The vulnerability is patched, and you should update to version 4.5.1.

WordPress Theme Vulnerabilities

There have been no WordPress theme vulnerabilities disclosed in the second half of July.

New! Protect Your WordPress Website with the iThemes Security Site Scan

Every day, it gets harder and harder to keep track of every disclosed WordPress vulnerability. You have to compare that list to the versions of plugins and themes you have installed on your site… and make sure you’re constantly updating.

To solve this problem, the iThemes Security Pro plugin now includes a better way to protect your sites against software vulnerabilities, the number one culprit of hacked and compromised WordPress sites.

The new, improved WordPress Security Site Scan powered by iThemes performs automatic checks for known website vulnerabilities and, if a patch is available, iThemes Security Pro will now automatically apply the fix for you… so you don’t have to. Whew. that’s some peace of mind. 

From your WordPress security logs, you can now click the more details link to learn about the vulnerability, including the vulnerable version number, the type of vulnerability, the patched version number, disclosure timeline and more.

wordpress-vulnerability-roundup-july-2020-part-2-11 WordPress Vulnerability Roundup: July 2020, Part 2

A WordPress Security Plugin Can Help Secure Your Website

iThemes Security Pro, our WordPress security plugin, offers 50+ ways to secure and protect your website from common WordPress security vulnerabilities. With WordPress, two-factor authentication, brute force protection, strong password enforcement, and more, you can add an extra layer of security to your website.

Source

WordPress Development

SEO NEWS

seo news

Domain Registration
GET YourName.com Today

We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.