Dernières failles de sécurité plugins et thèmes WordPress

Il faut rapidement, vérifier les mises à jour de ces plugins/thèmes. Si aucune mise à jour, vous devez les supprimer de votre installation WordPress !

Failles WordPress :

WordPress 5.2.2 – Cross-Site Scripting (XSS) in URL Sanitisation
WordPress 5.2.2 – Authenticated Cross-Site Scripting (XSS) in Post Previews
WordPress 5.2.2 – Cross-Site Scripting (XSS) in Dashboard
WordPress 5.2.2 – Cross-Site Scripting (XSS) in Shortcode Previews
WordPress 5.2.2 – Cross-Site Scripting (XSS) in Stored Comments
WordPress 5.2.2 – Potential Open Redirect
WordPress 3.9-5.1 – Comment Cross-Site Scripting (XSS)

Thèmes WordPress :

Nexos – Real Estate 1.6 – SQL Injection & Persistent XSS
Selio – Real Estate Directory 1.1 – SQL Injection & Persistent XSS
Real Estate 7 2.9.0 – Stored XSS & IDOR
Zoner – Real Estate 4.1 – Reflected & Stored XSS
Traveler – Travel Booking WordPress Theme 2.7.1 – Reflected & Stored XSS
JobCareer | Job Board Responsive WordPress Theme 2.5 – Stored XSS
CarSpot Theme 2.1.6 – Authenticated Stored XSS
Newspaper Theme 9.2.2 – Cross-Site Scripting (XSS)
JobCareer | Job Board Responsive WordPress Theme 2.4 – User enumeration & Reset password

Plugins WordPress :

All In One WP Security & Firewall 4.4.1 – Open Redirect & Hidden Login Page Exposure
Export Users to CSV 1.4 – Unauthorised CSV Access
Download Plugins and Themes from Dashboard 1.5.0 – Unauthenticated Stored XSS
Theme Editor 2.1 – Multiple Vulnerabilities
Visualizer 3.3.1 – Blind SSRF
Visualizer 3.3.1 – Stored XSS
GiveWp 2.5.5 – Authentication Bypass

La maintenance de votre site WordPress permet des mises à jour régulières afin d’éviter les bugs et les problèmes de piratage.

Nous solutions de maintenance WordPress à partir de 19€ ht/ mois

Besoin d'aide avec votre site WordPress ?

Découvrez nos forfaits de maintenance et notre service d'optimisation IA

Voir nos offres →