WordPress Absolutely Glamorous Custom Admin plugin <= 6.5.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability found by Antony Garand Sucuri in WordPress Absolutely Glamorous Custom Admin plugin versions = 6.5.4. Solution Update the WordPress Absolutely Glamorous Custom Admin plugin to the latest available version at least 6.5.5...

WordPress Asset CleanUp: Page Speed Booster plugin <= 1.3.6.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability found by Antony Garand Sucuri in WordPress Asset CleanUp: Page Speed Booster plugin versions = 1.3.6.6. Solution Update the WordPress Asset CleanUp: Page Speed Booster plugin to the latest available version at least 1.3.6.7...

WordPress Cookiebot plugin <= 3.6.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability found by Antony Garand Sucuri in WordPress Cookiebot plugin versions = 3.6.0. Solution Update the WordPress Cookiebot plugin to the latest available version at least 3.6.1...

Cookiebot < 3.6.1 - CSRF & XSS

Antony Garand of Sucuri discovered that multiple WordPress plugins were vulnerable to Cross-Site Scripting XSS within the admin panel, which could be exploited by using s Cross-Site Request Forgery CSRF attack...

WordPress WP Post Page Clone plugin <= 1.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Antony Garand Sucuri in WordPress WP Post Page Clone plugin versions = 1.0. Solution Update the WordPress WP Post Page Clone plugin to the latest available version at least 1.1...

WordPress Duplicate Page and Post plugin <= 2.5.6 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Antony Garand Sucuri in WordPress Duplicate Page and Post plugin versions = 2.5.6. Solution Update the WordPress Duplicate Page and Post plugin to the latest available version at least 2.5.7...

WordPress WP Statistics plugin <= 12.6.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability

Unauthenticated Stored Cross-Site Scripting XSS vulnerability found by Antony Garand in WordPress WP Statistics plugin version = 12.6.6.1. The specific configuration needed for exploitation. Solution Update the WordPress WP Statistics plugin to the latest available version at least 12.6.7...

WordPress Ultimate Member plugin <= 2.0.45 - Multiple vulnerabilities

Multiple vulnerabilities found by Antony Garand Sucuri team in WordPress Ultimate Member plugin versions = 2.0.45. Solution Update the WordPress Ultimate Member plugin to the latest available version at least 2.0.46...