Security flaws continue to affect plugins and themes this week, and we explore backup methods to keep your site & data safe from disaster.
#1 – Popular Plugins with High Security Risk
This plugin has serious vulnerabilities impacting over 1 million sites.
Loginizer Plugin
Broken Authentication; 8.1/10; Update to v1.9.3+
Editor Comment
It’s worth taking a few minutes each week to perform a sites review to catch issues early and wherever possible, use ShieldPRO’s auto-upgrade feature for vulnerable plugins.
#2 – Popular Plugins with Lower Security Risk
While these plugins may not rank as high-severity risks, they still affect a wide range of sites.
Prime Slider – Addons For Elementor Plugin
XSS; 6.5/10; Update to v3.15.19+
Elementor – Header, Footer & Blocks Template Plugin
XSS; 5.9/10; Update to v1.6.46+
Pods Plugin
XSS; 5.9/10; Update to v3.2.7.1+
Contact Form 7 Dynamic Text Extension Plugin
Sensitive Data Exposure; 4.3/10; Update to v4.5.1+
Editor Comment
It’s worth taking a few minutes each week to perform a sites review to catch issues early and wherever possible, use ShieldPRO’s auto-upgrade feature for vulnerable plugins.
#3 – Security Risks in Less Popular Plugins & Themes
Despite their lower popularity, the below plugins and theme still pose serious security threats.
JobSearch Plugin
Arbitrary File Upload; 10/10; Update to v2.6.8+
User Extra Fields Plugin
Arbitrary File Upload; 10/10; Update to v16.6+
WP Membership Plugin
Arbitrary File Upload; 10/10; Update to v1.6.3+
WPLMS Theme
Path Traversal; 9.8/10; Update to v4.963+
Contest Gallery Plugin
SQL Injection; 9.3/10; Update to v24.0.4+
Super Socializer Plugin
Broken Authentication; 8.1/10; Update to v7.14+
Form Maker by 10Web Plugin
XSS; 7.1/10; Update to v1.15.31+
Editor Comment
It’s worth taking a few minutes each week to perform a sites review to catch issues early and wherever possible, use ShieldPRO’s auto-upgrade feature for vulnerable plugins.
#4 – Our Blog: Guide to Effective Backup Strategies
WordPress sites rely on regular backups to protect data and recover quickly from failures. A well-planned strategy secures your content and online presence.
Thanks for reading, and have a great week!
Paul Goodchild
Shield Security for WordPress
