Post by account_disabled on Feb 24, 2024 0:36:29 GMT -5
Two reports concerning as many WordPress plugins have recently been added to Wordfence Intelligence, because vulnerabilities have been found which, in fact, turn into dangers for users who have installed these plugins on their websites and for users. The danger of the vulnerabilities that have been found is different but, regardless of whether or not it is a problem that can be more or less serious, the general advice is to always update not only the version of WordPress to the most recent one but also to make sure your site has updated plugins. wordfence intelligence raises the alarm for two wordpress plugins Always remember to update all WordPress plugins.
A further check that you must always do concerns America Mobile Number List WordPress plugins: if you realize that the ones you use have not been updated for a while, it is perhaps worth checking that they have not been abandoned in some way by their developers and whether it is therefore not the case of finding alternative solutions. Having made this necessary premise, let's analyze in detail the vulnerabilities reported by Wordfence Intelligence. WordPress plugins reported, problem encountered with Complianz | GDPR/CCPA Cookie Consent The least dangerous vulnerability, rated 4.4 out of 10 by Wordfence Intelligence, was found within the Complianz | GDPR/CCPA Cookie Consent. This is a plugin that is used as a tool to help manage the privacy of users of WordPress sites in line with both the General Data Protection Regulation and the California Consumer Privacy Act.
In practice, the plugin allows you to block third-party cookies parties, manage consent and also control banners. This is a fairly popular tool that is currently installed on 800 thousand different sites. vulnerability of two wordpress plugins, what to do Your wordPress plugins may be unsafe – sos-wp.it The type of vulnerability that was found is classified as Stored Cross-Site Scripting . A version of the more generic XSS vulnerability. In particular, what is missing are two security functions: input sanitization and output escaping. XSS-type vulnerabilities allow malicious agents who are able to obtain admin permissions to insert malicious code that is activated every time a user visits the page that has been infected. The most updated version of the plugin is already available.
A further check that you must always do concerns America Mobile Number List WordPress plugins: if you realize that the ones you use have not been updated for a while, it is perhaps worth checking that they have not been abandoned in some way by their developers and whether it is therefore not the case of finding alternative solutions. Having made this necessary premise, let's analyze in detail the vulnerabilities reported by Wordfence Intelligence. WordPress plugins reported, problem encountered with Complianz | GDPR/CCPA Cookie Consent The least dangerous vulnerability, rated 4.4 out of 10 by Wordfence Intelligence, was found within the Complianz | GDPR/CCPA Cookie Consent. This is a plugin that is used as a tool to help manage the privacy of users of WordPress sites in line with both the General Data Protection Regulation and the California Consumer Privacy Act.
In practice, the plugin allows you to block third-party cookies parties, manage consent and also control banners. This is a fairly popular tool that is currently installed on 800 thousand different sites. vulnerability of two wordpress plugins, what to do Your wordPress plugins may be unsafe – sos-wp.it The type of vulnerability that was found is classified as Stored Cross-Site Scripting . A version of the more generic XSS vulnerability. In particular, what is missing are two security functions: input sanitization and output escaping. XSS-type vulnerabilities allow malicious agents who are able to obtain admin permissions to insert malicious code that is activated every time a user visits the page that has been infected. The most updated version of the plugin is already available.