Ebolusyon blackjack strategy.Enjoy Free 888+200 Daily Legal Bonus

Critical Vulnerability flagged by Wordfence

JohnP — Tue, 18 Mar 2025 19:41:04 +0000

Wordfence flagged an unpatched critical vulnerability on 18th March:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/s2member-pro

Is there a plan to fix it?

Mashshare Share Buttons (4.0.47) has a known security vulnerability.

danicom — Thu, 13 Mar 2025 09:32:08 +0000

The MashShare – Social Media Share Buttons, Social Share Icons plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 4.0.47. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.

Is the MashShare team working on it?

Plugin 2.0.5 vulnerable

rswstudio — Wed, 05 Feb 2025 08:50:14 +0000

https://www.wordfence.com/threat-intel/vulnerabilities/detail/phpspreadsheet-library-230-xxe-injection

Plugin vulnerable – wordfence

dccorp — Sat, 18 Jan 2025 07:10:40 +0000

Wordfence signals on 17th of January a critical vulnerability for PDF viewer for elementor:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/pdf-viewer-for-elementor/pdf-viewer-for-elementor-293-authenticated-contributor-stored-cross-site-scripting

Plugin vulnerable – wordfence

dccorp — Sat, 18 Jan 2025 07:05:19 +0000

Wordfence signals on 17th of January a critical vulnerability for WP Visitors statistics:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-stats-manager/wp-visitor-statistics-real-time-traffic-73-missing-authorization

Plugin Closed?

LN-CWM — Thu, 16 Jan 2025 17:21:15 +0000

I’m using the Spacer plugin on many pages in my site. Also the paid Panels add-on. I’d really appreciate an update on the status of both. Have they been abandoned? I sincerely hope not.

Thanks!

Outdated Software and vulnerabilities

Benixgo — Mon, 14 Oct 2024 03:41:27 +0000

Hi, I just installer the GamiPress plugin and a couple of hours later I get all these vulnerabilities warning from Sucuri :

vulnerable WP Fluent Forms plugin found at ./wp-content/plugins/gamipress/integrations/fluentform/fluentform.php – Version: 1.0.1 Please update this plugin immediately: https://wpscan.com/vulnerability/16070387-e2b2-4b97-8cd8-cc2db80a3995

vulnerable LearnPress plugin found at ./wp-content/plugins/gamipress/integrations/learnpress/learnpress.php – Version: 1.1.1 Please update this plugin immediately: https://www.bleepingcomputer.com/news/security/75k-wordpress-sites-impacted-by-critical-online-course-plugin-flaws/

vulnerable Download Manager plugin found at ./wp-content/plugins/gamipress/integrations/download-manager/download-manager.php – Version: 1.0.0 Please update this plugin immediately: https://wpscan.com/vulnerability/394007c5-7923-46fe-bb4c-2377d66ff900

vulnerable Forminator – Contact Form, Payment Form & Custom Form Builder plugin found at ./wp-content/plugins/gamipress/integrations/forminator/forminator.php – Version: 1.0.9 Please update this plugin immediately: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/forminator/forminator-1290-unauthenticated-stored-cross-site-scripting-via-file-upload

vulnerable Ninja Forms plugin found at ./wp-content/plugins/gamipress/integrations/ninja-forms/ninja-forms.php – Version: 1.1.1 Please update this plugin immediately: https://wpscan.com/vulnerability/8843d66b-e895-4336-afda-00b99442cdc1

vulnerable Easy Digital Downloads plugin found at ./wp-content/plugins/gamipress/integrations/easy-digital-downloads/easy-digital-downloads.php – Version: 1.2.9 Please update this plugin immediately: https://wpscan.com/vulnerability/1fa35321-fc1f-4770-b03c-06ad871dd18f

vulnerable Events Made Easy plugin found at ./wp-content/plugins/gamipress/integrations/events-manager/events-manager.php – Version: 1.0.3 Please update this plugin immediately: https://blog.sucuri.net/2022/06/vulnerability-patch-roundup-june-2022.html

vulnerable Jetpack plugin found at ./wp-content/plugins/gamipress/integrations/jetpack/jetpack.php – Version: 1.0.0 Please update this plugin immediately: https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/

vulnerable GiveWP plugin found at ./wp-content/plugins/gamipress/integrations/give/give.php – Version: 1.0.0 Please update this plugin immediately: https://wpscan.com/vulnerability/fdf7a98b-8205-4a29-b830-c36e1e46d990/

Enable SVG, WebP & ICO Upload <= 1.0.4 – Arbitrary File Upload

Alain Sanchez — Sat, 17 Aug 2024 22:39:53 +0000

The Enable SVG, WebP & ICO Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in versions up to 1.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site’s server which may make a potential remote code execution.

More information on the threat intel on the Wordfence website.

Vulnerable

JanSnowski — Sat, 22 Jun 2024 08:21:17 +0000

Wordfence has found a vulnerability with this plugin!

https://www.wordfence.com/threat-intel/vulnerabilities/id/8ce7aa01-7e79-4048-a84d-fcb9541d5f8b?source=plugin

Vulnerabilities – will the plugin update?

michiellap — Mon, 13 Nov 2023 13:01:52 +0000

Hi,

I got message from wordfence, that there are vulnerablities in this plugin (danger 5.3/10).
I see that he plugin hasn’t been updated for 3 months.
Will there be an update soon?

Thanks!