Score: high
The vulnerability has been fixed and needs to be updated to version 4.14.3. 4. Sendinblue’s press release, SMTP, email marketing and subscription form male plug-in: sendinblue’s press release, SMTP, email marketing and subscription form vulnerability: reflective cross site scripting activity installation: 90000 + version: patch severity score in 3.1.25: high vulnerability has been patched and should be updated to version 3.1.25. 5. Woocommerce product seed Pro male plug-in: woocommerce product seed Pro vulnerability: the subscriber sets and updates the stored XSS. Installation activity: 80000 + version: patch severity score in 11.0.7: high
The vulnerability has been fixed and needs to be updated to version 11.0.7. 6. Post grid plug-in: Post grid vulnerability: contributor + SQL injection activity installation: 60000 + version: patch severity score in 2.1.13: due to the patching of common vulnerabilities, it must be updated to version 2.1.13. 7. Consultation form project male plug-in: consultation form project vulnerability: unauthenticated saved cross site script activity installation: 40000 + version: patch severity score in 1.2.4: high vulnerability is patched, so it needs to be updated to version 1.2.4. 8. Activity ticket plug-in: weakness of activity ticket: open direct installation: 40000 + version: 5.2.2 patch severity score: General
The vulnerability has been fixed and must be updated to version 5.2.2. 9. Advanced custom field: extension plug-in: advanced custom field: extension vulnerability: admin + SQL injection activity installation: 40000 + version: patch severity score in 0.8.8.7: ordinary vulnerability has been patched and should be updated to 0.8.8.7. 10. Paypal accept donation male plug-in: paypal accept donation vulnerability: activate any article through CSRF, delete and install: 30000 + version: patch severity score in 1.3.4: patch high vulnerability and need to be updated to version 1.3.4. 11. ACF picture gallery field male plug-in: ACF picture gallery field weakness: reflected cross site script activity installation: 30000 + version: patch severity score in 1.7.5: normal
The vulnerability has been fixed and must be updated to version 1.7.5. 12. Simple monitor male plug-in: simple monitor vulnerability: multiple CSRF activity installation: 30000 + version: patch severity score in 3.9.11: common vulnerability has been patched and should be updated to version 3.9.11. 13. WP administrator protection male plug-in: WP administrator protection vulnerability: unauthenticated plug-in disable active installation: 30000 + version: patch in 3.6.2 severity score: ordinary vulnerability has been patched and should be updated to version 3.6.2. 14. Backup and dump through WP time capsule maleplug-in: WP time capsule backup and dump vulnerability: reflected cross site script activity installation: 20000 + version: patch severity score in 1.22.7: high
The vulnerability has been fixed and must be updated to version 1.22.7. 15. Activity calendar plug-in: activity calendar vulnerability: reflected cross site script activity installation: 20000 + version: fix the severity score in 1.1.51: fix the high vulnerability and need to be updated to version 1.1.51. Plug in: Event Calendar vulnerability: Subscriber + event generation activity installation: 20000 + patch severity score in version: 1.1.51: the vulnerability is usually patched, so it must be updated to version 1.1.51. 16. Five star restaurant reservation male plug-in: five star restaurant reservation weak link: Subscriber+
Saved cross site script active installation: 20000 + version: patch severity score in 2.4.8: high
The vulnerability has been fixed and must be updated to version 2.4.8. 17. Asgar forum male plug-in: asgaros forum vulnerability: activate admin + SQL injection through forum_id installation: 20000 + version: patch severity score in 1.15.15: usually the vulnerability has been patched and needs to be updated to version 1.15.15. 18. Wp125 plug-in: wp125 vulnerability: activate any advertisement through CSRF, delete installation: 10000 + version: fix the severity score in 1.5.5: due to the common vulnerability, it must be updated to version 1.5.5. 19. Subsidiary manager male plug-in: Alliance manager weakness: unauthenticated saved cross site script activity installation: 10000 + version: 2.90 medium patch severity score: high
The vulnerability has been patched and must be updated to version 2.9.0. 20. Smart seo tool male plug-in: smart seo tool vulnerability: reflective cross site scripting activity installation: 9000 + version: patch severity score in 3.0.6: common vulnerabilities have been patched and need to be updated to version 3.0.6. 21. tarteaucitron. JS – Cookie law and gdpr male plug-in: tarteaucitron. JS – Cookie legal and gdpr vulnerabilities: enable CSRF for saved cross site scripts: version 7000 + fix severity score in 1.6: vulnerabilities are usually fixed, so they must be updated to version 1.6. Plug in: tarteaucitron. JS – Cookie law and gdpr vulnerability: administrator + saved cross site script activity installation: 7000 + version: patch severity score in 1.6.1: low vulnerability is patched, so it must be updated to version 1.6.1. 22. SEO booster male plug-in: SEO booster vulnerability: admin + SQL injection activity installation: 4000 + version: patch severity score in 3.8: ordinary vulnerability has been patched and needs to be updated to version 3.8. 23. Booking. Com banner generator plug-in: booking. Com banner generator vulnerability: admin + saved cross site script activity installation: 3000 + version: patch severity score in 1.4.3: low vulnerability is patched, so it must be updated to version 1.4.3. 24. Add profile field male plug-in: add profile field vulnerability: reflected cross site scripting activity installation: 2000 + version: patch severity score in 1.2.4: high male vulnerability has been patched and should be updated to version 1.2.4. 25. Booking. Com product assistant plug-in: booking. Com product assistant vulnerability: admin + saved cross site script activity installation: 2000 + version: patch severity score in 1.0.2: low vulnerability is patched, so it must be updated to version 1.0.2. 26. Seur official plug-in: seur official vulnerability: admin + saved cross site script activity installation: 1000 + version: patch severity score in 1.7.0: the vulnerability is usually patched, so it needs to be updated to version 1.7.0. 27. Spreadsheet integration plug-in: spreadsheet integration vulnerability: CSRF detour activity installation: 1000 + version: patch in 3.6.0 severity score: common vulnerability has been patched and needs to be updated to version 3.6.0. Plug in: spreadsheet integration vulnerability: reflected cross site scripting activity installation: 1000 + version: patch severity score in 3.6.0: high vulnerability is patched, so it must be updated to version 3.6.0. 28. Clickbank cooperative advertising male plug-in: Clickbank cooperative advertising weakness: cross site script stored by admin +
Provide legal assistance. You can use WordPress, dual authentication, indifference proxy protection, strong password application, etc. to add a security layer to the website. Male website scanner file change detection of plug-in and theme vulnerabilities real-time website security control board WordPress security log reliable device reCAPTCHA undifferentiated college entrance examination protection permission confirmation and refusal to steal password 35% discount of ithemes Security Pro until December 31
