Vulnerable WordPress Plugins Report for the Week of June 14, 2019

June 14, 2019
By
- Paul Gilzow
- Plugins
- Security

Vulnerable Plugins

There are nineteen issues this week, with five unfixed. The most critical this week are two Arbitrary File Upload vulnerabilities in Finale WooCommerce Sale Countdown (fix available) and in LionScripts IP Blocker Lite (unfixed, remove immediately) plugins, an Authenticated Arbitrary File Upload vulnerability in Shipping Servientrega Woocommerce (unfixed, remove immediately), and an Authenticated Code Execution vulnerability in Insert or Embed Articulate Content into WordPress (fix available as of June 24. 2019).

EDIT: Corrected information on Embed Articulate Content into WordPress to indicate fix available as of June 24, 2019.

View this week's vulnerable plugins list.

From our Community Blog

Board of Directors monthly meeting: 19 April 2024

April 19, 2024
By Reed Piernock

The next monthly meeting of the WPCampus Board of Directors is 19 April 2024 at 3:30pm (Eastern). These meetings are held on the 3rd Friday of each month, and are...

WPCampus 2024 at Georgetown University in Washington DC from July 31 to August 2

April 14, 2024
By Nathan Wallace

About the event WPCampus 2024 will take place at Georgetown University from July 31 - Aug 2 for the WPCampus community, a gathering of web professionals, educators, and people dedicated...

Subscribe to Community Blog updates