La semaine dernière, 77 vulnérabilités ont été divulguées dans 68 plugins WordPress et 3 thèmes WordPress qui ont été ajoutés à la base de données des vulnérabilités de Wordfence Intelligence par l’équipe de renseignement sur les menaces de Wordfence.
Il y avait davantage de vulnérabilités non corrigées que de vulnérabilités corrigées la semaine dernière, il est donc plus important que jamais d’examiner le rapport de vulnérabilité pour s’assurer que votre site n’est pas affecté par l’une des vulnérabilités qui ont été divulguées, et de prendre des mesures correctives si votre site l’est.
Au Farweb, nous avons bien mis à jour les plugins et les thèmes concernés afin que ceux-ci ne soient plus un risque pour votre site Internet.
La mission du plugin de sécurité Wordfence Intelligence est de rendre des informations sur les vulnérabilités facilement accessibles à tous. Cette article a été traduit directement depuis leur newsletter.
Total Unpatched & Patched Vulnerabilities Last Week
| Patch Status | Number of Vulnerabilities |
| Unpatched | 40 |
| Patched | 37 |
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| AJAX Thumbnail Rebuild | ajax-thumbnail-rebuild |
| Advanced Category Template | advanced-category-template |
| Advanced Youtube Channel Pagination | advanced-youtube-channel-pagination |
| Arconix Shortcodes | arconix-shortcodes |
| Autoptimize | autoptimize |
| BSK Forms Blacklist | bsk-gravityforms-blacklist |
| Bit File Manager – 100% free file manager for WordPress | file-manager |
| Booking Manager | booking-manager |
| CM On Demand Search And Replace | cm-on-demand-search-and-replace |
| CRM Memberships | crm-memberships |
| Chronosly Events Calendar | chronosly-events-calendar |
| ClickFunnels | clickfunnels |
| Custom 404 Pro | custom-404-pro |
| Customizer Export/Import | customizer-export-import |
| Decon WP SMS | decon-wp-sms |
| Depicter Slider – Responsive Image Slider, Video Slider & Post Slider | depicter |
| Display custom fields in the frontend – Post and User Profile Fields | shortcode-to-display-post-and-user-data |
| Dynamically Register Sidebars | dynamically-register-sidebars |
| Easy Bet | easy-bet |
| Elementor Website Builder | elementor |
| Emails & Newsletters with Jackmail | jackmail-newsletters |
| Extensions for Leaflet Map | extensions-leaflet-map |
| Forms Ada – Form Builder | forms-ada-form-builder |
| HTTP Headers | http-headers |
| Image Optimizer by 10web – Image Optimizer and Compression plugin | image-optimizer-wd |
| Inactive User Deleter | inactive-user-deleter |
| Integration for Contact Form 7 HubSpot | cf7-hubspot |
| Ko-fi Button | ko-fi-button |
| Logo Scheduler – Great for holidays, events, and more | logo-scheduler-great-for-holidays-events-and-more |
| Maintenance Switch | maintenance-switch |
| Mass Email To users | mass-email-to-users |
| NS Coupon To Become Customer | ns-coupon-to-become-customer |
| Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | ninja-forms |
| Orbit Fox by ThemeIsle | themeisle-companion |
| Photo Gallery Slideshow & Masonry Tiled Gallery | wp-responsive-photo-gallery |
| Plugins List | plugins-list |
| Progress Bar | progress-bar |
| Push Notifications for WordPress by PushAssist | push-notification-for-wp-by-pushassist |
| REST API TO MiniProgram | rest-api-to-miniprogram |
| Rating-Widget: Star Review System | rating-widget |
| Recipe Maker For Your Food Blog from Zip Recipes | zip-recipes |
| SEO ALert | seo-alert |
| Shield Security – Smart Bot Blocking & Intrusion Prevention | wp-simple-firewall |
| Simple Giveaways – Grow your business, email lists and traffic with contests | giveasap |
| Stock Sync for WooCommerce | stock-sync-for-woocommerce |
| Stream | stream |
| Thumbnail Slider With Lightbox | wp-responsive-slider-with-lightbox |
| Thumbs Rating | thumbs-rating |
| Tiempo.com | tiempocom |
| Tippy | tippy |
| URL Params | url-params |
| Ultimate Addons for Contact Form 7 | ultimate-addons-for-contact-form-7 |
| Updraft | updraft |
| User IP and Location | user-ip-and-location |
| Video XML Sitemap Generator | video-xml-sitemap-generator |
| WP BrowserUpdate | wp-browser-update |
| WP Directory Kit | wpdirectorykit |
| WP Inventory Manager | wp-inventory-manager |
| WP Page Numbers | wp-page-numbers |
| WP Search Analytics | search-analytics |
| WP Visitor Statistics (Real Time Traffic) | wp-stats-manager |
| WP-CORS | wp-cors |
| WooCommerce Multivendor Marketplace – REST API | wcfm-marketplace-rest-api |
| Woocommerce Tip/Donation | woo-tipdonation |
| XML for Google Merchant Center | xml-for-google-merchant-center |
| YARPP – Yet Another Related Posts Plugin | yet-another-related-posts-plugin |
| Zephyr Project Manager | zephyr-project-manager |
| wordpress vertical image slider plugin | wp-vertical-image-slider |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Arya Multipurpose | arya-multipurpose |
| Mocho Blog | mocho-blog |
| Viable Blog | viable-blog |
