La semaine dernière, 97 vulnérabilités ont été révélées dans 63 plugins et 5 thèmes WordPress qui ont été ajoutés à la base de données de vulnérabilités de Wordfence Intelligence, et 28 chercheurs de vulnérabilités ont contribué à la sécurité de WordPress la semaine dernière. Examinez ces vulnérabilités dans ce rapport dès maintenant pour vous assurer que votre site n’est pas affecté.
La mission du plugin de sécurité Wordfence Intelligence est de rendre des informations précieuses sur les vulnérabilités facilement accessibles à tous, comme la communauté WordPress, afin que les individus et les organisations puissent utiliser ces données pour rendre l’Internet plus sûr. Cette article a été traduit directement depuis leur newsletter.
Nouvelles règles de pare-feu déployées la semaine dernière:
L’équipe de veille sur les menaces de Wordfence examine chaque vulnérabilité pour en déterminer l’impact et la gravité, ainsi que pour évaluer la probabilité d’exploitation, afin de vérifier que le pare-feu de Wordfence fournit une protection suffisante.
La semaine dernière, l’équipe de WordFence a déployé une protection améliorée via des règles de pare-feu pour les vulnérabilités suivantes en temps réel pour leurs clients Premium, Care et Response.
Au Farweb, nous avons bien mis à jour les plugins et les thèmes concernés afin que ceux-ci ne soient plus un risque pour votre site Internet même avec la version gratuite de WordFence.
WordPress Plugins with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Advanced Custom Fields (ACF) | advanced-custom-fields |
| Ajax Search Lite | ajax-search-lite |
| Ajax Search Pro | ajax-search-pro |
| Albo Pretorio On line | albo-pretorio-on-line |
| Appointment and Event Booking Calendar for WordPress – Amelia | ameliabooking |
| Call Now Accessibility Button | accessibility-help-button |
| Cancel order request / Return order / Repeat Order / Reorder for WooCommerce | cancel-order-request-woocommerce |
| Comment Reply Notification | comment-reply-notification |
| Comments Ratings | comments-ratings |
| Connections Business Directory | connections |
| CopySafe Web Protection | wp-copysafe-web |
| Cryptocurrency All-in-One | cryptocurrency-prices |
| Dynamics 365 Integration | integration-dynamics |
| Easy Sign Up | easy-sign-up |
| Email Subscription Popup | email-subscribe |
| Fancy Product Designer | fancy-product-designer |
| Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder | formidable |
| Front End Users | front-end-only-users |
| HT Builder – WordPress Theme Builder for Elementor | ht-builder |
| Hustle – Email Marketing, Lead Generation, Optins, Popups | wordpress-popup |
| IFrame Shortcode | flynsarmy-iframe-shortcode |
| IMPress Listings | wp-listings |
| Libsyn Publisher Hub | libsyn-podcasting |
| Limit Login Attempts | limit-login-attempts |
| Magic Post Thumbnail | magic-post-thumbnail |
| MapPress Maps for WordPress | mappress-google-maps-for-wordpress |
| Maps Widget for Google Maps | google-maps-widget |
| MasterStudy LMS WordPress Plugin – for Online Courses and Education | masterstudy-lms-learning-management-system |
| MyCryptoCheckout – Bitcoin, Ethereum, and 175+ altcoins for WooCommerce | mycryptocheckout |
| Optin Forms – Simple List Building Plugin for WordPress | optin-forms |
| PHP Compatibility Checker | php-compatibility-checker |
| PixTypes | pixtypes |
| Product Catalog Simple | post-type-x |
| Product Enquiry for WooCommerce, WooCommerce product catalog | enquiry-quotation-for-woocommerce |
| Product Feed PRO for WooCommerce | woo-product-feed-pro |
| Product page shipping calculator for WooCommerce | product-page-shipping-calculator-for-woocommerce |
| PropertyHive | propertyhive |
| Random Text | randomtext |
| SEOPress – On-site SEO | wp-seopress |
| SMTP Mailing Queue | smtp-mailing-queue |
| Simple Job Board | simple-job-board |
| SimpleModal Contact Form (SMCF) | simplemodal-contact-form-smcf |
| Site Reviews | site-reviews |
| Sp*tify Play Button for WordPress | spotify-play-button-for-wordpress |
| Spreadshop Plugin | spreadshop |
| StagTools | stagtools |
| Steveas WP Live Chat Shoutbox | wp-shoutbox-live-chat |
| Superb Social Media Share Buttons and Follow Buttons for WordPress | superb-social-share-and-follow-buttons |
| Tiny carousel horizontal slider plus | tiny-carousel-horizontal-slider-plus |
| Transbank Webpay REST | transbank-webpay-plus-rest |
| User Registration – Custom Registration Form, Login Form And User Profile For WordPress | user-registration |
| WCFM Marketplace – Best Multivendor Marketplace for WooCommerce | wc-multivendor-marketplace |
| WCFM Membership – WooCommerce Memberships for Multivendor Marketplace | wc-multivendor-membership |
| WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible | wc-frontend-manager |
| WP Data Access | wp-data-access |
| WP FEvents Book | wp-fevents-book |
| WP Fastest Cache | wp-fastest-cache |
| WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager | insert-headers-and-footers |
| YourChannel: Everything you want in a YouTube plugin. | yourchannel |
| ZYREX POPUP | popup-zyrex |
| amr ical events lists | amr-ical-events-list |
| qTranslate X Cleanup and WPML Import | qtranslate-to-wpml-export |
| tencentcloud-cos | tencentcloud-cos |
WordPress Themes with Reported Vulnerabilities Last Week
| Software Name | Software Slug |
| Houzez | houzez |
| The7 — Website and eCommerce Builder for WordPress | dt-the7 |
| TheRoof | theroof |
| Weaver Xtreme | weaver-xtreme |
| outdoor |
