WordPress Plugin XSS Vulnerability

by John-Paul Briones

0 Minutes, 36 Seconds to Read

Issue:A serious XSS security vulnerability was discovered and disclosed this morning that affects hundreds of WordPress plugins, which in turn affects millions of websites.
Status:Anyone who manages or maintains a WordPress site is strongly urged to update ALL plugins immediately.

Who is impacted?

People running WordPress websites with the following plugins:

  • Jetpack
  • WordPress SEO
  • Google Analytics by Yoast
  • All In one SEO
  • Gravity Forms
  • Multiple Plugins from Easy Digital Downloads
  • UpdraftPlus
  • WP-E-Commerce
  • WPTouch
  • Download Monitor
  • Related Posts for WordPress
  • My Calendar
  • P3 Profiler
  • Give
  • Multiple iThemes products including Builder and Exchange
  • Broken-Link-Checker
  • Ninja Forms

At this time, patches/updates should be released for all the above plugins. If you are running any of these plugins, please update it immediately.

JB
John-Paul Briones Content Writer II

John-Paul is an Electronics Engineer that spent most of his career in IT. He has been a Technical Writer for InMotion since 2013.

More Articles by John-Paul
Related Articles
How to duplicate a WordPress Site for Development and Testing
WordPress – Changing the Site URL and Home Settings
WordPress wp-login.php Brute Force Attack
Prevent Unauthorized WordPress Administrator Login Attempts
WordPress Heartbeat and Heavy admin-ajax.php Usage
Fixing Image Links After a WordPress Migration
How to Install WordPress using Softaculous
Adding HTML to a WordPress Page/Post
How to Move WordPress from a Subfolder to the Root Directory
How to Disable the WP-Cron (wp-cron.php) in WordPress

Was this article helpful? Join the conversation!

WordPress EDU

Need More Help?

Codeable - Hire Expert WordPress Developers

Featured Articles