WordPress Plugin XSS Vulnerability

by InMotion Hosting Contributor

0 Minutes, 36 Seconds to Read

Issue:A serious XSS security vulnerability was discovered and disclosed this morning that affects hundreds of WordPress plugins, which in turn affects millions of websites.
Status:Anyone who manages or maintains a WordPress site is strongly urged to update ALL plugins immediately.

Who is impacted?

People running WordPress websites with the following plugins:

  • Jetpack
  • WordPress SEO
  • Google Analytics by Yoast
  • All In one SEO
  • Gravity Forms
  • Multiple Plugins from Easy Digital Downloads
  • UpdraftPlus
  • WP-E-Commerce
  • WPTouch
  • Download Monitor
  • Related Posts for WordPress
  • My Calendar
  • P3 Profiler
  • Give
  • Multiple iThemes products including Builder and Exchange
  • Broken-Link-Checker
  • Ninja Forms

At this time, patches/updates should be released for all the above plugins. If you are running any of these plugins, please update it immediately.

IC
InMotion Hosting Contributor Content Writer II

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting
Related Articles
How to duplicate a WordPress Site for Development and Testing
WordPress – Changing the Site URL and Home Settings
WordPress wp-login.php Brute Force Attack
Prevent Unauthorized WordPress Administrator Login Attempts
WordPress Heartbeat and Heavy admin-ajax.php Usage
Fixing Image Links After a WordPress Migration
How to Install WordPress using Softaculous
Adding HTML to a WordPress Page/Post
How to Move WordPress from a Subfolder to the Root Directory
How to Disable the WP-Cron (wp-cron.php) in WordPress

Was this article helpful? Join the conversation!

WordPress EDU

Need More Help?

Codeable - Hire Expert WordPress Developers

Featured Articles

Questions about our MailChannels Deployment? We have answers and are here to help!Learn More
+