Search cyberveille.decio.ch

Found 3 bookmarks

Custom sorting

State of WordPress Security In 2024

This year, we’ve partnered with Sucuri. With both of our data combined, we can cover the entire timeline of security incidents from the vulnerability being found to the point where malware infection gets detected on a vulnerable website. 2023 was another record year of new vulnerabilities being discovered and fixed in the WordPress ecosystem. In 2023, we added 5,948 new vulnerabilities to the Patchstack vulnerability database. That’s 24% more than in 2022.

#patchstack #EN #WordPress #report

·patchstack.com·Apr 1, 2024

State of WordPress Security In 2024

Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million Sites

This blog post is about the Essential Addons for Elementor plugin vulnerability. If you’re a Essential Addons for Elementor user, please update the plugin to at least version 5.7.2. Patchstack Developer and Business plan users are protected from the vulnerability. You can also sign up for the Patchstack Community plan to be notified about vulnerabilities […]

#patchstack #EN #2023 #WP #Wordpress #Elementor

·patchstack.com·May 12, 2023

Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million Sites

WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Advanced Custom Fields PRO Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 6.1.6.

#patchstack #EN #2023 #WP #CVE-2023-30777 #Advanced #Custom #Fields #Pro #plugin #XSS #vulnerability #Wordpress

·patchstack.com·May 8, 2023

WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability