WordPress Plugin Vulnerabilities – July 2019

Published by wensumdotnet on July 18, 2019July 18, 2019

WordPress Plugin Vulnerabilities
These plugins were recently found to have vulnerabilities. All, apart from one, are patched in their latest versions and are safe to use after updating.

1. Yoast SEO
Update to version 11.6.

2. WooCommerce
Update to version 3.6.5.

3. Ad Inserter
Update to version 2.4.20.

4. Ocean Extra
Update to version 1.5.9.

5. WP Statistics
Update to version 12.6.7.

6. Visitors Traffic Real Time Statistics
Update to version 1.13.

7. Essential Real Estate
Update to version 1.7.2.

8. Appointment Booking Calendar
Update to version 1.3.19.

9. Gallery PhotoBlocks
Update to version 1.1.41.

10. Slimstat Analytics
Update to version 4.8.4.

11. WP Google Maps
Update to version 7.11.35.

12. LiveChat
Update to version 3.7.4.

13. Icegram
Update to version 1.10.29.

14. WP Like Button
This is vulnerable to an Authentication Bypass attack. WordPress.org has removed the WP Like Button plugin from its directory, so please remove the plugin and find a replacement.

15. File Manager
Update to version 5.2.

16. Newsletter Lite
Update to version 4.6.18.

17. One Click SSL
Update to version 1.4.7.

18. Ultimate Member
Update to version 2.0.52.

9. FV Flowplayer Video Player
Update to version 7.3.19.727.