The WordPress Vulnerability report is as follows.
Following WordPress Vulnerability were found in WordPress Versions below 5.4.1
WordPress Plugin Vulnerabilities
Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested action below to update the plugin or completely uninstall it.
#WordPressPlugins
1. Ninja Forms
— The vulnerabilities have been patched, and you should update to version 3.4.23.
2. ThemeGrill Demo Importer
— The vulnerability has been patched, and you should update to version 1.6.2.
3. SAML SP Single Sign On
— The vulnerability has been patched, and you should update to version 4.8.84.
4. wpCentral
— The vulnerability has been patched, and you should update to version 1.5.2.
5. ThemeREX Addons
— Remove the plugin until a patch is released.
6. Modula Image Gallery
— The vulnerability has been patched, and you should update to version 2.2.5.
7. Duplicator
— The vulnerability has been patched, and you should update to version 1.3.28.
8. Chained Quiz
— The vulnerability has been patched, and you should update to version 1.1.9.1.
9. RegistrationMagic
— The vulnerabilities have been patched, and you should update to version 4.6.0.3.
10. Ultimate Membership Pro
— The vulnerability has been patched, and you should update to version 8.7.
11. Photo Gallery by 10Web
— The vulnerability has been patched, and you should update to version 1.5.46.
12. Envira Photo Gallery
— The vulnerability has been patched, and you should update to version 1.7.7.
13. iThemes Sync Pro
— The vulnerability has been patched, and you should update to version 2.1.3
#WordPressThemes
1. Fruitful
— Remove the theme.The vulernability has been reported without a response from the theme developer.
Running outdated extensions is the number one reason WordPress sites are hacked.
It is crucial to the security of your WordPress site that you have an update routine.
You should be logging into your sites at least once a week to perform updates.
