The WordPress Vulnerability report is as follows.
Following WordPress Vulnerability were found in WordPress Versions below 5.4.1
WordPress Plugin Vulnerabilities
Several new WordPress plugin vulnerabilities have been discovered this month so far. Make sure to follow the suggested action below to update the plugin or completely uninstall it.
#WordPressPlugins
1) Code Snippets
— The vulnerabilities have been patched, so you should update to version 2.14.0.
2) WP Database Reset
— The vulnerabilities have been patched, so you should update to version 3.15.
3) Chained Quiz
— The #vulnerability has been patched, so you should update to version 1.1.8.2.
4) Resim Ara
— WordPress.org closed Resim Ara on January 17, 2020, so you should remove the plugin and find a replacement.
5) Marketo Forms and Tracking
— WordPress.org closed Marketo Forms and Tracking on December 11, 2019, so you should remove the plugin and find a replacement.
6) Contextual Adminbar Color
— The #vulnerability has been patched, and you should update it to version 0.3.
7) 2J SlideShow
— The #vulnerability has been patched, and you should update it to version 1.3.40.
8) Chatbot with IBM Watson
— The #vulnerability has been patched, so you should update to version 0.8.21.
9) WP Accessibility
— The #vulnerability has been patched, so you should update to version 1.7.0.
10) AccessAlly
— The #vulnerability has been patched, so you should update to version 3.3.2.
11) Ultimate Member
— The #vulnerability has been patched, so you should update to version 2.1.3.
12) WP DS FAQ Plus
— The #vulnerability has been patched, so you should update to version 1.4.2.
13) #wpCentral
— The #vulnerability has been patched, so you should update to version 1.4.8.
14) WPS Hide Login
— The #vulnerability has been patched, so you should update to version 1.5.5.
15) Contact Form Clean and Simple
— WordPress.org closed #ContactForm Clean and Simple on January 23, 2020, so you should remove the plugin and find a replacement.
16) Calculated Fields Form
— The #vulnerability has been patched, so you should update to version 1.0.354.
17) Flamingo
— The #vulnerability has been patched, so you should update to version 2.1.1.
#WordPressThemes
1) CarSpot
— The #vulnerability has been patched, so you should update to version 2.2.1.
2) Houzez – Real Estate
— The #vulnerability has been patched, so you should update to version 1.8.4.
Running outdated extensions is the number one reason WordPress sites are hacked.
It is crucial to the security of your WordPress site that you have an update routine.
You should be logging into your sites at least once a week to perform updates.
