skip to Main Content

WP Plugins and Themes Widespread Security Vulnerability (self-hosted WordPress) users – there is an XSS vulnerability affecting multiple WordPress plugins and themes. The vulnerability is caused by a common code pattern used in WordPress plugins and themes.

As of 4/26/15, this is the list of affected plugins:

WordPress SEO
Google Analytics by Yoast
All In one SEO
Gravity Forms
Multiple Plugins from Easy Digital Downloads
Download Monitor
Related Posts for WordPress
My Calendar
P3 Profiler
Multiple iThemes products including Builder and Exchange
Ninja Forms

WordPress updates are a must!
The best way to combat this is to make sure your WordPress, themes, and plugins are kept up-to-date at all times. Check for updates and apply those available as soon as possible.

Back To Top