Many plug-in in WordPress has vulnerabilities | Institute for Information Management and Communication, Kyoto University

Many plug-in in WordPress has vulnerabilities

publication date :Apr. 23, 2015

■Outline
Sucuri Inc. pointed out that many plug-in in WordPress has vulnerabilities.

■Candidate

Sucuri Inc. confirmed the vulnerabilities in the following plug-in at the moment.

Jetpack
WordPress SEO
Google Analytics by Yoast
All In one SEO
Gravity Forms
Multiple Plugins from Easy Digital Downloads
UpdraftPlus
WP-E-Commerce
WPTouch
Download Monitor
Related Posts for WordPress
My Calendar
P3 Profiler
Give
Multiple iThemes products including Builder and Exchange
Broken-Link-Checker
Ninja Forms

■Measure
This issue will be solved by updating the relevant product to the version provided by the developer.

■Related documents (references)

SecurityNEXT
Many WordPress plug-in such as WPTouch has vulnerabilities

Sucuri Inc
Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

Inquiry

Information Security Management Office , Kyoto University
TEL：075-753-7490（7490）
E-mail：i-s-office

iimc.kyoto-u.ac.jp
Inquiry Form

Inquiry Shortcut

Portal
Common Portal for All Students Portal Site for Faculty & Staff
Mail
KUMOI - Email for Students KUMail - Email for Faculty & Staff
Education/Learning
PandA - Learning Support Service
Storage
KUMail Storage