2. Information
  3. Security Alert
  4. Many plug-in in WordPress has vulnerabilities


Security Alert

Many plug-in in WordPress has vulnerabilities

publication date : Apr.23, 2015

Sucuri Inc. pointed out that many plug-in in WordPress has vulnerabilities.


Sucuri Inc. confirmed the vulnerabilities in the following plug-in at the moment.

  • Jetpack
  • WordPress SEO
  • Google Analytics by Yoast
  • All In one SEO
  • Gravity Forms
  • Multiple Plugins from Easy Digital Downloads
  • UpdraftPlus
  • WP-E-Commerce
  • WPTouch
  • Download Monitor
  • Related Posts for WordPress
  • My Calendar
  • P3 Profiler
  • Give
  • Multiple iThemes products including Builder and Exchange
  • Broken-Link-Checker
  • Ninja Forms

This issue will be solved by updating the relevant product to the version provided by the developer.

■Related documents (references)

Many WordPress plug-in such as WPTouch has vulnerabilities

Sucuri Inc
Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

Inquiry Information Security Management Office , Kyoto University
Inquiry Form

Back to Security Alert


Copyright © Institute for Information Management and Communication, Kyoto University, all rights reserved.