View this email in your browser

Podcast Episode #14

Patchstack Weekly: The State Of WordPress Security 2021

Hi Coffigniezâ, it's another week of Patchstack Weekly update. We have been busy for the last few months preparing the State of WordPress Security Whitepaper for 2021. In this update, Robert introduces the key highlights from the whitepaper. ð

Check out the highlights ð

Vulnerability news

WordPress 5.9.2

Vulnerability: Stored Cross-Site Scripting (XSS)
Fixed in version: 5.9.2
Number of sites affected: N/A
CVSS 3.0 score: 5.4 (Medium - Requires contributor or higher role user authentication.)

Ninja Forms File Uploads Extension premium

Vulnerability: Unauthenticated Arbitrary File Upload
Fixed in version: 3.3.1
Number of sites affected: N/A
CVSS 3.0 score: 9.8 (Critical - Can be exploited remotely without any authentication.)

Church Admin

Vulnerability: Unauthenticated Plugin's Backup Disclosure
Fixed in version: 3.4.135
Number of sites affected: 1,000+
CVSS 3.0 score: 7.5 (High - Can be exploited remotely without any authentication.)

If you are using any of the mentioned plugins, you need to update it to the latest version as soon as possible. Websites with Patchstack installed are protected from the security issues mentioned below.

You can find all the vulnerabilities from our vulnerability database.

Always keep your plugins updated. If possible, enable automatic updates. You can enable automatic updates with Patchstack here.

If you are not protecting your WordPress site against plugin vulnerabilities yet go and start for free here.

Are you on Facebook? Join the Patchstack community and be the first to hear about new feature updates, news, and announcements.

Patchstack

Akadeemia 1

Forwardspace

Parnu 80011

Estonia

Add us to your address book

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.