update multiple wordpress plugins
Hanno Böck

Hanno Böck commited on 2019-12-09 09:31:32
Zeige 1 geänderte Dateien mit 13 Einfügungen und 12 Löschungen.

... ...
@@ -59,9 +59,9 @@ subdir=3
59 59
 
60 60
 [WP Super Cache]
61 61
 url=https://wordpress.org/plugins/wp-super-cache/
62
-safe=1.4.9
63
-latest=1.4.9
64
-vuln=https://wptavern.com/wp-super-cache-1-4-9-patches-multiple-xss-vulnerabilities
62
+safe=1.6.9
63
+latest=1.7.0
64
+vuln=https://odd.blog/2019/07/25/wp-super-cache-1-6-9-security-update/
65 65
 file=wp-cache.php
66 66
 variable=Version:
67 67
 extra_match=Plugin Name: WP Super Cache
... ...
@@ -69,8 +69,8 @@ subdir=0
69 69
 
70 70
 [W3 Total Cache]
71 71
 url=https://wordpress.org/plugins/w3-total-cache/
72
-safe=0.9.5
73
-vuln=https://secupress.me/w3-total-cache-vulnerable-xss-high-risk/
72
+safe=0.9.7.4
73
+vuln=https://www.cybersecurity-help.cz/vdb/SB2019050701
74 74
 file=w3-total-cache.php
75 75
 variable=Version:
76 76
 extra_match=Plugin Name: W3 Total Cache
... ...
@@ -111,16 +111,17 @@ subdir=0
111 111
 
112 112
 [Wordpress-SliderRevolution]
113 113
 url=https://revolution.themepunch.com/
114
-safe=4.2.0
115
-vuln=http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
114
+# unclear about exact version
115
+safe=4.2.3
116
+vuln=CVE-2015-5151
116 117
 file=revslider.php
117 118
 variable=$revSliderVersion
118 119
 subdir=0
119 120
 
120 121
 [Wordpress-NextGEN]
121 122
 url=https://wordpress.org/plugins/nextgen-gallery/
122
-safe=2.1.79
123
-vuln=https://blog.sucuri.net/2017/02/sql-injection-vulnerability-nextgen-gallery-wordpress.html
123
+safe=3.2.11
124
+vuln=2019-14314
124 125
 file=nggallery.php
125 126
 variable=NGG_PLUGIN_VERSION
126 127
 subdir=0
... ...
@@ -128,15 +129,15 @@ subdir=0
128 129
 [Wordpress-Akismet]
129 130
 url=https://wordpress.org/plugins/akismet/
130 131
 safe=3.1.5
131
-vuln=https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html
132
+vuln=CVE-2015-9357
132 133
 file=akismet.php
133 134
 variable=AKISMET_VERSION
134 135
 subdir=0
135 136
 
136 137
 [Wordpress-AllInOneSEO]
137 138
 url=https://semperplugins.com/all-in-one-seo-pack-changelog/
138
-safe=2.3.8
139
-vuln=https://www.wordfence.com/blog/2016/07/new-xss-vulnerability-all-in-one-seo-pack/
139
+safe=3.2.7
140
+vuln=CVE-2019-16520
140 141
 file=all_in_one_seo_pack.php
141 142
 variable=define( 'AIOSEOP_VERSION'
142 143
 subdir=0
143 144