Is Your site secure?
Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable!
1. Live Chat – Live support
Live Chat – Live support versions below 3.2.0 have a Cross-Site Request Forgery vulnerability.
The vulnerability is patched, and you should update to version 3.2.0.
2. Quick Chat
All versions of Quick Chat have an Unauthenticated Stored Cross-Site Scripting vulnerability.
3. Child Theme Creator by Orbisius
Child Theme Creator by Orbisius versions below 1.5.2 have an CSRF to Arbitrary File Modification/Creation vulnerability.
4. Realia
All versions of Realia have an Unauthenticated IDOR leading to Arbitrary Post Deletion vulnerability.
5. Comment Press
Comment Press versions below 2.7.2 have an Unauthenticated Cross-Frame Scripting vulnerability.
6. Super Store Finder for WordPress
Super Store Finder for WordPress versions below 6.2 have an Unauthenticated Arbitrary File Upload vulnerability.
7. Super Interactive Maps for WordPress
Super Interactive Maps for WordPress versions below 2.0 have an Unauthenticated Arbitrary File Upload vulnerability.
8. Super Logos Showcase for WordPress
Super Logos Showcase for WordPress versions below 2.3 have an Unauthenticated Arbitrary File Upload vulnerability.
The vulnerability is patched, and you should update to version 2.3.
9. Simple Download Monitor
Simple Download Monitor versions below 3.8.9 have an Unauthenticated Cross-Site Scripting and a SQL Injection vulnerabilities.
10. Loginizer
Loginizer versions below 1.6.4 have an Unauthenticated SQL Injection vulnerability.
11. Helios Solutions Brand Logo Slider
All versions Helios Solutions Brand Logo Slider have an Authenticated Arbitrary File Upload vulnerability.
12. CM Download Manager
CM Download Manager versions below 2.8.0 have an Authenticated Cross-Site Scripting vulnerability.
13. Advanced Booking Calendar
Advanced Booking Calendar versions below 1.6.2 have an Unauthenticated SQL Injection vulnerability.