Plugins and themes to update now – sos-wp.it

[shaownhasan]

This means that this is a vulnerability that can only architect data affect those WordPress sites that have an active procedure for signing up for a service or a specific section of the website. Updated versions of both plugins have been released in the meantime . If you use Ninja Forms you must have version 3.8.14 while the Fluent Forms plugin must be updated to at least version 5.2.0.

dangers for these wordpress themes and plugins
Problems with these WordPress themes
As we mentioned in the introduction, in addition to the two plugins that have been found to have problems, there are two themes that could also pose a threat to your website. These are the Betheme theme and the Enfold theme . The first one has been sold just over 306 thousand times while the second theme has been sold about 260 thousand times.

So we are at over 500 thousand potential websites in trouble . The Betheme theme contains a PHP Object Injection vulnerability while the Enfold theme has been found to be affected by a Stored Cross-Site Scripting vulnerability . The Betheme theme vulnerability would allow a malicious user with contributor-level access credentials to insert a PHP object.

In case of POP chain, the problem could become the possibility of deleting files, executing strings of code or collecting sensitive data . The theme has been updated so you need to make sure you have the latest version.

As for the Enfold theme, there is no update for now , so you need to be even more cautious and careful if you notice strange behavior around your WordPress site. The Enfold theme vulnerability is a Stored Cross-Site Scripting vulnerability and can allow malicious users with contributor-level credentials to insert web scripts into pages and therefore turn a harmless site into a trap for end users who might use it.