文章
文章用户AI 问答文档指南

WordPress 漏洞报告 2024-3-6

上周以来,WordPress生态系统新出现126个漏洞,其中主题漏洞5个,插件漏洞121个。49 个易受攻击的插件和主题仍未修补,但 Solid Security Pro 用户受到 Patchstack 虚拟修补的保护,在这份报告中,公开披露了126个漏洞,其中 77 个插件和主题的安全补丁现已推出,因此请尽快运行这些更新。如果您是 Solid Security Pro 用户,版本管理工具可能已经警告您并更新了这些插件,具体取决于您的设置。

此外,还有 49 个插件和主题漏洞尚未提供补丁。如果您是 Solid Security Pro 用户,这些漏洞已受到Solid Security 防火墙的保护。当漏洞被认为是高风险或中风险时,将应用来自 Patchstack 的虚拟补丁。如果供应商没有发布补丁,或者易受攻击的软件已被标记为“已关闭”并从官方 WordPress 存储库中删除,您应该尽快停用它并寻找替代解决方案。

除了用户帐户安全性差之外,易受攻击的插件和主题也是WordPress 网站遭到黑客攻击的原因之一,不幸的是,网络攻击的数量和复杂性正在增加,它们也越来越多地针对中小型企业。

 

WordPress 核心

WordPress 6.4.3于 2024 年 1 月 30 日发布,作为一个短周期维护和安全版本,修复了 5 个核心错误和 16 个块编辑器错误修复。

建议您立即更新您的网站

下一个主要版本将是WordPress 6.5,计划于 2024 年 3 月 26 日发布。

详情请查阅 WordPress 官网:https://wordpress.org/news/2024/01/wordpress-6-4-3-maintenance-and-security-release/

 

以下是 WordPress 插件的列表:

  1. Adsmonetizer
  2. AI Engine
  3. Advanced iFrame
  4. ArtiBot
  5. AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth
  6. Backup
  7. Beaver Builder – WordPress Page Builder
  8. BeePress
  9. Blue Triad EZAnalytics
  10. Build & Control Block Patterns
  11. Calculated Fields Form
  12. Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back
  13. CodeMirror Blocks
  14. Complianz – GDPR/CCPA Cookie Consent
  15. Configure SMTP
  16. Contact Form 7 – PayPal & Stripe Add-on
  17. Conversios.io
  18. Custom Field Suite
  19. Custom fields shortcode
  20. Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan
  21. Download Manager
  22. Duitku Payment Gateway
  23. Easy PayPal & Stripe Buy Now Button
  24. Easy!Appointments
  25. Ebook Store
  26. Elementor Pro
  27. Envo’s Elementor Templates & Widgets for WooCommerce
  28. Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates
  29. Events Manager – Calendar, Bookings, Tickets, and more!
  30. Exclusive Addons for Elementor
  31. FeedWordPress
  32. Finale Lite – Sales Countdown Timer & Discount for WooCommerce
  33. Fontific | Google Fonts
  34. Friends
  35. GenerateBlocks
  36. Gestpay for WooCommerce
  37. Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers
  38. Happy Addons for Elementor
  39. IDonate – blood request management system
  40. Image Optimizer, Resizer and CDN – Sirv
  41. JM Twitter Cards
  42. JobSearch
  43. LifterLMS – WordPress LMS Plugin for eLearning
  44. LiteSpeed Cache
  45. MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance
  46. Marketing Optimizer
  47. Master Slider
  48. Media Alt Renamer
  49. NextMove Lite – Thank You Page for WooCommerce
  50. Nextend Social Login and Register
  51. NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor
  52. Oliver POS – A WooCommerce Point of Sale (POS)
  53. Orbit Fox by ThemeIsle
  54. Page Builder Sandwich – Front-End Page Builder
  55. Page Duplicator
  56. Page Restrict
  57. Page Restriction WordPress (WP) – Protect WP Pages/Post
  58. Password Protected Store for WooCommerce
  59. PayU India
  60. Plugin for Elementor – Header, Footer & Blocks
  61. Post SMTP Mailer/Email Log
  62. Premium Addons for Elementor
  63. Rolo Slider
  64. Restrict User Access – Ultimate Membership & Content Protection
  65. Seraphinite Accelerator
  66. Simple Tweet
  67. SiteOrigin Widgets Bundle
  68. Slivery Extender
  69. Slider Responsive Slideshow – Image slider, Gallery slideshow
  70. Smart Forms – when you need more than just a contact form
  71. SMS Alert Order Notifications – WooCommerce
  72. SoundCloud Shortcode
  73. Spiffy Calendar
  74. SportsPress – Sports Club & League Manager
  75. Thank You Page Customizer for WooCommerce – Increase Your Sales
  76. Under Construction / Maintenance Mode from Acurax
  77. Ultimate Bootstrap Elements for Elementor
  78. User Shortcodes Plus
  79. Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages
  80. Vimeography: Vimeo Video Gallery WordPress Plugin
  81. Watermark RELOADED
  82. WP Dashboard Notes
  83. WP eCommerce
  84. WP Show Posts
  85. WP Shortcodes Plugin — Shortcodes Ultimate
  86. WP Social Widget
  87. WPvivid Backup for MainWP
  88. Wp Social Login and Register Social Counter
  89. WP Access Control
  90. WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce
  91. WP Private Content Plus
  92. WP Restrict
  93. WP Social Login
  94. WP Universal Post Manager
  95. WP User Role Editor
  96. WP User Groups
  97. WP User Groups
  98. WP User Role Editor
  99. WP User Role Editor
  100. WP User Role Editor
  101. WP User Role Editor
  102. WPvivid Backup for MainWP

以下是 WordPress 主题的列表:

1. Atahualpa
2. Avada
3. Yuki

我们的 WordPress 漏洞报告涵盖了最新出现的 WordPress 插件、主题和核心漏洞。 每个漏洞的严重程度分为低、中、高或严重。 负责任地披露漏洞对于保证 WordPress 社区的安全至关重要。 请分享此报告,以帮助传播信息并使 WordPress 和网络更加安全。

利好 利空
个人中心
今日签到
有新私信 私信列表
搜索
客服

  • 扫码打开当前页

返回顶部