Which plugs WordPress in March had security problems? Below are some popular extensions and a slightly longer list of others. Check if you are using any of them in a version that may cause you problems. If this is the case, I suggest you upgrade immediately.

Updates are important. Often we think that updating a plugin, a theme or WordPress itself is just news that we don't particularly need. We put off the update, because it's better not to touch anything if it's good, so that nothing breaks on the site.

However, the updates are not only news, but also security enhancements. Most successful attacks on websites have to do with errors in the plugins we use. If we don't update them, we should be aware of the possible consequences, so that later we don't have to look for people to blame and throw accusations at someone who once built your site, hosting operators, etc. You have neglected the site. This is an indisputable fact.

Here's a list of plugins that, according to the iThemes report, have had minor or major security issues in recent weeks.

LMS Tutor

Plugin for e-learning websites. One of the most popular on the market. With it you can sell your courses online just like on MeetWPAlthough in this particular case I am using Learn Dash.

Tutor LMS version 1.7.7 is free of the problem. If you are using an earlier version, please update.

WP Super Cache

A very popular cache plugin designed to speed up page loading. It too had a vulnerability in version earlier than 1.7.2. Do you use it? Update.

Paid Membership Pro

Another popular tool this time for running a membership site. With this plugin you can sell access to published content and create different levels of membership.

Version 2.5.6 is free of the problem. If you have an earlier one, be sure to update.

BuddyPress

If you have ever thought about starting your own community based on WordPress, then surely one of the first plugins you came across was this one. Discussion forums, groups and a whole bunch of features focused on running a social network.

The problems have been corrected in version 7.2.1

Elementor

I write a lot about this extension and discuss it in my courses. Elementor, is the most popular page builder for WordPress with nearly 7 million installations. The fact that it is such a popular plugin and dynamically developed is not a guarantee of safety. All it takes is human error, which is not hard to come by, and problems can arise.

Version 3.1.2 is safe, but if you have an earlier version, be sure to run the update.

WP Page Builder

It competes with Elementor and also has a vulnerability patched this month. Update to version 1.2.4 or later.

Other plug-ins

This is not the end of the list. You can mention a few others like:

  • SEO Redirection
  • Flo Forms
  • Social Slider Widget
  • WordPress Related Posts
  • PhastPress
  • WordPress Related Posts
  • WooCommerce Help Scout
  • Controlled Admin Access
  • Advanced Order Export For WooCommerce
  • User Profile Picture
  • Database Backups
  • The Plus Addons for Elementor Page Builder (Premium Version)
  • Super Interactive Maps
  • SuperStoreFinder
  • Five Star Restaurant Menu
  • JH 404 Logger
  • WP File Manager
  • VM Backups
  • Related Posts for WordPress
  • Under Construction
  • Coming Soon & Maintenance Mode
  • Abandoned Cart Lite for WooCommerce
  • Forminator
  • Dokan
  • Defender Security
  • Style Kits
  • WP ERP
  • WP Project Manager
  • WP Travel
  • WP GDPR Compliance

There was also a problem detected with the core WordPress version 5.7. Of course, a correction quickly followed.

Summary

I have decided that once a month I will upload a summary like the one above. Mainly to raise awareness of the importance of updates.

When I see a WordPress site with plugins, themes and main engine last updated six months ago or earlier, I wonder when the owner will feel the consequences of such negligence on his skin. Believe it's serious, unless your project has no value to you, but even if it did, think of the web users. In a situation where your website is broken, the consequences can be felt by others as well. Don't be selfish!

Plug-ins can be updated easily. At WordPress hosting accounts you can manage updates from your hosting panel, you can make an instant backup before the update or run it on a clone, and you can even use a smart update mechanism that will check for you if the update might break something.

Also some plugins for making copies like WPvivid have a mechanism that creates a snapshot of modified extensions before they are updated so that they can be reverted to if problems arise.

You have many options for controlled updates.

Share

See also

Free information on JZS news

I invite you to become a subscriber! Thousands of readers already subscribe to news from JZS.

You can unsubscribe at any time. Your address is safe here.

Featured LifeTime Offers!

Consolto

Aplikacja do spotkań online i obsługi Klienta. Ogrom możliwości i...

pcloud lifetime
pCloud

Cloud drive with lifetime access. Save your files and...

Leave a Reply

Your email address will not be published. Required fields are marked *