Every few weeks, iThemes publishes their “WordPress Vulnerability Report” that lists any issues with plugins or themes for WordPress or even the core product.
WordPress 6.1.1 was released on November 15, 2022, as a short-cycle maintenance release with 29 bug fixes in Core and 21 bug fixes for the block editor.
Because this is a core update, be sure to update to WordPress 6.1.1 as soon as possible!
As always, with a major release like this, it makes sense to ensure your site is backed up before updating.
No new WordPress core vulnerabilities were disclosed this week.
In this section, the latest WordPress plugin vulnerabilities have been disclosed. Each plugin listing includes the type of vulnerability, the active installations, the version number if patched, the severity rating, and the CVE.
iThemes
Contents of the December 7, 2022 Report
Plugins of note:
- Autoptimize
- Easy WP SMTP
- Custom Product Tabs for WooCommerce
- Booster for WooCommerce
- Stop Spammers Security
- Quiz and Survey Master
- Sliderby10Web
- Appointment Hour Booking
- WP Google Review Slider
- Google Apps Login
- Welcart e-Commerce
- GD bbPress Attachments
- Simple Basic Contact Form
- WP-Ban
- All-in-One Addons for Elementor – WidgetKit
I always recommend backing up your WordPress website before you make any updates to plugins or themes. I use UpdraftPlus and so should you!