WordPress Plugin XSS Vulnerability

Issue: A serious XSS security vulnerability was discovered and disclosed this morning that affects hundreds of WordPress plugins, which in turn affects millions of websites.
Status: Anyone who manages or maintains a WordPress site is strongly urged to update ALL plugins immediately.

Who is impacted?

People running WordPress websites with the following plugins:

  • Jetpack
  • WordPress SEO
  • Google Analytics by Yoast
  • All In one SEO
  • Gravity Forms
  • Multiple Plugins from Easy Digital Downloads
  • UpdraftPlus
  • WP-E-Commerce
  • WPTouch
  • Download Monitor
  • Related Posts for WordPress
  • My Calendar
  • P3 Profiler
  • Give
  • Multiple iThemes products including Builder and Exchange
  • Broken-Link-Checker
  • Ninja Forms

At this time, patches/updates should be released for all the above plugins. If you are running any of these plugins, please update it immediately.

Was this article helpful? Let us know!